Pregled bibliografske jedinice broj: 499346
A Framework to (Im)Prove „Chain of Custody“ in Digital Investigation Process
A Framework to (Im)Prove „Chain of Custody“ in Digital Investigation Process // Proceedings of the 21st Central European Conference on Information and Intelligent Systems / Aurer, Boris ; Bača, Miroslav (ur.).
Varaždin: Fakultet organizacije i informatike Sveučilišta u Zagrebu, 2010. str. 435-438 (predavanje, međunarodna recenzija, cjeloviti rad (in extenso), znanstveni)
CROSBI ID: 499346 Za ispravke kontaktirajte CROSBI podršku putem web obrasca
Naslov
A Framework to (Im)Prove „Chain of Custody“ in Digital Investigation Process
Autori
Ćosić, Jasmin ; Miroslav Bača
Vrsta, podvrsta i kategorija rada
Radovi u zbornicima skupova, cjeloviti rad (in extenso), znanstveni
Izvornik
Proceedings of the 21st Central European Conference on Information and Intelligent Systems
/ Aurer, Boris ; Bača, Miroslav - Varaždin : Fakultet organizacije i informatike Sveučilišta u Zagrebu, 2010, 435-438
Skup
Central European Conference on Information and Intelligent Systems
Mjesto i datum
Varaždin, Hrvatska, 22.09.2010. - 24.09.2010
Vrsta sudjelovanja
Predavanje
Vrsta recenzije
Međunarodna recenzija
Ključne riječi
Computer forensic; digital evidence; chain of custody; integrity of digital evidence
Sažetak
Raditionaly, a chain of custody (chain of evidence) refers to the chronological documentation, or paper trail, showing storing, controling, transfer, analysis and handling with evidence. Chain of custody plays very important role in digital forensic investigation process. To prove chain of custody, investigators must know all details on how the evidence was handle.„Five W`s (and one H) “must be applied. Life cycle of digital evidence is very complex, and at each stage there is more impact that can violate a chain of custody. Proper chain of custody must include information on how evidence is collected, transported, analyzed, preserved, and handled with. In most countries there is no standard unique protocol or procedures for this. In this paper authors will presents a digital evidence management framework – DEMF, which can im(prove) chain of custody of digital evidence in all stages of digital investigation process. In proposed framework will be used a SHA-2 hash function for digital fingerprint of evidence, biometric characteristics for authentification and identification a personal who handled with evidence, a digital trusted timestamp for determining a “right” time when evidence is discovered or when is accessed to evidence and a gps coordinates for determining a location of evidence. Use of all these factors in the right way provide safe and secure chain of custody, to ensure that digital evidence will be accepted by the court.
Izvorni jezik
Engleski
Znanstvena područja
Informacijske i komunikacijske znanosti
POVEZANOST RADA
Projekti:
016-0161199-1721 - Metodika evaluacije biometrijskih karakterstika (Bača, Miroslav, MZOS ) ( CroRIS)
Ustanove:
Fakultet organizacije i informatike, Varaždin
Profili:
Miroslav Bača
(autor)
