Secure Storage Model for Digital Forensic Readiness

Singh, Avinash; Ikuesan, Richard Adeyemi; Venter, Hein S.

doi:10.1109/access.2022.3151403

Cited by 15 publications

(19 citation statements)

References 33 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…We added categories to cover incident phases described in Section IV-C, i.e., Access Control, Anomaly Detection, Phenomenon Evaluation, Stopping from Propagating, Self-Adaptiveness, and Evidence. For each category, we went through existing studies and other sources [37], [38], [39], [40], [41], [42], [43], [44], [45], [46], [47], [48], [49], [50], [51], [52], [53], [54], [55], [56], [57] to examine the completeness of the coverage by the standards and complement the missing pieces. All these recommendations were again validated against our inclusion and exclusion criteria.…”

Section: Methodsmentioning

confidence: 99%

See 1 more Smart Citation

An Integrated Checklist for Architecture Design of Critical Software Systems

Bierska¹,

Bühnová²,

Bangui³

2022

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

With the advancement of digitalization, critical information infrastructures, such as intelligent energy distribution, transportation, or healthcare, have opened themselves towards intelligent technological opportunities, including automation of previously manual decision making. As a side effect, the digitalization of these infrastructures gives rise to new challenges, especially linked to the complexity of architecture design of these infrastructures, to later support necessary software quality and safeguard the systems against attacks and other harm. To support software architects in the design of these critical software systems, well structure architectural knowledge would be of great help to prevent the architects from missing some of the crucial concerns that need to be reflected with built-in architectural mechanisms, early during architecture design.Given the narrow scope of existing guidelines, with the need of browsing and combining multiple sources, this paper proposes an integrated checklist to cover the breath of architectural concerns for the design of critical software systems, covering the need for built-in mechanisms to prevent, detect, stop, recover from and analyse intentional as well as unintentional threats to system dependability. Contrary to existing guidelines that typically focus on runtime incident handling, our checklist is to be used during architecture design to ensure that the system has built-in mechanisms to either handle the incidents automatically or include the right mechanisms to support the runtime incident handling.

show abstract

Section: Methodsmentioning

confidence: 99%

“…Evidence [33], [54] All evidence data are secured. Evidence, Encryption [56], [57] Evidence storage is reliable. Evidence [55] a) Access Control: Access control ensures that data cannot be changed or read by unauthorized entities.…”

Section: B Tagsmentioning

confidence: 99%

An Integrated Checklist for Architecture Design of Critical Software Systems

Bierska¹,

Bühnová²,

Bangui³

2022

Annals of Computer Science and Information Systems

View full text Add to dashboard Cite

show abstract

“…The SDCA [28] tool is designed to perform the analysis of the differences automatically between two versions of SQL schema, in addition to its ability to analyze the query. In [29]aid forensic investigation in general, by developing a model and a platform to secure potential digital evidence, the SecureRS model can help to prevent unauthorized access and comply with regulations and privacy policies, the result shows a method of ensuring forensically sound digital evidence for DFR as well as for digital forensics processes in general. In [7] the authors discussed the tools used to acquire the data from iOS or Android devices for both rooted and jailbreak mobile; the results have shown that the XRY software tool can recover deleted materials and can be able to extract all the data from the phone but it cannot retrieve deleted data for not jailbroken iPhone,…”

Section: ) Mobile Forensics Toolsmentioning

confidence: 99%

A Novel Framework for Mobile Forensics Investigation Process

Moreb

Salah

Amro

2023

Preprint

View full text Add to dashboard Cite

Investigating digital evidence by gathering, examining, and maintaining evidence that was stored in smartphones has attracted tremendous attention and become a key part of digital forensics. The mobile forensics process aims to recover digital evidence from a mobile device in a way that will preserve the evidence in a forensically sound condition, this evidence might be used to prove to be a cybercriminal or a cybercrime victim. To do this, the mobile forensics process lifecycle must establish clear guidelines for safely capturing, isolating, transporting, storing, and proving digital evidence originating from mobile devices. There are unique aspects of the mobile forensics procedure that must be taken into account. It is imperative to adhere to proper techniques and norms in order for the testing of mobile devices to produce reliable results. In this paper, we develop a novel methodology for the mobile forensics process model lifecycle named Mobile Forensics Investigation Process Framework (MFIPF) which encompasses all the necessary stages and data sources used to construct the crime case. The developed framework contributes to identifying common concepts of mobile forensics through the development of the mobile forensics model that simplifies the examination process and enables forensics teams to capture and reuse specialized forensic knowledge. Furthermore, the paper provides a list of the most commonly used forensics tools and where can we use them in our proposed mobile forensic process model.

show abstract

“…It is also referred to as infrastructure readiness 21 . The addressed controls are aimed toward, for example, evidence storage 22,23 and evidence integrity 24 . In the latter, blockchain‐based solutions have gained prominence recently 25,26 .…”

Section: Related Workmentioning

confidence: 99%

Forensic experts' view of forensic‐ready software systems: A qualitative study

Daubner

Bühnová

Pitner

2023

J Software Evolu Process

View full text Add to dashboard Cite

Software engineers widely acknowledge the inclusion of security requirements in the early stages of the development process. However, the need to prepare the software for the failure of the implemented security controls and subsequent investigation of the incident is often not discussed. Forensic‐ready software systems represent an evolution of secure systems being designed for the eventual digital forensic investigation. However, their exact properties remain largely unexplored, beyond preliminary high‐level conceptualizations of requirements and capabilities. Further obstacles hindering the adoption of forensic‐ready software systems are the different priorities and goals of involved parties and a gap in the digital forensics expertise of software engineers. In this paper, we conduct an empirical qualitative study identifying the problems and needs of forensic readiness while framing the notion of an ideal forensic‐ready software system and how it should treat potential evidence. To this end, we conducted semisupervised interviews with digital forensics experts on their idea, experience, and suggestions. The results provide insights into the needs of the experts to facilitate the definition of correct requirements towards forensic‐ready software systems to support the anticipated investigations properly.

show abstract

Secure Storage Model for Digital Forensic Readiness

Cited by 15 publications

References 33 publications

An Integrated Checklist for Architecture Design of Critical Software Systems

An Integrated Checklist for Architecture Design of Critical Software Systems

A Novel Framework for Mobile Forensics Investigation Process

Forensic experts' view of forensic‐ready software systems: A qualitative study

Contact Info

Product

Resources

About