Uma metodologia para aplicação de medidas de segurança em infraestrutura de redes à luz da Lei Geral de Proteção de Dados

Detalhes bibliográficos
Ano de defesa: 2021
Autor(a) principal: SILVA, Luis Fellipe Castro lattes
Orientador(a): VALE, Samyr Beliche lattes
Banca de defesa: VALE, Samyr Beliche lattes, TEIXEIRA, Mário Antonio Meireles lattes, MOURA, Raimundo Santos lattes
Tipo de documento: Dissertação
Tipo de acesso: Acesso aberto
Idioma: por
Instituição de defesa: Universidade Federal do Maranhão
Programa de Pós-Graduação: PROGRAMA DE PÓS-GRADUAÇÃO EM CIÊNCIA DA COMPUTAÇÃO/CCET
Departamento: DEPARTAMENTO DE INFORMÁTICA/CCET
País: Brasil
Palavras-chave em Português:
metodologia;
segurança;
redes de computadores;
LGPD;
GDPR
Palavras-chave em Inglês:
methodology;
security;
computer networks;
LGPD;
GDPR
Área do conhecimento CNPq:
Computabilidade e Modelos de Computação
Link de acesso: https://tedebc.ufma.br/jspui/handle/tede/4443
Resumo: The General Law for the Protection of Personal Data - LGPD (Law No. 13.709/2018), fully in force since August 2021, deals with the management of the personal data of third parties, carried out by individuals, companies and institutions. Such legal provision requires that this data be protected by all necessary technical means, imposing sanctions on the manager in case of non-compliance, such as: fines and stoppage of activities. However, without defining which means should be applied and due to the scarcity of technical references that associate with the protection requirements defined in that law, this work proposes a methodology, at the level of data protection that travels on computer networks, that provides a basis for the design and configuration of secure infrastructures, as well as for the application of a security policy that protects the data that circulates on the network. With the use of the methodology, it was possible to observe advantages in the use of widely used tools, a modeling guide for architectures and rule models that cover the most common situations, generating an extra layer of protection for the data that travels on the network. In addition, in its final phase, a report is obtained to acknowledge the state of the network, an important feature that can be used as proof that the security features have been applied.

Registros relacionados