A carregar...
Publicação
Automação da análise forense para casos suspeitos de abuso de acesso a informação sensível/crítica
| Nome: | Descrição: | Tamanho: | Formato: | |
|---|---|---|---|---|
| 4.32 MB | Adobe PDF |
Orientador(es)
Resumo(s)
An illicit access to clients’ private information represents a significant risk for organizations,
affecting both their reputation and the security of their clients. This problem is increasingly relevant in today’s world, given the growing concerns about data security. With the implementation of
the General Data Protection Regulation (GDPR), data protection and access control have become
more critical for large and relevant entities such as Altice Portugal (MEO), to which many clients
entrust their personal data and other private information (such as mobile and fixed phone calls,
SMSs, and geolocations). Clients expect this data to be accessed only by authorized personnel
and when strictly necessary.
When the client suspects it has not happened, a request for clarification is generated for the
Data Protection Officer (DPO). In these cases, a forensic analysis must be conducted to verify the
request’s validity. This analysis should be performed as quickly as possible to ensure effective
action against such incidents when the truthfulness of the request is confirmed.
This project describes a solution developed to automate forensic analysis, reducing the time
required and improving the process. Widely recognized technologies are used for this purpose,
such as Blue Prism, a robotic process automation tool. Additionally, various scripts have been
developed to automate different components of the process, such as conducting optimized searches
in Elasticsearch, a data warehousing technology, correlating these data with various organizational
sources, and using ticketing tools to minimize human involvement in these analyses.
Descrição
Trabalho de projeto de mestrado, Engenharia Informática , 2024, Universidade de Lisboa, Faculdade de Ciências
Palavras-chave
Automação Regulamento Geral sobre a Proteção de Dados ( RGPD) Informação Crítica Segurança Análise Forense Trabalhos de projeto de mestrado - 2024