DEVELOPMENT OF A SECURE STORAGE ARCHITECTURE FOR DIGITAL EVIDENCE.
Saved in:
| Title: | DEVELOPMENT OF A SECURE STORAGE ARCHITECTURE FOR DIGITAL EVIDENCE. |
|---|---|
| Alternate Title: | РОЗРОБКА АРХІТЕКТУРИ БЕЗПЕЧНОГО СХОВИЩА ДЛЯ ЦИФРОВИХ ДОКАЗІВ. |
| Authors: | Larchenko, Maryna1,2 urlinka2006@gmail.com |
| Source: | Technology Audit & Production Reserves. 2025, Vol. 3 Issue 2(83), p33-43. 11p. |
| Subject Terms: | *DIGITAL forensics, *ELECTRONIC evidence, *VIRTUAL machine systems, *LAW enforcement agencies, *DIGITAL preservation |
| Abstract: | The object of the study is the process of generating, transmitting, and storing memory dumps within digital forensics. The problem being addressed is the insufficient level of security of existing methods of transmitting and storing digital evidence, which can lead to their compromise, loss of authenticity, and inadmissibility in court proceedings. As a result of the conducted research, an architecture for secure storage of digital evidence was developed, providing protection at the stages of acquisition, transportation, storage, and further analysis of memory dumps. A cross-platform Python script for automated memory dump acquisition was proposed, as well as a mechanism for secure transportation of evidence using cryptographic protection through the SCP protocol and authentication. The effectiveness of the combined use of SSH encryption, creation of file system containers in "read-only" mode, mandatory logging of all actions with digital evidence, and an integrated hash-checking mechanism for data integrity verification was demonstrated. The effectiveness of the proposed approach was assessed based on process modeling in a test environment. In particular, the collected memory dumps were transferred using a custom Python script using a "safe corridor" from the Kali Linux virtual machine to the Caine virtual machine to the created container in "read-only" mode. The integrity of the files after transportation and storage was checked using a hash sum comparison. A distinctive feature of the proposed model is a comprehensive approach to digital evidence protection, combining technical and organizational measures to ensure the authenticity and integrity of data. This allows solving the problem of compromising digital evidence and guarantees its judicial admissibility. The results obtained are explained by the implementation of cryptographic methods and compliance with digital forensics standards. The proposed methodology can be used in the practice of law enforcement agencies, forensic experts, as well as in the development of national standards for the preservation of digital evidence. The storage model complies with international security standards and can be adapted to the specific requirements of judicial proceedings in Ukraine. [ABSTRACT FROM AUTHOR] |
| Database: | Academic Search Index |
Nájsť tento článok vo Web of Science Be the first to leave a comment!