1 / 11

FORZA – Digital Forensics Investigation Framework that Incorporate Legal Issues

FORZA – Digital Forensics Investigation Framework that Incorporate Legal Issues. Eric Ly. Digital Forensics?. What is it? - It is a process, not an elephant, and it is not just one single process, but a group of tasks and processes in an investigation. Fundamental Principles. -IT Security

keely-robles
Download Presentation

FORZA – Digital Forensics Investigation Framework that Incorporate Legal Issues

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. FORZA – Digital Forensics Investigation Framework thatIncorporate Legal Issues Eric Ly

  2. Digital Forensics? What is it? - It is a process, not an elephant, and it is not just one single process, but a group of tasks and processes in an investigation.

  3. Fundamental Principles -IT Security - Confidentiality - Integrity - Availability -Digital Forensic - Reconnaissance - Reliability - Relevancy

  4. RRR Reconnaissance - Collect, recover, decode, discover, extract, analyze and convert data that is kept on different storage media to readable evidence. Reliability - If the integrity of the evidence and the person relationship with the evidence is accepted as digital forensics, then it can be reliable in court. Relevancy - Even if evidence is admissible, relevancy of the evidence with the case affects the weight and usefulness of the evidence. Use a legal practitioner to advise what should be collected, to reduce time and cost in investigation.

  5. FORZA Framework • Eight Roles • Case leader • System/business owner • Legal advisor • Security/system architect/auditor • Digital forensics specialist • Digital forensics investigator/system administrator/operator • Digital forensics analyst • Legal prosecutor

  6. FORZA Framework cont.

  7. FORZA Framework cont. • To bind roles, responsibilities and procedures together, a technology-independent digital forensics investigation framework would be required. • Created by Zachman: FORensics ZAchman framework (FORZA) • Each role or layers in this framework are interconnected to each other through sets of six categories of questions: • What • Why • How • Who • Where • When

  8. Role example: Legal Advisor • Legal objectives (Why) • What is the purpose of the dispute? • Legal background and preliminary issues (What) • What data should be collected? • Legal procedures for further investigation (How) • Is any warrant, search warrant required? • Legal geography (Where) • Is that within jurisdiction of the country? • Legal entities and participants (Who) • Who is/are the claimant/respondent? • Legal timeframe (When) • What is the time limit of the case?

  9. End • Web hacking case • Questions?

  10. Reference Ieong, Ricci S.C. "FORZA – Digital Forensics Investigation Framework That Incorporate Legal Issues." Digital Investigation 3 (2006): 29-36. Web. 31 Oct. 2013. <http://dfrws.org/2006/proceedings/4-Ieong.pdf>.

More Related