Forensic Focus
 
Web www.forensicfocus.com
Login or Register
HomeMy AccountBlogBasicsPapers/ArticlesForumsNewsletterEmail GroupInterviewsEventsTrainingDownloadsLinks
Subscribe to Feeds

Forensic News Jamie's Blog
Main Menu
MY ACCOUNT
COMMUNITY
RESOURCES
MISC
Forensic Focus

Forensic Focus

Copy and paste the text below to insert the button displayed above on your site. Thanks for your support!

Survey
Which of the following do you usually use for imaging evidence?




Results :: Polls

Votes: 23905
Comments: 0
Newsletter
Newsletter

You must be a
registered user
to receive our newsletter

Register Now!



Principles of computer forensics

The fundamental principles of computer forensics can be thought of as rules governing the way in which digital evidence is handled which allow such evidence to be admissible in court.

Immediately we can see that any attempt to define these principles is made difficult by the fact that legislation concerning digital evidence differs from country to country. Nevertheless, attempts have been made to standardise principles on an international basis and the following are commonly agreed upon:

- The act of collecting digital evidence should not result in any alteration of the data in question, wherever this is possible

- All handling of digital evidence (from collection through to preservation and analysis) must be fully documented

- Access to original digital evidence should be restricted to those deemed "forensically competent"

Each of the above principles require more detailed explanation to be properly appreciated and understood, and debate continues regarding their implementation. For example, how are situations where it is impossible to avoid the alteration of some data during evidence collection to be handled (e.g. during live analysis)? What does "fully documented" mean and how are details of an investigation to be recorded? How do you determine if someone is "forensically competent"?



User Info

Welcome Anonymous

Nickname

Membership:
Latest: hunter33
New Today: 0
New Yesterday: 2
Overall: 6215

People Online:
Members: 2
Visitors: 9
Bots: 6
Staff: 0
Staff Online:

No staff members are online!
Forensic Focus Blog
· Matthew Shannon, F-Response - Interview questions please!
· UK Criminal Justice Bill - Clause 62 (or is it 63, or 64?)
· Interview with David Sullivan, Appointments-UK
· Reporting (again) and interviews
· Reporting - time for standardization?
· Posts from the blogoshpere
· Site stats
· Why the hell is everything so expensive?
· The problem with power
· Licensing

read more...
This site needs YOU!

Write for Forensic Focus
LINK TO US

OR
WRITE FOR US
OR
START A BLOG

Blogs

Start Blogging

What is Computer Forensics?
Computer forensics (or forensic computing) is the use of specialized techniques for recovery, authentication, and analysis of electronic data with a view to presenting evidence in a court of law.
Top10 Downloads
  1: Forensic Examination of Digital Evidence: A Guide for Law Enforcement (pdf)
  2: Cache View
  3: ACPO Good Practice Guide for Computer based Electronic Evidence
  4: Electronic Crime Scene Investigation: A Guide for First Responders (pdf)
  5: PDA Forensic Tools:An Overview and Analysis
  6: Australasian Centre for Policing Research Best Practice Guide
  7: Autopsy Forensic Browser Version 2.03 (source code)
  8: Directors & Corporate Advisors' Guide to Digital Investigations and Evidence
  9: Recover My Files
  10: HELIX incident response CD

All logos and trademarks in this site are property of their respective owner. The comments are property of their posters, all the rest © 2008 Forensic Focus


Interactive software released under GNU GPL, Code Credits, Privacy Policy
.: fisubsilver shadow phpbb2 style by Daz :: CPG-Nuke port by norseman :: ported to CPG-Dragonfly by jamin :.