Running Head: THE BRAZILIAN FEDRAL DATA PROCESSING SERVICE

Case Study 1: The Brazilian Federal Data Processing Service

Viral Shah
CIS512- Adv Computer Architecture
Strayer University
Dr. Romy Lu
January 16, 2016

THE BRAZILIAN FEDRAL DATA PROCESSING SERVICE

Brazilian federal data processing service, there where news that government officials and
Petrobras, Brazil national oil company, have been targeted of electronic spying by the NSA and
other agencies, based on the documents leaked by former NSA contractor Edward Snowden.
Brazils President Dilma Rousseff consider this action a breach of international law. The
Brazilian Federal Data Processing Service known as Serpro will build a secure email system for
Brazils federal government.
The statement by the Director of National Intelligence James R. Clapper said,
We collect this information for many important reasons: for one, it could provide the United
States and our allies early warning of international financial crises which could negatively
impact the global economy. It also could provide insight into other countries economic policy
or behavior which could affect global markets. Brazil over the years pursued close relationships
with key U.S rivals like Iran, Venezuela, and Cuba and also because of corruption in 2007 three
Petrobras executive where arrested. This will be enough reason for NSA to snoop on Brazil.
Information is the key to resolved present and future issues (J, Sep 2012).
The Brazilian Federal Data Processing Service was created on December 1964 to help de
sector of the public administrator and has improved technologies on several government agencies
It is incorporated to the life of the Brazilian citizen. SERPRO Infrastructure consist in a Data
Center and Long Distance Network.
There are 2 Data Center, 6 IBM Servers that generates more than 3 billion of transactions
a year, multi-platforms, 52 Terabytes storage and open standards that are capable to handle the
security of the email. The current SERPRO technology was not able prevent the espionage attack
by the NSA because they were routing the countrys internet connection thru the U.S. Brazil is
planning to run 3,500 miles of fiber-optic cable under the Atlantic Ocean to Avoid the U.S. and
have a direct connection to Europe.
The company is more than likely to use Expresso v.3 as an alternative to standardize the
email system. The Expresso V.3 software is an open source and audit can be done up to the

THE BRAZILIAN FEDRAL DATA PROCESSING SERVICE

source code and this will ensure that security is not being violated by hidden back doors. The
software promotes privacy and integrity to all official messages.
Only three government-owned companies will offer the telecommunication services,
storage and email, this are SERPRO witch offer its own data center and private cloud service,
DATAPREV that offer data center services and email hosting and TELEBRAS witch offer
telecommunication service. A couple of ways SERPRO is planning to fix the issue is by
encrypting data over WAN links that will be delivered by third-party companies and
Implementing a public-key infrastructure (PKI) system to ensure integrity.
The company need to make sure the PKI system will be applied to not only email
systems. With this system you can improved network security and integrity beyond email
encryption. SERPRO strategy consist in the following, 1. The usage of Linux as a main
operational system 2. The usage of free software for Desktops, security, Data Center, and
network. 3. Develop architecture with applicative based on open platforms and with free
software like: Linux/Unix, JAVA, Zone (Chilblain, 2003).

This architecture is very reliable and it should prevent the attack from NSA but with the
internet going thru U.S. it made it easy for the NSA. A possible architecture the company can
use is the Dell Secure Works Counter Threat Platform (CTP). CTP analyzes billons of events
daily and helps to protect thousands of customers. This system features, 1. Log and alert
collection from across virtually any security device or critical asset 2. Advance correlation and

THE BRAZILIAN FEDRAL DATA PROCESSING SERVICE

analysis technique 3. 24x7 access to Dell Secure Works 4. Rapid deployment in days, not weeks
or months by security experts (Chilblain, 2003).
Conclusion
The government need to implement a system that will prevent espionage from other
countries. Routing the internet access to Europe will prevent the NSA and Canada from
accessing their information. Encrypting data over WAN links that will be delivered by thirdparty companies and implementing a public-key infrastructure (PKI) system is the way to go for
Brazil to fortify their architecture.

References
Hailer. J. (Sep 2012). Much more touch vol. Issue 8, P48-51 4p.
Chilblain, (2003). Process planning as an integration of knowledge in the detailed design phase.
International journal of computer integrated manufacturing, Vol.16 Issue 1, P25 13p.
Shredders, czar. Payne, C., & McGill, T.(oct2013). The functionality-based application
Confinement model. International journal of information security, Vol 12 issue 5, p393-422.
Shneiderman & Plasisant, (2010). computer and information security handbook 2 nd ed. Amsterdam:
Morgan Kaufmann publishers is an imprint of Elsevier.