By Topic

Towards a Digital Forensic Readiness Framework for Public Key Infrastructure systems

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Valjarevic, A. ; Dept. of Comput. Sci., Univ. of Pretoria, Pretoria, South Africa ; Venter, H.S.

The Public Key Infrastructure (PKI) is a set of hardware, software, people, policies, and procedures needed to create, manage, store, distribute, and revoke digital certificates [18]. PKI systems are today one of the most accepted and used technologies to enable successful implementation of information systems security services such as authentication and confidentiality. Digital forensics is a branch of forensic science encompassing the recovery and investigation of material found in digital devices, often in relation to computer crime [2][3]. A forensic investigation of digital evidence is commonly employed as a post-event response to a serious information security incident. In fact, there are many circumstances where an organization may benefit from an ability to gather and preserve digital evidence before an incident occurs. Digital forensic readiness enables an organization to maximize its potential to use digital evidence whilst minimizing the costs of an investigation [7]. The problem that this paper addresses is that there is no Digital Forensic Readiness Framework for PKI systems, thus not enabling an implementation of Digital Forensic Readiness measures to PKI systems. This paper focuses on defining the basic postulates of a Digital Forensic Readiness Framework for PKI systems. The authors investigate a model that can be proposed to accomplish this and also certain policies, guidelines and procedures which can be followed. When proposing the framework the authors take into account requirements for preserving or improving information security and not to interfere with the existing PKI systems' business processes.

Published in:

Information Security South Africa (ISSA), 2011

Date of Conference:

15-17 Aug. 2011