Skip to content Skip to navigation
University of Warwick
  • Study
  • |
  • Research
  • |
  • Business
  • |
  • Alumni
  • |
  • News
  • |
  • About

University of Warwick
Publications service & WRAP

Highlight your research

  • WRAP
    • Home
    • Search WRAP
    • Browse by Warwick Author
    • Browse WRAP by Year
    • Browse WRAP by Subject
    • Browse WRAP by Department
    • Browse WRAP by Funder
    • Browse Theses by Department
  • Publications Service
    • Home
    • Search Publications Service
    • Browse by Warwick Author
    • Browse Publications service by Year
    • Browse Publications service by Subject
    • Browse Publications service by Department
    • Browse Publications service by Funder
  • Help & Advice
University of Warwick

The Library

  • Login
  • Admin

Implementing chain of custody requirements in database audit records for forensic purposes

Tools
- Tools
+ Tools

Flores Armas, Denys and Jhumka, Arshad (2017) Implementing chain of custody requirements in database audit records for forensic purposes. In: The 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17), Sydney, Australia, 1-4 Aug 2017. Published in: Trustcom/BigDataSE/ICESS, 2017 IEEE ISBN 9781509049066. ISSN 2324-9013.

[img]
Preview
PDF
WRAP-implementing-chain-custody-requirements-database-audit-Flores-2017.pdf - Accepted Version - Requires a PDF viewer.

Download (1601Kb) | Preview
Official URL: https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2...

Request Changes to record.

Abstract

During forensic database investigations, audit records become a crucial evidential element; particularly, when certain events can be attributed to insider activity. However, traditional reactive forensic methods may not be suitable, urging the adoption of proactive approaches that can be used to ensure accountability through audit records whilst satisfying Chain of Custody (CoC) requirements for forensic purposes. In this paper, role segregation, evidence provenance, event timeliness and causality are considered as CoC requirements in order to implement a forensically ready architecture for the proactive generation, collection and preservation of database audit records that can be used as digital evidence for the investigation of insider activity. Our proposal implements triggers and stored procedures as forensic routines in order to build a vector-clockbased timeline for explaining causality in transactional events recorded in audit tables. We expect to encourage further work in the field of proactive digital forensics and forensic readiness; in particular, for justifying admissibility of audit records under CoC restrictions.

Item Type: Conference Item (Paper)
Subjects: Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software
Divisions: Faculty of Science, Engineering and Medicine > Science > Computer Science
Library of Congress Subject Headings (LCSH): Database security, Cyber intelligence (Computer security)
Journal or Publication Title: Trustcom/BigDataSE/ICESS, 2017 IEEE
Publisher: IEEE
ISBN: 9781509049066
ISSN: 2324-9013
Official Date: 11 September 2017
Dates:
DateEvent
11 September 2017Published
15 May 2017Accepted
Status: Peer Reviewed
Publication Status: Published
Access rights to Published version: Restricted or Subscription Access
Funder: Ecuador. Secretaría de Educación Superior, Ciencia, Tecnología e Innovación, University of Warwick. Cyber Security Global Research Priorities
Conference Paper Type: Paper
Title of Event: The 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17)
Type of Event: Conference
Location of Event: Sydney, Australia
Date(s) of Event: 1-4 Aug 2017
Related URLs:
  • Organisation

Request changes or add full text files to a record

Repository staff actions (login required)

View Item View Item

Downloads

Downloads per month over past year

View more statistics

twitter

Email us: wrap@warwick.ac.uk
Contact Details
About Us