Verifiable integrity of digital evidence / Firewalls

Digital evidence is also referred to as electronic evidence. It refers to that information which is corroborative and is kept and conveyed through the digital platform. Digital evidence can be used during trial in a court proceeding. The court will, however, have to first establish the authenticity, relevance, and originality of the evidence. This means that the integrity of the digital evidence has to be preserved if it is to be legally used in the court. Use of digital evidence includes the forensic examination of e-mails, Automated Teller Machine transactions, instant messages, GPRS system, hotel bookings, computer storage, cloud storage and all forms of digital media (Casey, 2010).

Many countries have come up with constitutional laws governing the use of digital evidence. The two main challenges are that digital evidence is capacious and is easily modified. The big question then becomes, how digital evidence can be preserved. As much as legislators may claim to have played their roles in enacting laws to govern digital evidence, much still needs to done to preserve it. This is because, just in the course of collecting the evidence, it can be completely damaged. The process of preservation of the verifiable integrity of digital evidence begins with ensuring the first officer who arrives at the scene collects all the computers and any other digital machines on the site and delivering them to the evidence laboratory.  The forensics officer in the lab should immediately extract a copy of all the available evidence. As the evidence is validated time and again as it changes hands from the collecting to the extracting and to the testifying officer it is preserved. At the point where one of these cannot account for the evidence, then the digital evidence becomes spurious (Casey, 2010). Everyone who handles the evidence should also keep in print chronicles of when they received the data and when they passed it on to the next person. These will form the evidence log which becomes very key in monitoring how the evidence has changed hands thus making it easy to authenticate it. Finally, the evidence should always be kept in a securely locked room or locker in any case when it is not in use. In the case of hacking, connected the hacked computer to another and copying the digital evidence through a private network is the best way to preserve the evidence.

Where the digital evidence has been modified, it can be proven through the following ways. First, check the unique Hash value of the each file in the evidence to ensure that it is not altered in any way. The unique Hash value can be used in calculating the MD5 value which can then be included whenever sharing the digital evidence files.

A firewall is a computer software used in screening out hackers and viruses from getting into the computer via the internet. Thus firewall restricts unauthorized access to the hackers and the viruses. The main function of a firewall is that it acts as a barrier, a semi-permeable membrane which regulates the traffic of network into and out of an internet network (Thomas & Stoddard, 2012). It determines what passes from one side of the network to the other. This is especially important in restrict access by untrusted IP addresses. This ensures the integrity of data passing through the internet.

The limitations of firewall include the fact that it does not hinder hackers from into and out of the internal network. This enables them to bypass the protection of the firewall. A firewall cannot also administer password policies. Firewalls also lack the ability to bar internal users from getting into malicious sites (Thomas & Stoddard, 2012). In conclusion, a firewall will never protect one from any poor decision they decide to take.

Get a 10 % discount on an order above $ 100
Use the following coupon code :
SKYSAVE