R. Proaño, A. Gavilanes Molina
Assurance the security of information, information systems, services and networks implies socializing, also knowing how to respond to an event where such information security has been violated and how manage the identified digital evidence. The present paper is a solution, based on international standards and complying with the current Law of Ecuador. Digital evidence will be identified at the scene of a computer incident by the authorized persons. The authorization must indicate what motivates, authorizes and limits the identification of evidence. The phase of obtaining the digital evidence identified will depend on the established internal circumstances and policies. The preservation of the objective evidence is carried out through chain of custody, the verifiable, complete and reliable results are reported. The previously described strategy was applied as a case study to the incidents of violation of logical securities. The digital evidence found in the place was recognized, extracted, preserved and informed about. Throughout the process, the chain of custody was implemented, which assurance the integrity and reliability of the data. In each phase it was recorded as, when, where and who manipulated both digital signs and digital devices.
Diff selection: Mark the radio boxes of the revisions to compare and hit enter or the button at the bottom.
Legend: (cur) = difference with latest revision, (prev) = difference with preceding revision, m = minor edit.
Published on 01/01/2018
Volume 9, Issue 1, 2018DOI: 10.29019/enfoqueute.v9n1.229Licence: CC BY-NC-SA license
Views 1Recommendations 0
Are you one of the authors of this document?