Forensic readiness: emerging discipline for creating reliable and secure digital evidence

Barbara Endicott-Popovsky, Nicolai Kuntze, Carsten Rudolph

Research output: Contribution to journalArticleResearchpeer-review

Abstract

Traditional approaches to digital forensics reconstruct events within digital systems that often are not built for the creation of evidence; however, there is an emerging discipline of forensic readiness that examines what it takes to build systems and devices that produce digital data records for which admissibility is a requirement.  This paper reviews the motivation behind research in this area, a generic technical solution that uses hardware-based security to bind digital records to a particular state of a device and proposed applications of this solutions in concrete, practical scenarios. Research history in this area, the notion of secure digital evidence and a technical solution are discussed.  A solution to creating hardware-based security in devices producing digital evidence was proposed in 2012.  Additionally, this paper revises the proposal and discusses three distinct scenarios where forensic readiness of devices and secure digital evidence are relevant.  It shows, how the different requirements of the three scenarios can be realized using a hardware-based solution. The scenarios are: lawful interception of voice communication, automotive black box, precise farming.  These three scenarios come from very distinctive application domains.  Nevertheless, they share a common set of security requirements for processes to be documented and data records to be stored.
Original languageEnglish
Pages (from-to)1-8
Number of pages8
JournalJournal of Harbin Institute of Technology (New Series)
Volume22
Issue number1
DOIs
Publication statusPublished - 2015
Externally publishedYes

Keywords

  • digital forensics
  • forensic readiness
  • calibration
  • digital evidence

Cite this

@article{e3758dd8cfd5417297f1d4a04a621220,
title = "Forensic readiness: emerging discipline for creating reliable and secure digital evidence",
abstract = "Traditional approaches to digital forensics reconstruct events within digital systems that often are not built for the creation of evidence; however, there is an emerging discipline of forensic readiness that examines what it takes to build systems and devices that produce digital data records for which admissibility is a requirement.  This paper reviews the motivation behind research in this area, a generic technical solution that uses hardware-based security to bind digital records to a particular state of a device and proposed applications of this solutions in concrete, practical scenarios. Research history in this area, the notion of secure digital evidence and a technical solution are discussed.  A solution to creating hardware-based security in devices producing digital evidence was proposed in 2012.  Additionally, this paper revises the proposal and discusses three distinct scenarios where forensic readiness of devices and secure digital evidence are relevant.  It shows, how the different requirements of the three scenarios can be realized using a hardware-based solution. The scenarios are: lawful interception of voice communication, automotive black box, precise farming.  These three scenarios come from very distinctive application domains.  Nevertheless, they share a common set of security requirements for processes to be documented and data records to be stored.",
keywords = "digital forensics, forensic readiness, calibration, digital evidence",
author = "Barbara Endicott-Popovsky and Nicolai Kuntze and Carsten Rudolph",
year = "2015",
doi = "10.11916/j.issn.1005-9113.2015.01.001",
language = "English",
volume = "22",
pages = "1--8",
journal = "Journal of Harbin Institute of Technology (New Series)",
issn = "1005-9113",
number = "1",

}

Forensic readiness : emerging discipline for creating reliable and secure digital evidence. / Endicott-Popovsky, Barbara; Kuntze, Nicolai; Rudolph, Carsten.

In: Journal of Harbin Institute of Technology (New Series), Vol. 22, No. 1, 2015, p. 1-8.

Research output: Contribution to journalArticleResearchpeer-review

TY - JOUR

T1 - Forensic readiness

T2 - emerging discipline for creating reliable and secure digital evidence

AU - Endicott-Popovsky, Barbara

AU - Kuntze, Nicolai

AU - Rudolph, Carsten

PY - 2015

Y1 - 2015

N2 - Traditional approaches to digital forensics reconstruct events within digital systems that often are not built for the creation of evidence; however, there is an emerging discipline of forensic readiness that examines what it takes to build systems and devices that produce digital data records for which admissibility is a requirement.  This paper reviews the motivation behind research in this area, a generic technical solution that uses hardware-based security to bind digital records to a particular state of a device and proposed applications of this solutions in concrete, practical scenarios. Research history in this area, the notion of secure digital evidence and a technical solution are discussed.  A solution to creating hardware-based security in devices producing digital evidence was proposed in 2012.  Additionally, this paper revises the proposal and discusses three distinct scenarios where forensic readiness of devices and secure digital evidence are relevant.  It shows, how the different requirements of the three scenarios can be realized using a hardware-based solution. The scenarios are: lawful interception of voice communication, automotive black box, precise farming.  These three scenarios come from very distinctive application domains.  Nevertheless, they share a common set of security requirements for processes to be documented and data records to be stored.

AB - Traditional approaches to digital forensics reconstruct events within digital systems that often are not built for the creation of evidence; however, there is an emerging discipline of forensic readiness that examines what it takes to build systems and devices that produce digital data records for which admissibility is a requirement.  This paper reviews the motivation behind research in this area, a generic technical solution that uses hardware-based security to bind digital records to a particular state of a device and proposed applications of this solutions in concrete, practical scenarios. Research history in this area, the notion of secure digital evidence and a technical solution are discussed.  A solution to creating hardware-based security in devices producing digital evidence was proposed in 2012.  Additionally, this paper revises the proposal and discusses three distinct scenarios where forensic readiness of devices and secure digital evidence are relevant.  It shows, how the different requirements of the three scenarios can be realized using a hardware-based solution. The scenarios are: lawful interception of voice communication, automotive black box, precise farming.  These three scenarios come from very distinctive application domains.  Nevertheless, they share a common set of security requirements for processes to be documented and data records to be stored.

KW - digital forensics

KW - forensic readiness

KW - calibration

KW - digital evidence

U2 - 10.11916/j.issn.1005-9113.2015.01.001

DO - 10.11916/j.issn.1005-9113.2015.01.001

M3 - Article

VL - 22

SP - 1

EP - 8

JO - Journal of Harbin Institute of Technology (New Series)

JF - Journal of Harbin Institute of Technology (New Series)

SN - 1005-9113

IS - 1

ER -