A Case Study on the Impact of Forensic-Ready Information Systems on the Security Posture

Daubner,  Lukáš; Matulevicius, Raimundas; Bühnová,  Barbora; Antol,  Matej; Růžička,  Michal; Pitner,  Tomáš

A Case Study on the Impact of Forensic-Ready Information Systems on the Security Posture

Warning

This publication doesn't include Institute of Computer Science. It includes Faculty of Informatics. Official publication website can be found on muni.cz.

Authors	DAUBNER Lukáš MATULEVICIUS Raimundas BÜHNOVÁ Barbora ANTOL Matej RŮŽIČKA Michal PITNER Tomáš
Year of publication	2023
Type	Article in Proceedings
Conference	Advanced Information Systems Engineering
MU Faculty or unit	Faculty of Informatics
Citation
Web	https://link.springer.com/chapter/10.1007/978-3-031-34560-9_31
Doi	http://dx.doi.org/10.1007/978-3-031-34560-9_31
Keywords	Forensic Readiness;Forensic-Ready Systems;Risk Management;Information Security;Digital Forensics
Description	While approaches aimed at developing forensic-ready systems are starting to emerge, it is still primarily a theoretical concept. This paper presents a case study of integrating forensic readiness capabilities into SensitiveCloud, an information system for storing and processing sensitive data. A risk-based approach to forensic readiness design is followed to achieve it. Consequently, weaknesses in both processes and systems are identified, and forensic readiness requirements are formulated. This case study reports on lessons learned in a practical implementation of a forensic-ready system, its impact on security, and its support towards ISO/IEC 27k.
Related projects:	CyberSecurity, CyberCrime and Critical Information Infrastructures Center of Excellence e-Infrastruktura CZ Cyber-security Excellence Hub in Estonia and South Moravia (CHESS) Zapojení studentů Fakulty informatiky do mezinárodní vědecké komunity 23