351 |
Privacidade e prote??o de dados pessoais na sociedade da informa??o : profiling e risco de discrimina??oMachado, Fernando Inglez de Souza 28 February 2018 (has links)
Submitted by PPG Direito (ppgdir@pucrs.br) on 2018-04-19T13:11:55Z
No. of bitstreams: 1
FERNANDO_ INGLEZ_DE_ SOUZA_ MACHADO_DIS.pdf: 1618591 bytes, checksum: 0d335e9f36d6f5985dc6c8b50f83f0ec (MD5) / Approved for entry into archive by Caroline Xavier (caroline.xavier@pucrs.br) on 2018-05-08T14:27:57Z (GMT) No. of bitstreams: 1
FERNANDO_ INGLEZ_DE_ SOUZA_ MACHADO_DIS.pdf: 1618591 bytes, checksum: 0d335e9f36d6f5985dc6c8b50f83f0ec (MD5) / Made available in DSpace on 2018-05-08T14:31:40Z (GMT). No. of bitstreams: 1
FERNANDO_ INGLEZ_DE_ SOUZA_ MACHADO_DIS.pdf: 1618591 bytes, checksum: 0d335e9f36d6f5985dc6c8b50f83f0ec (MD5)
Previous issue date: 2018-02-28 / Conselho Nacional de Pesquisa e Desenvolvimento Cient?fico e Tecnol?gico - CNPq / The present paper seeks to face the thematic of the right to personal data protection on the scope of the Brazilian legal system, emphasizing on the profiling figure. The paper starts on the construction of the right to privacy and its mutations in face of technological advances, especially on the information and communication technologies. With that it faces from the firsts formulations of the right to privacy, as a right to be let alone, until it?s most recent formulations, as a right of each individual to control its own private information. After that, it analyses the north-american personal data protection system, housed on the figure of right to privacy, as well as the European personal data protection system, based on laws of European Union level. This analysis suits so that both systems can be used as reference for the study of the thematic on the Brazilian legal system, observed the due alterations to fit this legal system. In the end, the present paper faces the thematic of personal data protection on the Brazilian legal system, focusing on the profiling, with consists in a personal data treatment tool that figures between the ones that offers the hirer risk. Recognizing the fundamental character of the right to personal data protection, including in the Brazilian juridical system, the paper demonstrates the importance of the observation of personal data protection principles ? as the transparency, the purpose and the consent ? on the utilization of profiling mechanisms. Only this way it?s possible to conform the treatment of personal data with the rights of the data subject. / O presente trabalho busca enfrentar a tem?tica do direito ? prote??o de dados pessoais no ?mbito do ordenamento jur?dico brasileiro, enfocando a figura do profiling. O trabalho inicia na constru??o do direito ? privacidade e nas suas muta??es em raz?o dos incrementos tecnol?gicos, notadamente no que toca ?s tecnologias da informa??o e da comunica??o. Com isso, ele enfrenta desde as primeiras formula??es do direito ? privacidade, enquanto um direito a ser deixado s?, at? suas formula??es mais recentes, enquanto um direito de cada indiv?duo controlar suas pr?prias informa??es privadas. Depois, ele analisa o sistema norte-americano de prote??o de dados pessoais, albergado pela figura do right to privacy, bem como o sistema europeu de prote??o de dados pessoais a partir das normativas em n?vel de Uni?o Europeia. Tal an?lise serve para que ambos os sistemas sirvam de amparo para o estudo do tema no ordenamento jur?dico brasileiro, observadas as devidas adequa??es para este sistema jur?dico. Por fim, o presente trabalho enfrenta a tem?tica da prote??o de dados pessoais no ordenamento jur?dico brasileiro sob o prisma do profiling, o qual consiste em uma ferramenta de tratamento de dados pessoais que figura entre as que ostentam o maior potencial lesivo. Reconhecendo o car?ter fundamental do direito ? prote??o de dados pessoais, inclusive no sistema jur?dico brasileiro, o trabalho evidencia a import?ncia da observ?ncia dos princ?pios da prote??o de dados pessoais ? como o da transpar?ncia, o da finalidade e o do consentimento ? na utiliza??o de mecanismos de profiling. Somente assim ? poss?vel conciliar o tratamento de dados pessoais com o respeito aos direitos do titular dos dados.
|
352 |
Segurança da informação: uma abordagem sobre proteção da privacidade em internet das coisasMachado Junior, Dorival Moreira 18 June 2018 (has links)
Submitted by Filipe dos Santos (fsantos@pucsp.br) on 2018-08-22T12:14:10Z
No. of bitstreams: 1
Dorival Moreira Machado Junior.pdf: 9885723 bytes, checksum: ec4db9d9ab0bfb009be6157700e49790 (MD5) / Made available in DSpace on 2018-08-22T12:14:10Z (GMT). No. of bitstreams: 1
Dorival Moreira Machado Junior.pdf: 9885723 bytes, checksum: ec4db9d9ab0bfb009be6157700e49790 (MD5)
Previous issue date: 2018-06-18 / The concept of Internet of Things (IoT) refers to a network of objects capable
of generating, collecting, and exchanging data between them. This interconnection
of intelligent objects tends to provide improvements in the well-being of people so
that the more “things” acquiring or generating data, the better may be the result
propitiated by IoT. On the other side, privacy is best guarded in the face of the
minimum supply of data or personal information. They are contrary paths that
characterize a paradox. With this, studies are needed that point out possibilities
that favor the growth of IoT and at the same time do not let privacy be totally succumbed
to technological evolution. The user permeates both factors, being situated
in the center. This paradox as well as the lack of documentation and standardization
in terms of privacy protection in IoT becomes the research problem. The hypothesis
suggests the need for a standard that allows such protection. The scope of standardization
of the Internet is very extensive, it is necessary to determine the limits
of performance of this thesis. For this, the mapping of the mechanism by which the
rules and standards of the Internet are established, as well as defining a standard
scenario of IoT applicable in any environment in which it is inserted. Once these parameters
were established, it was possible to continue through a critical exploratory
analysis of the context that is considered emerging mainly by the lack of documentation
regarding the protection of privacy in IoT. As a result, a directing to privacy
protection in IoT was systematized. This has as characteristics: to be applicable
specifically to the IoT environment; Have as basic principles consider all user data
as private as well as adopt a restrictive policy. It is also characterized by a step of
human validation, in which it is required that the user allows the sharing of their
data, as well as establish the trust to the device to link, that is, the destination of
the data. In this way, the user is instigated to have science of their data in question
beyond the destination of these. At the end, the conclusion is made by analyzing
the security objectives of other models justifying the contrary or favorable opinion
for application in IoT / O conceito de Internet of Things (IoT) refere-se a uma rede de objetos com
capacidade para gerar, coletar e trocar dados entre si. Esta interconexão de objetos
inteligentes tende a proporcionar melhorias no bem-estar das pessoas de modo que
quanto mais “coisas” adquirindo ou gerando dados, melhor pode ser o resultado
propiciado pela IoT. Por outro lado, tem-se que a privacidade é melhor resguardada
diante do fornecimento mínimo de dados ou informações pessoais. São caminhos
contrários que caracterizam um paradoxo. Com isto, são necessários estudos que
apontem possibilidades que favoreçam o crescimento da IoT e ao mesmo tempo não
deixe que a privacidade seja totalmente sucumbida à evolução tecnológica. O usuário
permeia ambos os fatores, ficando situado ao centro. Este paradoxo bem como
a falta de documentação e padronização em termos de proteção da privacidade na
IoT torna-se o problema de pesquisa. A hipótese sugere a necessidade de um padrão
que possibilite tal proteção. A abrangência de padronização da Internet é muito
extensa, fazendo-se necessário determinar os limites de atuação desta tese. Para
isto, fez-se o mapeamento do mecanismo pelo qual as regras e padrões da Internet
são estabelecidos, bem como definindo um cenário padrão de IoT aplicável em qualquer
ambiente em que for inserido. Uma vez estabelecidos estes parâmetros, pôde-se
prosseguir através de uma análise exploratória crítica ao contexto que é considerado
emergente principalmente pela falta de documentação no que diz respeito à proteção
da privacidade na IoT. Como resultado foi sistematizado um direcionamento
para proteção da privacidade na IoT por meio de um paradigma. Este tem como
características: ser aplicável especificamente ao ambiente de IoT; ter como princípios
considerar todos os dados de usuário como privados, bem como adotar uma
política restritiva. Caracteriza-se também por uma etapa de validação humana, na
qual é requerido que o usuário permita o compartilhamento de seus dados, bem
como estabeleça a confiança no dispositivo vinculado, isto é, o destino dos dados.
Deste modo, o usuário é instigado a ter ciência de seus dados em uso bem como o
destino destes. Ao final, faz-se a conclusão analisando os objetivos de segurança de
outros modelos justificando o parecer contrário ou favorável para aplicação na IoT
|
353 |
Protection of Personal Data in Blockchain Technology : An investigation on the compatibility of the General Data Protection Regulation and the public blockchain / Personuppgiftsskyddet i Blockkedjeteknik : En utredning om förenligheten av dataskyddsförordningen och den publika blockkedjanWallace, Amelia January 2019 (has links)
On 25 May 2018 the General Data Protection Regulation, GDPR, came into force in the EU. The regulation strengthened the rights of the data subjects’ in relation to the data controllers and processors and gave them more control over their personal data. The recitals of the GDPR state that it was the rapid development in technology and globalisation that brought new challenges for the protection of personal data. Private companies and public authorities where making use of personal data on an unprecedented scale in order to pursue their own activities. The protection should be technologically neutral and not dependant on the technique used. This leads to questions on whether the protection that is offered through the GDPR is de facto applicable on all technologies. One particular technology which has caught interest of both private companies and public authorities is the blockchain. The public distributed blockchain is completely decentralized, meaning it is the users who decide the rules and its content. There are no intermediaries in power and the transactions of value or other information is sent peer to peer. By using asymmetric cryptography and advanced hash algorithms the transactions sent in the blockchain are secured. Whilst the interest and use of blockchain is increasing and the GDPR attempting to be applicable on all techniques, the characteristics of the public blockchain must be analysed under the terms of the GDPR. The thesis examines whether natural persons can be identified in a public blockchain, who is considered data controller and data processor of a public blockchain and whether the principles of the GDPR can be applied in such a decentralised and publicly distributed technology. / Den 25 maj 2018 tradde den nya dataskyddsforordningen, GDPR, i kraft i EU vilken slog hardare mot personuppgiftsansvariga och personuppgiftsbitraden an vad det tidigare dataskyddsdirektivet gjort. Med reformen ville EU starka personuppgiftsskyddet genom att ge de registrerade mer kontroll over sina personuppgifter. I skalen till forordningen anges att det var den snabba tekniska utvecklingen och globaliseringen som skapat nya utmaningar for skyddet da privata foretag och offentliga myndigheter anvander personuppgifter i en helt ny omfattning idag. Skyddet bor saledes vara teknikneutralt och inte beroende av den teknik som anvands. Detta oppnar upp for fragor om huruvida skyddet som GDPR erbjuder faktiskt ar applicerbart pa samtliga tekniker. En sarskild teknologi som fangat intresse hos saval privatpersoner som foretag och offentliga myndigheter ar blockkedjan. Den oppet distribuerade blockkedjetekniken ar helt decentraliserad, vilket innebar att det ar dess anvandare som styr och bestammer over innehallet. Nagra mellanman finns inte, utan vardetransaktioner och andra overforingar av information sands direkt mellan anvandare. Genom asymmetrisk kryptografi och avancerade hash algoritmer sakras de overforingar som sker via blockkedjan. Nagot som uppmarksammats under den okande anvandningen och intresset for blockkedjan samt ikrafttradandet av GDPR ar hur personuppgifter bor hanteras i en sadan decentraliserad teknologi, dar inga mellanman kan bara ansvaret for eventuell personuppgiftsbehandling. Flera av den publika blockkedjeteknikens egenskaper bor problematiseras, framfor allt dess oppenhet och tillganglighet for varje person i varlden, samt dess forbud mot rattelse och radering av inlagda data. Denna uppsats behandlar fragorna huruvida fysiska personer kan identifieras i en publik blockkedja, vem som kan anses vara personuppgiftsansvarig och personuppgiftsbitrade i en publik blockkedja, samt om de principer och krav som uppstalls i GDPR kan efterlevas i en sadan decentraliserad och oppet distribuerad teknologi.
|
354 |
Protecting externally supplied software in small computersKent, Stephen Thomas January 1981 (has links)
Thesis (Ph.D.)--Massachusetts Institute of Technology, Dept. of Electrical Engineering and Computer Science, 1981. / MICROFICHE COPY AVAILABLE IN ARCHIVES AND ENGINEERING. / Bibliography: leaves 250-252. / by Stephen Thomas Kent. / Ph.D.
|
355 |
La vie privée en droit du travail. / Privacy in labour lawMorgenroth, Thomas 05 December 2016 (has links)
La vie privée est en elle-même, en raison de sa relativité, une notion difficile à saisir. Le droit l’appréhende de différentes façons, tant dans des rapports verticaux, entre puissance publique et citoyens, qu’horizontaux, entre particuliers. De plus, le droit au respect de la vie privée comporte une ambivalence, en ce qu’il confère à l’individu à la fois une liberté de choix et un droit de contrôle. On comprend alors que le droit du travail puisse être mal à l’aise avec cette notion. En effet, la relation de travail présente laspécificité d’introduire un lien de subordination dans un rapport entre personnesprivées. Or, beaucoup de ses dispositions contribuent à protéger la vie privée du salarié. Une gêne se ressent néanmoins à mobiliser le droit au respect de la vie privée, dans sa conception civiliste, centrée sur le secret de la vie privée. De façon paradoxale, la protection du secret de la vie privée du salarié est rarement utilisée en droit du travail. A l’inverse, le droit au respect de la vie privée trouve à s’appliquer en matière de liberté de la vie privée du salarié. Cette dernière tend d’abord à assurer la protection du salarié dans sa vie privée. Cependant, cette liberté s’exprime également dans la vie professionnelle et apparaît alors comme un instrument indispensable de la protection de la personne au travail. Ainsi, le droit au respect de la vie privée du salarié tendinévitablement à élargir son champ à la protection de la liberté de la vie privée. / Because of its relativity, the concept of privacy is a difficult notion to define. French legislation defines it in different ways both between public institutions and citizens as well as among individuals. Moreover, the right to privacy presents an ambivalence as it gives an individual both a freedom of choice and a right of control. Therefore, privacy challenges employment laws which cannot deal satisfactorily with it as work relation has the specificity to create a link of subordination between private individuals. Yet, many of these dispositions contribute to protecting privacy. Though, in its civil law conception, there is some difficulty in resorting to privacy when it focuses on the secret of privacy.Paradoxically, the cases related to this subjective law and employees' privacy secret protection are far and few between. This freedom of privacy tends to ensure employees' protection in their privacy. Nevertheless, this freedom also applies in professional life and consequently appears as an essential instrument of the employee's protection in the workplace. Thus, the right for the employee's privacy to be respected inevitably tends to broaden its scope to the protection of freedom of privacy.
|
356 |
La protection du consommateur à l'épreuve des technologies de l'information et de la communication : étude du droit ivoirien à la lumière du droit français / The Protection of consumer against the rise of information and communication technologies : study of Ivorian system in the light of French lawAlleme, Apo 28 June 2019 (has links)
Les technologies de l’information et de la communication (TIC) qui recouvrent l’ensemble des outils et techniques résultant de la convergence des télécommunications ont révolutionné les comportements et les habitudes des consommateurs. Si ces technologies ne se limitent pas au réseau internet c’est la montée d’internet qui a renouvelé la problématique de la protection du consommateur. En réponse, le législateur ivoirien a, à travers la loi de 2016 relative à la consommation, essayé de s’arrimer aux standards internationaux relatifs à la protection du consommateur. Le nouveau dispositif adopté s’ajoute au droit positif ivoirien et au cadre législatif communautaire (UEMOA et CEDEAO). Cependant, le système se révèle insuffisant et, à certains égards, inadapté à la protection du consommateur, notamment dans l’hypothèse d’une vente conclue par le canal des TIC. Ces insuffisances s’observent au moment de la formation et de l’exécution du contrat de vente. Dans ce contexte, le cadre législatif français qui étend ses sources dans le droit communautaire européen peut, à bien d’égards, inspirer le législateur ivoirien. Il ne s’agit pas de transposer intégralement ce système en droit ivoirien. En effet, à l’épreuve des TIC, la protection du consommateur passe par la recherche de nouveaux points d’équilibre entre le consommateur et le professionnel. / Information and communication technologies (ICTs), which encompass all the tools and techniques resulting from the convergence of telecommunications, have revolutionized the behavior and habits of consumers. These technologies are not limited to the Internet, the rise of which has renewed the problem of consumer protection. In response, the Ivorian legislator, through the 2016 law on consumption, tried to be consistent with international standards relating to consumer protection. The new mechanism adopted is in addition to current Ivorian law and the Community legislative framework (UEMOA and ECOWAS). However, the system is proving insufficient and, in some respects, unsuitable for consumer protection, especially in the event of a sale through the ICT channel. These deficiencies occur at the time of the formation and enforcement of the sales contract. In this context, the French legislative framework that extends its sources in European Community law can, in many ways, inspire the Ivorian legislator. It does not entail the total transposition of the French system into the Ivorian law. Actually, with the new challenges of ICTs, the protection of the consumer can only be guaranteed by the search for equilibrium between the consumer and the professional.
|
357 |
Scalable access controlMay, Brian, 1975- January 2001 (has links)
Abstract not available
|
358 |
Transmission of copyrighted works over the internet : rights and exceptionsTao, Hong Unknown Date (has links)
This thesis examines the balance between copyright owners and users by studying the nature of the rights and exceptions related to transmission of copyrighted works over the internet, focusing on three different jurisdictions: Australia, Japan and the United States.The choice of Japan and the United States is based on consideration of the following elements: 1. Both countries possess advanced information technology; 2. Both countries too the lead in legislating for copyright protection in the digital environment; 3. Both countries have different legal systems. In the matter of statutory reaction of transmission of works over the internet, there is no uniform solution around the world as the divergent laws in the three chosen countries demonstrate.
|
359 |
Security metric based risk assessment.Khan, Moazzam 30 April 2013 (has links)
Modern day computer networks have become very complex and attackers have benefited due to this complexity and have found vulnerabilities and loopholes in the network architecture. In order to identify the attacks from an attacker all aspects of network architecture needs to be carefully examined such as packet headers, network scans, versions of applications, network scans, network anomalies etc. and after the examination attributes playing a significant impact on the security posture of the organization needs to be highlighted so that resources and efforts are directed towards those attributes. In this work we extensively look at network traffic at dormitory network of a large campus and try to identify the attributes that play a significant role in the infection of a machine. Our scheme is to collect as much attributes from the network traffic applying the heuristic of network infection and then devise a scheme called decision centric rank ordering of security metric that gives the priority to the security metrics so that network administrators can channel their efforts in the right direction. Another aspect of this research is to identify the probability of an attack on a communication infrastructure. A communication infrastructure becomes prone to attack if certain elements exist in it, such as vulnerabilities in the comprising elements of the system, existence of an attacker and motivation for him to attack. Focus of this study is on vulnerability assessment and security metrics such as user behavior, operating systems, user applications, and software updates. To achieve a quantified value of risk, a set of machines is carefully observed for the security metrics. Statistical analysis is applied on the data collected from compromised machines and the quantified value of risk is achieved.
|
360 |
Trusted data path protecting shared data in virtualized distributed systemsKong, Jiantao 20 January 2010 (has links)
When sharing data across multiple sites, service applications should not be trusted automatically. Services that are suspected of faulty, erroneous, or malicious behaviors, or that run on systems that may be compromised, should not be able to gain access to protected data or entrusted with the same data access rights as others. This thesis proposes a context flow model that controls the information flow in a distributed system. Each service application along with its surrounding context in a distributed system is treated as a controllable principal. This thesis defines a trust-based access control model that controls the information exchange between these principals. An online monitoring framework is used to evaluate the trustworthiness of the service applications and the underlining systems. An external communication interception runtime framework enforces trust-based access control transparently for the entire system.
|
Page generated in 0.1246 seconds