The architecture of a digital forensic readiness management system
نویسندگان
چکیده
A coordinated approach to digital forensic readiness (DFR) in a large organisation requires the management and monitoring of a wide variety of resources, both human and technical. The resources involved in DFR in large organisations typically include staff from multiple departments and business units, as well as network infrastructure and computing platforms. The state of DFR within large organisations may therefore be adversely affected if the myriad human and technical resources involved are not managed in an optimal manner. This paper contributes to DFR by proposing the novel concept of a digital forensic readiness management system (DFRMS). The purpose of a DFRMS is to assist large organisations in achieving an optimal level of management for DFR. In addition to this, we offer an architecture for a DFRMS. This architecture is based on requirements for DFR that we ascertained from an exhaustive review of the DFR literature. We describe the architecture in detail and show that it meets the requirements set out in the DFR literature. The merits and disadvantages of the architecture are also discussed. Finally, we describe and explain an early prototype of a DFRMS.
منابع مشابه
Implementing Forensic Readiness Using Performance Monitoring Tools
This paper proposes the use of monitoring tools to record data in support of digital forensic investigations. The collection of live system data requires integrity checks and data validation to be performed as the data is collected and stored. Combining system monitoring and digital forensic functionality in a single system reduces the cost and complexity of administration and maintenance, whil...
متن کاملExamining the state of preparedness of Information Technology management in New Zealand for events that may require forensic analysis
KEYWORDS Security policy; Forensic policy; IT management; Forensic readiness; Statistics Computer security is of concern to those in IT (Information Technology) and forensic readiness (being prepared to deal effectively with events that may require forensic investigation) is a growing issue. Data held only on magnetic or other transient media require expert knowledge and special procedures to p...
متن کاملA Cloud Forensic Readiness Model for Service Level Agreements Management
Cloud computing is increasingly becoming a target of cyber-criminal attacks. Often the committed crimes violate the Service Level Agreement (SLA) contracts, which must be respected by all the involved parties. Cloud Forensics is a branch of Digital Forensic discipline dealing with crimes involving the Cloud. A manner for leveraging some of the attacks is the provisioning of a Forensic Readiness...
متن کاملA conceptual model for digital forensic readiness _2
The ever-growing threats of fraud and security incidents present many challenges to law enforcement and organisations across the globe. This has given rise to the need for organisations to build effective incident management strategies, which will enhance the company’s reactive capability to security incidents. The aim of this paper is to propose proactive activities an organisation can underta...
متن کاملA Ten Step Process for Forensic Readiness
A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organisation may benefit from an ability to gather and preserve digital evidence before an incident occurs. Forensic readiness is defined as the ability of an organisation to maximise its potential to use digital ev...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Computers & Security
دوره 32 شماره
صفحات -
تاریخ انتشار 2013