Content uploaded by Luciana Duranti
Author content
All content in this area was uploaded by Luciana Duranti on Apr 19, 2016
Content may be subject to copyright.
A preview of the PDF is not available
Digital Records Forensics: A New Science and Academic Program for Forensic Readiness
Abstract and Figures
This paper introduces the Digital Records Forensics project, a research endeavour located at the University of British Columbia in Canada and aimed at the development of a new science resulting from the integration of digital forensics with diplomatics, archival science, information science and the law of evidence, and of an interdisciplinary graduate degree program, called Digital Records Forensics Studies, directed to professionals working for law enforcement agencies, legal firms, courts, and all kind of institutions and business that require their services. The program anticipates the need for organizations to become “forensically ready,†defined by John Tan as “maximizing the ability of an environment to collect credible digital evidence while minimizing the cost of an incident response (Tan, 2001).†The paper argues the need for such a program, describes its nature and content, and proposes ways of delivering it.
Figures - uploaded by Luciana Duranti
Author content
All figure content in this area was uploaded by Luciana Duranti
Content may be subject to copyright.
... The DE finding mission can be done fast through DFR. In other words, the financial company can swiftly meet the need to support legal action with admissible DE [59]. Therefore, the information security should be set up based on DF given a role in enterprise information system operation [60] because the DF influences across the entire information security of a company [33]. ...
While Korean financial companies are currently providing electronic financial services by establishing the high-level information technology and security system in accordance with the Electronic Financial Supervision Regulations (EFSR), they are rarely equipped with digital forensic readiness (DFR) to maximize the capability to collect critical digital evidence (DE). So, there is a limit to identifying the root cause of financial incidents and securing admissible DE. In this paper, there, the authors present Financial Forensic Readiness as a Service in Korea (K-FFRaaS), as DFR of financial companies to secure the admissible DE. Based on ISO/IEC 27043:2015 international standard, K-FFRaaS consists of 3 processes groups, namely: Planning processes group, Implementation processes group, and Assessment processes group. Planning processes group is the processes group to prepare the organization to be forensically ready before potential incidents happen. Implementation processes group is the stage to carry out the processes defined in the planning group. Assessment processes group consists of activities that evaluate whether the result of the implementation process group is consistent with the objective of K-FFRaaS. The contribution of this research is to present that the financial company can adopt the systematic management procedure for mitigating the causes of incidents, store admissible DE, and present scientific evidence to a court of law through K-FFRaaS.
... Bu çabadan hareketle Duranti, elektronik delil elde etme yöntemlerinin belgenin güvenilirliğini incelemek için kullanılabileceğini ifade etmektedir (Duranti, 2009;Duranti ve Endicott-Popovsky, 2010;Xie, 2011;Duranti ve Rogers, 2013). Duranti, çalışmasında elektronik delil elde etme yöntemleriyle diplomatik analizin ortak yanlarını belirterek e-belgelerin güvenilirliğinin incelenmesi doğrultusunda birlikte değerlendirilebileceğini belirtmektedir (Duranti, 2009, s. 61-64). ...
Örgütlerde fonksiyonların yürütülmesi sırasında işlemlerin delili olan e-imzalı belgelerin uzun süreli saklanmaları durumunda, özgünlüğünü muhafaza edemeyeceği tartışmaları gündemi meşgul etmektedir. Zaman içerisinde e-imzanın geçerliliğini yitireceği, belge ile üstverilerin bütünlüğünün sağlanamayacağı, belgenin türüne göre karakteristik özelliklerini koruyamayacağı, ait olduğu dosya ve diğer belgelerle ilişkisinin kopacağı kaygıları, bu tartışmaların başlıca sebebi olarak görülmektedir. E-belgelerde doğabilecek bu özgünlük probleminin onun delil değerini kaybettirme ihtimali yüksektir. Daha çok dijital ortamın kırılganlığı ve yazılımsal sorunlar nedeniyle ortaya çıkacağı düşünülen bu olumsuzlukların, arşivsel bağın tam olarak kurulamamasından kaynaklanabileceği akla gelmektedir. Belgelerin form özelliklerini kullanarak üreticisi ile aynı fonksiyon kapsamındaki diğer belgeler ve ait olduğu dosyayla ilişkisini tespit etmeye imkân veren arşivsel bağ, belge hiyerarşisini açığa çıkarmayı sağlar. Bu bağın tesis edilememesi durumunda, belgenin delil değerinin olumsuz yönde etkileneceği düşünülmektedir. Bu çalışmada “elektronik delil elde etme yöntemi olarak arşivsel bağın kullanılabileceği” hipotezi savunulmaktadır. Çalışmada betimsel analiz yönteminden faydalanılmıştır. İçerikten dolayı mevzunun bilişim, idare hukuku, hukuk muhakemeleri usulü alanlarıyla ilişkisi bulunmaktadır. Burada konu, daha çok belge yönetimi ve arşivcilik literatürü ışığında incelenecektir. Türkçe ve yabancı dil kaynaklarda e-belgelerin arşivsel bağının kurulmasını irdeleyen çalışmalar bulunsa da bu bağın belgenin delil değeri ile olan ilişkisine yeteri kadar girilmemiştir. Bu makalede, belge yönetimi uygulamalarında müstakil bir üstveri alanı olarak kurgulanması gerektiği vurgulanan arşivsel bağın, elektronik delil elde etme yöntemi olarak da değerlendirilebileceği savunulmaktadır.
In case of preserving e-signatured records in long term which are the evidence of processes while carrying out the functions in organizations, debate of not maintaining authenticity is occupying the agenda. Expiring validity of e-signature over time, not ensuring integrity of the records and its metadata, not protecting its characteristic features upon the genre of a record, anxiety of breaking off the relationship with its belonging file and other records have been seen the main reasons of this debate. Probability about losing its evidential value of this authenticity problem that could be rise on e-records is high. These negativeness thought to be occurred from fragility of digital environment and software reasons derived from not determining the archival bond have came to mind. Archival bond is ensuring to expose record hierarchy by using the form features of records that enables to determination of relationship between the creator of a record and other records that have more or less the same function and its belonging file. In case of not establishing this bond, it has been thought the evidential value of records affected negatively. “Adopting archival bond as a digital forensics method” has been argued as a hypothesis in this study. Descriptive analysis method has been benefited in the research. Because of the content, subject is related with forensics, administrative law and civil procedure. In here, subject has been examined in the light of records management and recordkeeping literature. Even there are researches scrutinizing the determination of e-records’ archival bond in Turkish and foreign language resources, relationship of this bond with the record’ evidential value has not been enough evaluated. In this article, besides emphasizing the need of adopting as a separate metadata field in the records management applications of archival bond, it could be evaluated as a digital forensics method has been asserted.
... In recent times, there is an increase in the use of cloud computing and other digital solutions for data storage (Inglesias, 2011;Prom, O'Meara and Stratton, 2016). Cloud computing is considered an important tool that can meet the storage and data management challenges in digital preservation and maintenance of reliable records and the preservation of their authenticity over time (Duranti, 2010;Hellmer, 2015;Rogers, 2015). It is common to consider the records, documents, and information that we create and disseminate over the Internet as being equivalent to documentary forms in the physical world. ...
The purpose of the paper was to highlight the digitization of Indigenous Knowledge Systems (IKS) in institutional repositories in South Africa with a view to develop a framework for Web archiving IKS-related websites in South Africa. Anchored on the interpretivist paradigm, the qualitative research method was adopted for this research. The multiple case study research strategy was considered appropriate for the study. Data was gathered through face-to-face in-depth interviews and content analysis. Interviews were conducted with eight IKS staff at the IKS Documentation Centres across four provinces in South Africa. The study revealed that although there are efforts to digitize IKS and make them accessible through some channels online, there are no specific digital preservation policies guiding the project. Apart from the fact that there are policies in place to support any Web archiving initiative, the concept of Web archiving was generally unfamiliar to the respondents. The respondents admitting to the lack of a standard policy guiding the digitization project also admitted to a lack of knowledge or in-depth understanding of Web archiving and its prospect as a digital preservation measure. The research, therefore, proposes a Web archiving framework that should be incorporated in the digital preservation policy framework. This research will be useful to policymakers and all stakeholders in South Africa and other parts of Africa.
سعت الدراسة من خلال مقترحها بتدريس علم الإثبات الجنائي للوثائق الرقمية إلى تحقيق هدفين ترى أن التخصص في أشد الاحتياج إليهما؛ الأول: يتناول تحديث مخرجات التعلم للخريجين بإكسابهم معارف ومهارات تؤهلهم للتعامل مع الوثائق في البيئة الرقمية، خاصة مسألة الحفاظ على مصداقية الوثائق وأصالتها في ظل عمليات الاستنساخ والتنقل المستمر لمواجهة مخاطر عدم استقرار بيئة الحفظ الرقمي، الهدف الثاني: التعمق في دراسة الجوانب التقنية المرتبطة بالتخصص باعتبارها متطلباً أساسياً ليس فقط لوظائف المستقبل؛ بل تواجد التخصص ذاته في ظل تحول المجتمع الرقمي، وعليه جاء اختيار الدراسة لموضوعها الذي بدأت عرضه ببيان استخدامات علم الإثبات الجنائي الرقمي في مجالات الوثائق والأرشيف، ثم قدمت تقسيمات جديدة للميتاداتا من منظور التخصص، وعرضت نماذج لتدريس العلم في الجامعات والمؤسسات المهنية الأجنبية، وانتهت بالأسس التي اعتمدت عليها في تصميم مقررها المقترح، ومن أهم ما توصلت إليه الدراسة تقديمها محتوى علمي لتدريس علم الإثبات الجنائي الرقمي والأدوات التي يُعتمد عليها في تدريس الجانب العملي.
Resumo Considerando as persistentes dificuldades para gerenciar documentos de arquivo digitais, os estudos desenvolvidos na Arquivologia estabelecem relações com outras ciências para dar possíveis respostas. Assim como os estudos da Diplomática são relevantes para a Arquivologia na verificação de autenticidade através da aplicação dos elementos externos e internos nos documentos de arquivo, as pesquisas forenses estão fornecendo subsídios nas rotinas administrativas e arquivísticas, para tentar atingir e garantir a fidedignidade documental (completude, confiabilidade e autenticidade). Desta forma, o objetivo deste artigo é incorporar os conceitos da Ciência Forense Digital na Arquivologia, trabalho que está sendo desenvolvido em projetos internacionais, principalmente nos Estados Unidos e no Canadá, aproveitando a maturidade dos estudos forenses no domínio digital. Para integrar as duas ciências em questão, reflete-se nas funções forenses: identificação, compilação, preservação, verificação, análise e apresentação. Junto com as funções arquivísticas: criação/produção, avaliação, classificação, descrição, difusão, preservação e aquisição. Para isso, a metodologia usada, parte da literatura científica das pesquisas nacionais e internacionais em andamento, que permitam visibilizar, tanto as convergências, como as divergências das fases ou passos forenses, como das funções arquivísticas. Os resultados apontaram a possibilidade de vincular as funções de ambas as ciências refletindo, no entanto, em alguns conceitos que precisam ser melhor definidos, na busca por estabelecer uma ciência Forense-Arquivística. A conclusão deste artigo baseia-se na necessidade de continuar aprofundando nos estudos nacionais, para delimitar os elementos e conceitos e que contribuam para os estudos arquivísticos na realidade digital. Palavras-chave Arquivologia. Forense Digital. Documentos de Arquivo Natos Digitais. Fidedignidade.
In this world, people meet many challenges in the healthcare system. There is a circumstance where an individual has to maintain a comprehensive health report from time to time, and it feels not an easy job. A person may not be suffering from one type of disease; he/she may be undergoing multiple problems at once, and it is challenging to maintain all the reports. There is another circumstance where a sufferer visits multiple hospitals/consulting doctors; in a before-mentioned situation, it is tough for such patients to maintain them, and they may suggest the repeated process. In such a situation, an approach to maintaining Electronic Health Records is proposed in this paper, which uses Blockchain methodology to provide the most secure way to store and share patient reports whenever they need. The proposed system makes the task easy for patient’s to maintain multiple records in a single block, and the testing result leads a pathway to adopt in this current scenario.KeywordsBlock chainHealthcare systemHealth recordsMaintainElectronic health recordsCovid
RESUMO Propósito-este artigo objetiva explorar um novo modelo de "documento de arquivo" analisando seus atributos a partir de uma análise técnica de documentos de arquivos no formato digital. O estudo compa-ra as caraterísticas centrais necessárias para nomear um objeto digital como "documento de arquivo" em relação com a diplomática, ou de "prova" quanto à análise forense digital. Este estudo divide os documen-tos digitais em três camadas de abstração, a saber: conceitual, lógica e física. Nossa proposta é aplicar a diplomática de documentos de arquivo digitais, para identificar os principais elementos em cada um desses níveis de abstração. Desenho/metodologia/abordagem-A diplomática digital é resultado do projeto da Pesquisa Internacional sobre Documentos de Arquivo Autênticos e Permanentes em Sistemas Eletrônicos (InterPARES) 12 , a qual fornece para os arquivistas uma metodologia que analisa a identidade e a integridade dos documentos de arquivos digitais em sistemas eletrônicos, como também avalia sua autenticidade (Duranti e Preston, 2008; Duranti, 2005) e rastreia sua proveniência. Descobertas-os documentos de arquivo digitais estão estruturados em: dados (conteúdo) gerados pelo usuário, metadados gerados pelo sistema que identificam a fonte e a localização, metadados gerados por aplicativos que gerenciam a aparência e o desempenho do documento de arquivo (como, por exemplo, o formato de arquivo nato digital), metadados gerados por aplicativos que descrevem os dados (como por exemplo os metadados do sistema operacional utilizado pelo arquivo), e metadados que descrevem os dados gerados pelo usuário. A diplomática digital, baseada nos princípios da diplomática tradicional, pode subsidiar na identificação de documentos de arquivos digitais por meio de seus metadados e determinar quais deles são necessários para serem capturados, gerenciados e preservados. Originalidade/valor-O valor e a originalidade deste artigo estão na aplicação dos princípios diplomáticos para uma visão técnica desconstruída dos documentos de arquivo digitais, por meio dos metadados funcio-nais que avaliem a identidade e autenticidade desses documentos arquivísticos digitais.
Fundamentando-se em recentes discussões no âmbito dos estudos arquivísticos acerca do aporte teórico-metodológico da Diplomática na criação, manutenção e preservação de documentos arquivísticos digitais autênticos, o que se convencionou denominar de Diplomática Digital, o presente artigo busca contribuir para os estudos dos documentos arquivísticos digitais ao propor uma análise conjunta à também emergente Ciência Forense Digital. A pesquisa constitui-se de uma sistematização dos conceitos, definições e, sobretudo, de projetos existentes sobre a Diplomática Digital comparando-a com a Ciência Forense Digital. Para tanto, foi realizou-se uma análise da literatura científica da área encontrada em bases de dados internacionais, dos conceitos, definições e, sobretudo, de projetos existentes sobre a Diplomática Digital comparando-a com a Ciência Forense Digital, a fim de delimitar os aspectos que as unem e os que as separam no tocante à análise da autenticidade de documentos digitais. Os resultados demonstram que as áreas convergem no tocante ao uso de ferramentas, na compreensão do contexto jurídico no qual os documentos estão inseridos, na busca por identificar de forma imparcial o contexto de seus objetos digitais, na aplicação de conceitos e métodos semelhantes e na capacidade que seus profissionais possuem de atestar a integridade, autenticidade e confiabilidade de objetos digitais em audiência jurídica.
An emerging concern in relation to the importance of technology and social media in everyday life relates to their ability to facilitate online and offline stalking, domestic violence and escalation to homicide. However, there has been little empirical research or policing and policy attention to this domain. This study examined the extent to which there was evidence of the role of technology and cyberstalking in domestic homicide cases based on the analysis of 41 Domestic Homicide Review (DHR) documents, made available by the Home Office (UK). Three interviews were also conducted with victims or family members of domestic homicide in the UK. It aimed to develop a deeper understanding of the role of technology in facilitating these forms of victimisation to inform further development of investigative practice, risk assessment and safeguarding procedures. Key themes identified by the thematic analysis undertaken related to behavioural and psychological indicators of cyberstalking, evidence of the role of technology in escalation to homicide and the digital capabilities of law enforcement. Overall, the results indicated that: (1) there was evidence of technology and social media playing a facilitating role in these behaviours, (2) the digital footprints of victims and perpetrators were often overlooked in police investigations and the DHR process and (3) determining the involvement of technology in such cases is important for risk assessment and earlier intervention to prevent escalation of behaviour to domestic homicide. It also indicates the importance of further developing evidence-based approaches to preventing and responding for victims, the police and other practitioners.
Cryptography, in particular public-key cryptography, has emerged in the last 20 years as an important discipline that is not only the subject of an enormous amount of research, but provides the foundation for information security in many applications. Standards are emerging to meet the demands for cryptographic protection in most areas of data communications. Public-key cryptographic techniques are now in widespread use, especially in the financial services industry, in the public sector, and by individuals for their personal privacy, such as in electronic mail. This Handbook will serve as a valuable reference for the novice as well as for the expert who needs a wider scope of coverage within the area of cryptography. It is a necessary and timely guide for professionals who practice the art of cryptography. The Handbook of Applied Cryptography provides a treatment that is multifunctional: It serves as an introduction to the more practical aspects of both conventional and public-key cryptography It is a valuable source of the latest techniques and algorithms for the serious practitioner It provides an integrated treatment of the field, while still presenting each major topic as a self-contained unit It provides a mathematical treatment to accompany practical discussions It contains enough abstraction to be a valuable reference for theoreticians while containing enough detail to actually allow implementation of the algorithms discussed Now in its third printing, this is the definitive cryptography reference that the novice as well as experienced developers, designers, researchers, engineers, computer scientists, and mathematicians alike will use.
Forensics and information technology (IT) have become increasingly important to accountants and auditors. Undergraduate accounting students are introduced to general IT topics but discussion of forensic knowledge is limited. A few schools have introduced an undergraduate major in forensic accounting. Some graduate schools offer accounting students an emphasis in forensic or fraud accounting that includes instruction in forensics and information technology. When students do not view the IT topics as being equally important to their careers as traditional accounting topics, these attitudes may reduce the quality of the course. In an effort to assess student attitudes, a survey of 46 graduate accounting students was conducted to measure two dimensions − knowledge and skills and interest and enjoyment − along nine common topics found in a forensics IT course. The association of the two dimensions was then measured. Also, the relationship between IT attitudes and the nine topics was measured along both dimensions. Fifteen hypotheses are presented and tested. Results are discussed to posit what instructors can do in order to increase the quality of the class and the positive perception of IT for accounting students.
This article explores the use of contemporary archival diplomatics as a method of inquiry in two recent electronic records research projects, namely, The Protection of the Integrity of Electronic Records Project (the UBC Project) and the International Research on the Preservation of Authentic Records in Electronic Records Systems Project (the InterPARES 1 Project). The first part of the article examines the historical and contemporary literary warrant underpinning diplomatics as a method of inquiry; the second part provides case studies of two illustrative examples of the process and results of the application of contemporary archival diplomatics in the above-mentioned research projects; the third part considers the current status and possible future directions for the use of contemporary archival diplomatics as a research method and concludes with some observations about the value of multiple methods and alternative interpretive frameworks in archival research.
The book discusses the findings of the MAS/DOD project. The first two chapters focus on the concepts of record and authenticity in the digital environment. The other two chapter presents the requirement for a trustworthy digital recordkeeping system.