The Library
Implementing chain of custody requirements in database audit records for forensic purposes
Tools
Tools
Tools
Flores Armas, Denys and Jhumka, Arshad (2017) Implementing chain of custody requirements in database audit records for forensic purposes. In: The 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17), Sydney, Australia, 1-4 Aug 2017. Published in: Trustcom/BigDataSE/ICESS, 2017 IEEE ISBN 9781509049066. ISSN 2324-9013.
|
PDF
WRAP-implementing-chain-custody-requirements-database-audit-Flores-2017.pdf - Accepted Version - Requires a PDF viewer. Download (1601Kb) | Preview |
Official URL: https://doi.org/10.1109/Trustcom/BigDataSE/ICESS.2...
Abstract
During forensic database investigations, audit records become a crucial evidential element; particularly, when certain events can be attributed to insider activity. However, traditional reactive forensic methods may not be suitable, urging the adoption of proactive approaches that can be used to ensure accountability through audit records whilst satisfying Chain of Custody (CoC) requirements for forensic purposes. In this paper, role segregation, evidence provenance, event timeliness and causality are considered as CoC requirements in order to implement a forensically ready architecture for the proactive generation, collection and preservation of database audit records that can be used as digital evidence for the investigation of insider activity. Our proposal implements triggers and stored procedures as forensic routines in order to build a vector-clockbased timeline for explaining causality in transactional events recorded in audit tables. We expect to encourage further work in the field of proactive digital forensics and forensic readiness; in particular, for justifying admissibility of audit records under CoC restrictions.
| Item Type: | Conference Item (Paper) | ||||||
|---|---|---|---|---|---|---|---|
| Subjects: | Q Science > QA Mathematics > QA76 Electronic computers. Computer science. Computer software | ||||||
| Divisions: | Faculty of Science, Engineering and Medicine > Science > Computer Science | ||||||
| Library of Congress Subject Headings (LCSH): | Database security, Cyber intelligence (Computer security) | ||||||
| Journal or Publication Title: | Trustcom/BigDataSE/ICESS, 2017 IEEE | ||||||
| Publisher: | IEEE | ||||||
| ISBN: | 9781509049066 | ||||||
| ISSN: | 2324-9013 | ||||||
| Official Date: | 11 September 2017 | ||||||
| Dates: |
|
||||||
| Status: | Peer Reviewed | ||||||
| Publication Status: | Published | ||||||
| Access rights to Published version: | Restricted or Subscription Access | ||||||
| Date of first compliant deposit: | 10 August 2017 | ||||||
| Date of first compliant Open Access: | 11 August 2017 | ||||||
| Funder: | Ecuador. Secretaría de Educación Superior, Ciencia, Tecnología e Innovación, University of Warwick. Cyber Security Global Research Priorities | ||||||
| Conference Paper Type: | Paper | ||||||
| Title of Event: | The 16th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (IEEE TrustCom-17) | ||||||
| Type of Event: | Conference | ||||||
| Location of Event: | Sydney, Australia | ||||||
| Date(s) of Event: | 1-4 Aug 2017 | ||||||
| Related URLs: |
Request changes or add full text files to a record
Repository staff actions (login required)
 |
View Item |
Downloads
Downloads per month over past year
