Towards the Development of an Integrated Incident Response Model for Database Forensic Investigation FieldShow others and affiliations
2020 (English)In: IEEE Access, E-ISSN 2169-3536, Vol. 8, p. 145018-145032
Article in journal (Refereed) Published
Abstract [en]
For every contact that is made in a database, a digital trace will potentially be left and most of the database breaches are mostly aimed at defeating the major security goals (Confidentiality, Integrity, and Authenticity) of data that reside in the database. In order to prove/refute a fact during litigation, it is important to identify suitable investigation techniques that can be used to link a potential incident/suspect to the digital crime. As a result, this paper has proposed suitable steps of constructing and Integrated Incident Response Model (IIRM) that can be relied upon in the database forensic investigation field. While developing the IIRM, design science methodology has been adapted and the outcome of this study has shown significant and promising approaches that could be leveraged by digital forensic experts, legal practitioners and law enforcement agencies. This is owing to the fact, that IIRM construction has followed incident investigation principles that are stipulated in ISO guidelines.
Place, publisher, year, edition, pages
IEEE, 2020. Vol. 8, p. 145018-145032
Keywords [en]
Database security, database forensics investigation, database incident, pre-incident response, during-incident response, post-incident response
National Category
Law and Society
Identifiers
URN: urn:nbn:se:mau:diva-18290DOI: 10.1109/ACCESS.2020.3008696ISI: 000560328600001Scopus ID: 2-s2.0-85090275743OAI: oai:DiVA.org:mau-18290DiVA, id: diva2:1469575
2020-09-222020-09-222024-09-17Bibliographically approved