Protecting Digital Data Privacy in Computer Forensic Examination

Privacy is a fundamental human right defined in the Universal Declaration of Human Rights. To enable the protection of data privacy, personal data that are not related to the investigation subject should be excluded during computer forensic examination. In the physical world, protection of privacy is controlled and regulated in most countries by laws. Legislation for handling private data has been established in various jurisdictions. In the modern world, the massive use of computers generates a huge amount of private data and there is correspondingly an increased expectation to recognize and respect human rights in digital investigation. However, there does not exist a forensically sound model for protecting private data in the context of digital investigation, and it poses a threat to privacy if the investigation involves the processing of such kind of data. In this paper, we try to address this important issue and present a cryptographic model designed to be incorporated into the current digital investigation framework, thereby adding a possible way to protect data privacy in digital investigation.

[1]  Eoghan Casey,et al.  Digital Evidence and Computer Crime , 2000 .

[2]  Dawn Xiaodong Song,et al.  Practical techniques for searches on encrypted data , 2000, Proceeding 2000 IEEE Symposium on Security and Privacy. S&P 2000.

[3]  Richard J. Lipton,et al.  A Revocable Backup System , 1996, USENIX Security Symposium.

[4]  Rafail Ostrovsky,et al.  Public Key Encryption with Keyword Search , 2004, EUROCRYPT.

[5]  Eugene H. Spafford,et al.  Getting Physical with the Digital Investigation Process , 2003, Int. J. Digit. EVid..

[6]  Orin S. Kerr Searches and Seizures in a Digital World , 2005 .

[7]  Lorrie Faith Cranor,et al.  Counter-forensic privacy tools : a forensic evaluation , 2005 .

[8]  Lorrie Faith Cranor,et al.  Scrubbing Stubborn Data: An Evaluation of Counter-Forensic Privacy Tools , 2006, IEEE Security & Privacy.

[9]  Kihyun Kim,et al.  Public Key Encryption with Conjunctive Field Keyword Search , 2004, WISA.

[10]  Brent Waters,et al.  Secure Conjunctive Keyword Search over Encrypted Data , 2004, ACNS.

[11]  R.S.C. Ieong How to Balance Privilege and Digital Forensics Investigation , 2007 .

[12]  Eu-Jin Goh,et al.  Secure Indexes , 2003, IACR Cryptol. ePrint Arch..

[13]  Brian D. Carrier,et al.  File System Forensic Analysis , 2005 .

[14]  Gerome Miklau,et al.  Threats to privacy in the forensic analysis of database systems , 2007, SIGMOD '07.

[15]  H. C. Leung,et al.  Deriving cse-specific live forensics investigation procedures from FORZA , 2007, SAC '07.

[16]  Abhi Shelat,et al.  Remembrance of Data Passed: A Study of Disk Sanitization Practices , 2003, IEEE Secur. Priv..