In this paper we present an approach to digital forensics specification based on forensic policy definition. Our methodology borrows from computer security policy specification, which has accumulated a significant body of research over the past 30 years. We first define the process of specifying forensics properties through a forensics policy and then present an example application of the process. This approach lends itself to formal policy specification and verification, which would allow for more clarity and less ambiguity in the specification process
Revised: July 16, 2010 |
Published: September 1, 2007
Citation
Taylor C., C. Taylor, B. Popovsky, and D.A. Frincke. 2007.Specifying digital forensics: A forensics policy approach.Digital Investigation 4, no. Supplement 1:S101-S104.PNNL-SA-61479.doi:10.1016/j.diin.2007.06.006