A Framework to (Im)Prove „Chain of Custody“ in Digital Investigation Process (CROSBI ID 569993)
Prilog sa skupa u časopisu | izvorni znanstveni rad | međunarodna recenzija
Podaci o odgovornosti
ćosić, Jasmin ; Miroslav Bača
engleski
A Framework to (Im)Prove „Chain of Custody“ in Digital Investigation Process
raditionaly, a chain of custody (chain of evidence) refers to the chronological documentation, or paper trail, showing storing, controling, transfer, analysis and handling with evidence. Chain of custody plays very important role in digital forensic investigation process. To prove chain of custody, investigators must know all details on how the evidence was handle.„Five W`s (and one H) “must be applied. Life cycle of digital evidence is very complex, and at each stage there is more impact that can violate a chain of custody. Proper chain of custody must include information on how evidence is collected, transported, analyzed, preserved, and handled with. In most countries there is no standard unique protocol or procedures for this. In this paper authors will presents a digital evidence management framework – DEMF, which can im(prove) chain of custody of digital evidence in all stages of digital investigation process. In proposed framework will be used a SHA-2 hash function for digital fingerprint of evidence, biometric characteristics for authentification and identification a personal who handled with evidence, a digital trusted timestamp for determining a “right” time when evidence is discovered or when is accessed to evidence and a gps coordinates for determining a location of evidence. Use of all these factors in the right way provide safe and secure chain of custody, to ensure that digital evidence will be accepted by the court.
Computer forensic; digital evidence; chain of custody; integrity of digital evidence
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
nije evidentirano
Podaci o prilogu
435-438.
2010.
nije evidentirano
objavljeno
Podaci o matičnoj publikaciji
Central European conference on information and intelligent systems
Aurer, Boris ; Bača, Miroslav
Varaždin: Fakultet organizacije i informatike Sveučilišta u Zagrebu
1847-2001
Podaci o skupu
Central european conference on information and intelligent systems
predavanje
23.09.2010-25.09.2010
Varaždin, Hrvatska