05906295

a

05906295 Phan, Raphael C.-W. Amran, Ahmad R. Whitley, John N. Parish, David J. Evidential notions of defensibility and admissibility with property preservation. Camenisch, Jan (ed.) et al., Open research problems in network security. IFIP WG 11.4 international workshop, iNetSec 2010, Sofia, Bulgaria, March 5--6, 2010. Revised selected papers. Berlin: Springer (ISBN 978-3-642-19227-2/pbk). Lecture Notes in Computer Science 6555, 134-139 (2011). 2011 Berlin: Springer EN

doi:10.1007/978-3-642-19228-9_12

Summary: For security-emphasizing fields that deal with evidential data acquisition, processing, communication, storage and presentation, for instance network forensics, border security and enforcement surveillance, ultimately the outcome is not the technical output but rather physical prosecutions in court (e.g. of hackers, terrorists, law offenders) or counter-attack measures against the malicious adversaries. The aim of this paper is to motivate the research direction of formally linking these technical fields with the legal field. Notably, deriving technical representations of evidential data such that they are useful as evidences in court; while aiming that the legal parties understand the technical representations in better light. More precisely, we design the security notions of evidence processing and acquisition, guided by the evidential requirements from the legal perspective; and discuss example relations to forensics investigations.