Forensic experts' view of forensic-ready software systems: A qualitative study

Kód výsledku v IS VaVaI

<a href="https://www.isvavai.cz/riv?ss=detail&h=RIV%2F00216224%3A14330%2F23%3A00131216" target="_blank" >RIV/00216224:14330/23:00131216 - isvavai.cz</a>

Výsledek na webu

<a href="https://onlinelibrary.wiley.com/doi/abs/10.1002/smr.2598" target="_blank" >https://onlinelibrary.wiley.com/doi/abs/10.1002/smr.2598</a>

DOI - Digital Object Identifier

<a href="http://dx.doi.org/10.1002/smr.2598" target="_blank" >10.1002/smr.2598</a>

Jazyk výsledku

angličtina

Název v původním jazyce

Forensic experts' view of forensic-ready software systems: A qualitative study

Popis výsledku v původním jazyce

Abstract Software engineers widely acknowledge the inclusion of security requirements in the early stages of the development process. However, the need to prepare the software for the failure of the implemented security controls and subsequent investigation of the incident is often not discussed. Forensic-ready software systems represent an evolution of secure systems being designed for the eventual digital forensic investigation. However, their exact properties remain largely unexplored, beyond preliminary high-level conceptualizations of requirements and capabilities. Further obstacles hindering the adoption of forensic-ready software systems are the different priorities and goals of involved parties and a gap in the digital forensics expertise of software engineers. In this paper, we conduct an empirical qualitative study identifying the problems and needs of forensic readiness while framing the notion of an ideal forensic-ready software system and how it should treat potential evidence. To this end, we conducted semisupervised interviews with digital forensics experts on their idea, experience, and suggestions. The results provide insights into the needs of the experts to facilitate the definition of correct requirements towards forensic-ready software systems to support the anticipated investigations properly.

Název v anglickém jazyce

Forensic experts' view of forensic-ready software systems: A qualitative study

Popis výsledku anglicky

Abstract Software engineers widely acknowledge the inclusion of security requirements in the early stages of the development process. However, the need to prepare the software for the failure of the implemented security controls and subsequent investigation of the incident is often not discussed. Forensic-ready software systems represent an evolution of secure systems being designed for the eventual digital forensic investigation. However, their exact properties remain largely unexplored, beyond preliminary high-level conceptualizations of requirements and capabilities. Further obstacles hindering the adoption of forensic-ready software systems are the different priorities and goals of involved parties and a gap in the digital forensics expertise of software engineers. In this paper, we conduct an empirical qualitative study identifying the problems and needs of forensic readiness while framing the notion of an ideal forensic-ready software system and how it should treat potential evidence. To this end, we conducted semisupervised interviews with digital forensics experts on their idea, experience, and suggestions. The results provide insights into the needs of the experts to facilitate the definition of correct requirements towards forensic-ready software systems to support the anticipated investigations properly.

Druh

J_imp - Článek v periodiku v databázi Web of Science

CEP obor

—

OECD FORD obor

10200 - Computer and information sciences

Projekt

<a href="/cs/project/EF16_019%2F0000822" target="_blank" >EF16_019/0000822: Centrum excelence pro kyberkriminalitu, kyberbezpečnost a ochranu kritických informačních infrastruktur</a><br>

Návaznosti

P - Projekt vyzkumu a vyvoje financovany z verejnych zdroju (s odkazem do CEP)<br>S - Specificky vyzkum na vysokych skolach

Rok uplatnění

2023

Kód důvěrnosti údajů

S - Úplné a pravdivé údaje o projektu nepodléhají ochraně podle zvláštních právních předpisů

Název periodika

Journal of Software: Evolution and Process

ISSN

2047-7481

e-ISSN

—

Svazek periodika

Neuveden

Číslo periodika v rámci svazku

e2598

Stát vydavatele periodika

US - Spojené státy americké

Počet stran výsledku

23

Strana od-do

1-23

Kód UT WoS článku

001026921200001

EID výsledku v databázi Scopus

2-s2.0-85163320859