Risk-Oriented Design Approach For Forensic-Ready Software Systems
The result's identifiers
Result code in IS VaVaI
<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F21%3A00122160" target="_blank" >RIV/00216224:14330/21:00122160 - isvavai.cz</a>
Result on the web
<a href="http://dx.doi.org/10.1145/3465481.3470052" target="_blank" >http://dx.doi.org/10.1145/3465481.3470052</a>
DOI - Digital Object Identifier
<a href="http://dx.doi.org/10.1145/3465481.3470052" target="_blank" >10.1145/3465481.3470052</a>
Alternative languages
Result language
angličtina
Original language name
Risk-Oriented Design Approach For Forensic-Ready Software Systems
Original language description
Digital forensic investigation is a complex and time-consuming activity in response to a cybersecurity incident or cybercrime to answer questions related to it. These typically are what happened, when, where, how, and who is responsible. However, answering them is often very laborious and sometimes outright impossible due to a lack of useable data. The forensic-ready software systems are designed to produce valuable on-point data for use in the investigation with potentially high evidence value. Still, the particular ways to develop these systems are currently not explored. This paper proposes consideration of forensic readiness within security risk management to refine specific requirements on forensic-ready software systems. The idea is to re-evaluate the taken security risk decisions with the aim to provide trustable data when the security measures fail. Additionally, it also considers possible disputes, which the digital evidence can solve. Our proposed approach, risk-oriented forensic-ready design, composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidence sources and their relationship. Together they are aimed to provide a high-level overview of the forensic-ready requirements within the system. Finally, the approach is demonstrated on an automated valet parking scenario, followed by a discussion regarding its impact and usefulness within the forensic readiness effort.
Czech name
—
Czech description
—
Classification
Type
D - Article in proceedings
CEP classification
—
OECD FORD branch
10200 - Computer and information sciences
Result continuities
Project
<a href="/en/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence</a><br>
Continuities
P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach
Others
Publication year
2021
Confidentiality
S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů
Data specific for result type
Article name in the collection
The 16th International Conference on Availability, Reliability and Security (ARES 2021)
ISBN
9781450390514
ISSN
—
e-ISSN
—
Number of pages
10
Pages from-to
„ArticleNo.:48“
Publisher name
Association for Computing Machinery
Place of publication
New York, NY, USA
Event location
Vienna, Austria
Event date
Jan 1, 2021
Type of event by nationality
WRD - Celosvětová akce
UT code for WoS article
—