A platform for research: civil engineering, architecture and urbanism
A platform for research: civil engineering, architecture and urbanism
Digital Evidence and Forensic Readiness (Dagstuhl Seminar 14092)
The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, open research issues will also be published in the form of a manifesto on digital evidence. One possible definition for Secure Digital Evidence was proposed by Rudolph et al. at the Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics 2012. It states that a data record can be considered secure if it was created authentically by a device for which the following holds: - The device is physically protected to ensure at least tamper-evidence. - The data record is securely bound to the identity and status of the device (including running software and configuration) and to all other relevant parameters (such as time, temperature, location, users involved, etc.) - The data record has not been changed after creation. Digital Evidence according to this definition comprises the measured value and additional information on the state of the measurement device. This additional information on the state of the measurement device aims to document the operation environment providing evidence that can help lay the foundation for ...
Digital Evidence and Forensic Readiness (Dagstuhl Seminar 14092)
The seminar on Digital Evidence and Forensic Readiness provided the space for interdisciplinary discussions on clearly defined critical aspects of engineering issues, evaluation and processes for secure digital evidence and forensic readiness. A large gap exists between the state-of-the-art in IT security and best-practice procedures for digital evidence. Experts from IT and law used this seminar to develop a common view on what exactly can be considered secure and admissible digital evidence. In addition to sessions with all participants, a separation of participants for discussing was arranged. The outcome of these working sessions was used in the general discussion to work on a common understanding of the topic. The results of the seminar will lead to new technological developments as well as to new legal views to this points and to a change of organizational measures using ICT. Finally, various open issues and research topics have been identified. In addition to this report, open research issues will also be published in the form of a manifesto on digital evidence. One possible definition for Secure Digital Evidence was proposed by Rudolph et al. at the Eighth Annual IFIP WG 11.9 International Conference on Digital Forensics 2012. It states that a data record can be considered secure if it was created authentically by a device for which the following holds: - The device is physically protected to ensure at least tamper-evidence. - The data record is securely bound to the identity and status of the device (including running software and configuration) and to all other relevant parameters (such as time, temperature, location, users involved, etc.) - The data record has not been changed after creation. Digital Evidence according to this definition comprises the measured value and additional information on the state of the measurement device. This additional information on the state of the measurement device aims to document the operation environment providing evidence that can help lay the foundation for ...
Digital Evidence and Forensic Readiness (Dagstuhl Seminar 14092)
Dardick, Glenn S. (author) / Endicott-Popovsky, Barbara (author) / Gladyshev, Pavel (author) / Kemmerich, Thomas (author) / Rudolph, Carsten (author)
2014-01-01
Dagstuhl Reports, Volume 4, Issue 2; ISSN 2192-5283
Conference paper
Electronic Resource
English
DDC:
710