Portal de Programas de Pós-Graduação (UnB)

SIGAA - Sistema Integrado de Gestão de Atividades Acadêmicas

PPEE PROGRAMA DE PÓS-GRADUAÇÃO PROFISSIONAL EM ENGENHARIA ELÉTRICA DEPTO ENGENHARIA ELETRICA Phone: Not available E-mail: Not available https://www.unb.br/pos-graduacao

Banca de DEFESA: Márcio Aurélio de Souza Fernandes

Uma banca de DEFESA de MESTRADO foi cadastrada pelo programa.
STUDENT : Márcio Aurélio de Souza Fernandes
DATE: 19/09/2022
TIME: 17:30
LOCAL: Teams
TITLE:

REPOSITÓRIO SEGURO E O IMPACTO GERADO PELA LEI GERAL DE PROTEÇÃO DE DADOS PESSOAIS (LGPD)

KEY WORDS:

Proteção de Dados, Segurança da Informação, Privacidade de Dados, Repositório Seguro, LGPD, Conformidade.

PAGES: 114
BIG AREA: Engenharias
AREA: Engenharia Elétrica
SUMMARY:

Several studies have researched how to adapt the General Data Protection Law (GDPL) according to the privacy of the user’s data. Facing this compliance scenario, this study aims to conduct an analysis of the principles of the LGPD and investigate the knowledge level of information and communications technology (ICT) professionals working directly and indirectly with this law. In addition, investigate whether Archivematica secure storage service is in accordance with the GDPL guidelines. To achieve this essay’s purposes, three execution stages were established as follows: 1) an analysis of data privacy laws; 2) conducting a survey with 43 ICT professionals working in public and private organizations; and 3) a technical analysis of Archivematica through practical, static, and dynamic tests with the help of open-source solutions to perform a vulnerability scan. The results show that even after the GDPL enters into force, 10% of those ICT professionals do not know the principles of the law. Regarding the storage service, 45% of the ICT professionals stated they have no knowledge on how their organizations store user data or share them and 25% of the ICT professionals claimed they are aware that their data can be shared by the organizations. The analysis performed by Archivematica evidenced issues that may indicate vulnerabilities. Majority of the issues identified by the tool were classified as low and medium risks and could result in opportunities for attackers, although they would need a series of variants to succeed. The results also showed that the ICT professionals responsible for the adequacy/compliance of the organizations need further training courses to conduct activities related to data privacy and information security, and that the Archivematica secure storage service, whilst meets with the defined requirements by the legislating body to be considered safe, does not comply with the GDPL guidelines related to data security and privacy. Therefore, it is necessary to highlight two points: the first is the organizational restructuring, which aims to improve the integration between areas and departments, and the second is the transparency, as GLPD emphasizes that rules need to be explicit to users, including access and permissions.

BANKING MEMBERS:
Externo à Instituição - ALTAIR OLIVO SANTIN
Presidente - 1780217 - EDNA DIAS CANEDO
Interno - 2201912 - RAFAEL TIMOTEO DE SOUSA JUNIOR

Notícia cadastrada em: 05/09/2022 11:05