Pub Date : 1900-01-01DOI: 10.4018/978-1-7998-2444-2.ch001
E. Casey, Hannes Spichiger, Elénore Ryser, Francesco Servida, D. Jaquet-Chiffelle
IoT devices produce information that can be used in criminal investigations and cybersecurity incidents to make inferences about identities, locations, chronologies, and relationships between relevant entities. Before this information is relied upon to make critical decisions, its veracity must be assessed critically, and the link between virtual and physical worlds must be evaluated carefully. This chapter presents the forensic science principles needed to exploit the full potential of IoT traces, including uniqueness, exchange, provenance, integrity, reliability, repeatability, evaluating links between virtual and physical entities, and formally assessing alternative hypotheses. This chapter also discusses core forensic processes and activities, demonstrating their application to forensic analysis of IoT devices using practical examples. A typology of IoT traces is proposed and their usefulness during an investigation is discussed. Finally, an investigative scenario is presented to illustrate the opportunities and challenges of exploiting IoT devices and traces for investigative and forensic purposes.
{"title":"IoT Forensic Science","authors":"E. Casey, Hannes Spichiger, Elénore Ryser, Francesco Servida, D. Jaquet-Chiffelle","doi":"10.4018/978-1-7998-2444-2.ch001","DOIUrl":"https://doi.org/10.4018/978-1-7998-2444-2.ch001","url":null,"abstract":"IoT devices produce information that can be used in criminal investigations and cybersecurity incidents to make inferences about identities, locations, chronologies, and relationships between relevant entities. Before this information is relied upon to make critical decisions, its veracity must be assessed critically, and the link between virtual and physical worlds must be evaluated carefully. This chapter presents the forensic science principles needed to exploit the full potential of IoT traces, including uniqueness, exchange, provenance, integrity, reliability, repeatability, evaluating links between virtual and physical entities, and formally assessing alternative hypotheses. This chapter also discusses core forensic processes and activities, demonstrating their application to forensic analysis of IoT devices using practical examples. A typology of IoT traces is proposed and their usefulness during an investigation is discussed. Finally, an investigative scenario is presented to illustrate the opportunities and challenges of exploiting IoT devices and traces for investigative and forensic purposes.","PeriodicalId":320924,"journal":{"name":"Applied Approach to Privacy and Security for the Internet of Things","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134512214","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 1900-01-01DOI: 10.4018/978-1-7998-2444-2.ch010
M. K. Srivastav
Security of information is always a challenging domain for any computer network organization. An organization always sets different types of policies with the course of time so that no information can be leaked. Some external or some internal factors of an organization play important roles in revealing the information. An organization mainly depends on its employees. An employee manages the data and information and there exists some chance among employees to reveal the data. There is need to study and set policies for employees so that no full information can be revealed. Information security management system (ISMS) has collection of different types of policies and procedures for systematically managing organizationally sensitive data. ISMSs have to deal with management of employees of an organization to minimize the risk of revealing information. This chapter studies employee management so that an organization can continue its business securely.
{"title":"Information Security Management System","authors":"M. K. Srivastav","doi":"10.4018/978-1-7998-2444-2.ch010","DOIUrl":"https://doi.org/10.4018/978-1-7998-2444-2.ch010","url":null,"abstract":"Security of information is always a challenging domain for any computer network organization. An organization always sets different types of policies with the course of time so that no information can be leaked. Some external or some internal factors of an organization play important roles in revealing the information. An organization mainly depends on its employees. An employee manages the data and information and there exists some chance among employees to reveal the data. There is need to study and set policies for employees so that no full information can be revealed. Information security management system (ISMS) has collection of different types of policies and procedures for systematically managing organizationally sensitive data. ISMSs have to deal with management of employees of an organization to minimize the risk of revealing information. This chapter studies employee management so that an organization can continue its business securely.","PeriodicalId":320924,"journal":{"name":"Applied Approach to Privacy and Security for the Internet of Things","volume":"45 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128689087","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: