Specifying digital forensics: A forensics policy approach

Authors:
Carol Taylor;Barbara Endicott-Popovsky;Deborah A. Frincke
Affiliations:
University of Idaho, Computer Science Department, Moscow, ID 83844, United States;Center of Information Assurance and Cybersecurity, Box 354985, University of Washington, Seattle, WA 98105, United States;Pacific Northwest National Laboratory, Richland, WA 99352, United States
Venue:
Digital Investigation: The International Journal of Digital Forensics & Incident Response
Year:
2007

Citing 0
Cited 1

A method for reducing the risk of errors in digital forensic investigations

CMS'12 Proceedings of the 13th IFIP TC 6/TC 11 international conference on Communications and Multimedia Security

Quantified Score

Hi-index	0.00

Visualization

Abstract

In this paper we present an approach to digital forensics specification based on forensic policy definition. Our methodology borrows from computer security policy specification, which has accumulated a significant body of research over the past 30 years. We first define the process of specifying forensics properties through a forensics policy and then present an example application of the process. This approach lends itself to formal policy specification and verification, which would allow for more clarity and less ambiguity in the specification process.