Formalization of the processing of electronic traces

Author: Lathoud, Bertrand

Source: International Review of Law, Computers & Technology, Volume 18, Number 2, July 2004 , pp. 185-192(8)

Publisher: Routledge, part of the Taylor & Francis Group

Buy & download fulltext article:

Price: $49.55 plus tax (Refund Policy)

Abstract:

Although the traditional way to mitigate malicious incidents in real Information Systems (IS) of organizations was essentially internal, it is now more and more frequent to see criminal investigation taking place. For different reasons that will be exposed in this text, a better collaboration between forensic investigators and IS managers has to be reached, and it can be done through an approach that could and should benefit both sides. The article will see in the first part what are the relevant problematics, then will propose some possible solutions, before describing which rewards can be effectively earned by IS managers that would have implemented such solutions in their systems. It will involve in particular, the formal description of the processes of management and handling of computer related traces, to make them simultaneously compliant with investigation constraints and security management needs. It will also describe what could be a formal process of selecting which computer related traces are the most useful to both activities (investigation and security management). This selection should be done in order to avoid information overload, and resources consumption that could be caused by the storing of all computer related traces generated by an IS.

Document Type: Research article

DOI: http://dx.doi.org/10.1080/1360086042000223490

Publication date: 2004-07-01

More about this publication?