A privacy-preserving approach for collecting evidence in forensic investigation
Capturing digital evidence is crucial for counteracting against computer and cyber crimes. The technique of cloning the whole harddisk (for single PC) for investigation is not feasible in large sharing systems (e.g. in a third-party email server, data center or cloud system). Privay is also a major...
Gespeichert in:
Veröffentlicht in: | International journal of cyber-security and digital forensics 2013-01, Vol.2 (1), p.70 |
---|---|
Hauptverfasser: | , , , |
Format: | Artikel |
Sprache: | eng |
Schlagworte: | |
Online-Zugang: | Volltext |
Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
Zusammenfassung: | Capturing digital evidence is crucial for counteracting against computer and cyber crimes. The technique of cloning the whole harddisk (for single PC) for investigation is not feasible in large sharing systems (e.g. in a third-party email server, data center or cloud system). Privay is also a major concern as most of the data in these systems is not relevant to the crime case. The problem is how to retrieve the relevant information without the investigator knowing other irrelevant data while the server administrator does not know what the investigator is searching. To solve this problem, Hou et al. modelled the problem as a secure keyword searching problem and proposed a number of encryption-based schemes. While the schemes are theoretically sound, the efficiency is a concern. Besides, there are several shortcomings in their schemes. Data integrity and authenticity are not considered; re-encryption for each investigator is needed if there are multiple investigators. In this paper, we solve the same problem using the technique of secret sharing to improve efficiency. By exploiting the homomorphic property of the secret sharing schemes, data integrity and authenticity can be guaranteed using digital signature. Our solution can also handle multiple investigators more efficiently. We showed that our solution is more efficient by experiments and comparing the number of operations required by our solution with some existing work. KEYWORDS Confidential forensic investigation, Chinese Remainder Theorem, secret sharing, homomorphism property, third-party neutral |
---|---|
ISSN: | 2305-0012 2305-0012 |