After Brazil’s General Data Protection Law: Authorization in Decentralized Web Applications

After Brazil’s General Data Protection Law: Authorization in Decentralized Web Applications

Decentralized web applications do not offer fine-grained access controls to users’ data, which potentially creates openings for data breaches. For software companies that need to comply with Brazil’s General Data Protection Law (LGPD), data breaches not only might harm application users but also cou...

Mô tả đầy đủ

Đã lưu trong:
Chi tiết về thư mục
Những tác giả chính: Silva, Jefferson O., Calegari, Newton, Gomes, Eduardo S.
Định dạng: Artigos Científicos
Ngôn ngữ:Inglês
Được phát hành: 2024
Những chủ đề:
Engenharia de software
Lei Geral de Proteção de Dados (LGPD)
Truy cập trực tuyến:https://bibliotecadigital.acervo.nic.br/handle/123456789/2217
https://doi.org/10.1145/3308560.3316461
Các nhãn: Thêm thẻ
Không có thẻ, Là người đầu tiên thẻ bản ghi này!
Miêu tả
Tóm tắt:Decentralized web applications do not offer fine-grained access controls to users’ data, which potentially creates openings for data breaches. For software companies that need to comply with Brazil’s General Data Protection Law (LGPD), data breaches not only might harm application users but also could expose the companies to hefty fines. In this context, engineering fine-grained authorization controls (that comply with the LGPD) to decentralized web application requires creating audit trails, possibly in the source code. Although the literature offers some solutions, they are scattered. We present Esfinge Guardian, an authorization framework that completely separates authorization from other concerns, which increases compliance with the LGPD. We conclude the work with a brief discussion.

Những quyển sách tương tự