DAUBNER, Lukáš and Raimundas MATULEVIČIUS. Risk-Oriented Design Approach For Forensic-Ready Software Systems. Online. In The 16th International Conference on Availability, Reliability and Security (ARES 2021). New York, NY, USA: Association for Computing Machinery, 2021, p. 1-10. ISBN 978-1-4503-9051-4. Available from: https://dx.doi.org/10.1145/3465481.3470052.
Other formats:   BibTeX LaTeX RIS
Basic information
Original name Risk-Oriented Design Approach For Forensic-Ready Software Systems
Authors DAUBNER, Lukáš (203 Czech Republic, guarantor, belonging to the institution) and Raimundas MATULEVIČIUS.
Edition New York, NY, USA, The 16th International Conference on Availability, Reliability and Security (ARES 2021), p. 1-10, 10 pp. 2021.
Publisher Association for Computing Machinery
Other information
Original language English
Type of outcome Proceedings paper
Field of Study 10200 1.2 Computer and information sciences
Country of publisher United States of America
Confidentiality degree is not subject to a state or trade secret
Publication form electronic version available online
RIV identification code RIV/00216224:14330/21:00122160
Organization unit Faculty of Informatics
ISBN 978-1-4503-9051-4
Doi http://dx.doi.org/10.1145/3465481.3470052
UT WoS 000749539200096
Keywords in English Forensic Readiness; Forensic-Ready Software Systems; Information System Security Risk Management
Tags best
Tags International impact, Reviewed
Changed by Changed by: RNDr. Pavel Šmerk, Ph.D., učo 3880. Changed: 14/6/2022 11:56.
Abstract
Digital forensic investigation is a complex and time-consuming activity in response to a cybersecurity incident or cybercrime to answer questions related to it. These typically are what happened, when, where, how, and who is responsible. However, answering them is often very laborious and sometimes outright impossible due to a lack of useable data. The forensic-ready software systems are designed to produce valuable on-point data for use in the investigation with potentially high evidence value. Still, the particular ways to develop these systems are currently not explored. This paper proposes consideration of forensic readiness within security risk management to refine specific requirements on forensic-ready software systems. The idea is to re-evaluate the taken security risk decisions with the aim to provide trustable data when the security measures fail. Additionally, it also considers possible disputes, which the digital evidence can solve. Our proposed approach, risk-oriented forensic-ready design, composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidence sources and their relationship. Together they are aimed to provide a high-level overview of the forensic-ready requirements within the system. Finally, the approach is demonstrated on an automated valet parking scenario, followed by a discussion regarding its impact and usefulness within the forensic readiness effort.
Links
CZ.02.1.01/0.0/0.0/16_019/0000822, interní kód MU
(CEP code: EF16_019/0000822)		Name: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur (Acronym: C4e)
Investor: Ministry of Education, Youth and Sports of the CR, CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence, Priority axis 1: Strengthening capacities for high-quality research
EF16_019/0000822, research and development projectName: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur
PrintDisplayed: 24/8/2024 16:19