Dissertação de Mestrado
Aspectos técnicos e legais da coleta e anonimização de tráfego de redes IP
Fecha
2009-09-29Autor
Marco Aurélio Vilaça de Melo
Institución
Resumen
Researchers and network administrators face a dificult dilemma when they work with trafic data files collected from the network: how to extract useful information for their work and yet to guarantee the privacy of users, whose information travel through the network, and prevent the leakage of sensitive information that may compromize network security?This work presents a study of aspects of privacy and safety in the use and sharing of network trafic log files, and proposes a methodology for the analysis of the file anonimization process. First we explain the reasons for the increasing need for the use of log files in network research and audits, showing the risks that the use and sharing of such files may carry for the privacy of users and the safety of the network. Next we discuss theexisting laws in some major countries that deal with the privacy of data and electronic communications, showing their evolution over time. In Brazil, we discuss the current laws and some proposed projects being considered in Congress and their implication to users and network providers. Finally, we analyze the major protocols of the TCP/IP architecture in relation to anonimization, identifying which protocol fields may reveal information sensitive to network safety or user privacy. Based on that analysis we present a discussion of the major tools and techniques for data anonimization and propose a methodology for the analysis of the quality of anonimization, which we complete with the description of aprototype based on that methodology.