Revisão e implementação de políticas de segurança centradas no utilizador

Amaro, Francisco Antunes Alberto

http://hdl.handle.net/10400.5/96019

Use this identifier to reference this record.

Name:	Description:	Size:	Format:
TM_Francisco_Amaro.pdf		4.3 MB	Adobe PDF	Download

Send Feedback

Authors

Amaro, Francisco Antunes Alberto

Advisor(s)

Miranda, Hugo Alexandre Tavares

Abstract(s)

Users (and the procedures they often adopt) are one of the most relevant attack vectors in an organization with a large number of employees where the levels of connection and responsibility towards the organization are low. The definition and implementation of user-centered security policies that allow the effective and efficient detection and mitigation of actions that could compromise the security of the entire IT infrastructure is particularly relevant in institutions with these characteristics. To support them, a set of recommendations and legal norms have been issued by different entities to assist in the definition of policies and provide legal support. Once the policies are defined, it is important to ensure their effective application through the development of mechanisms that, whenever possible, automate their verification. Equally important is that the definition of policies should be accompanied by communication strategies for their dissemination, involving users in the establishment of a more reliable and secure environment. In the scope of this project, various tasks focused on users were carried out with the aim of strengthening the IT security of the institution. This included reviewing the existing security policies and mechanisms related to users in CIENCIAS ULisboa, as well as developing systems for the ˆ detection and response to violations of these policies. Additionally, the user account management process was simplified through the development of new mechanisms for user account creation and credential recovery.