Computer Forensics and Investigations Essay

Exclusively available on Available only on IvyPanda® Made by Human No AI

Principles of computer forensics

Principles of computer forensics are standard rules that govern how digital evidence is handled to make it admissible in court (Nelson, Phillips & Steuart, 2010; Taylor, Haggerty, Gresty & Lamb, 2011; Easttom, 2014). Many countries and states had their principles of computer forensics.

However, efforts have been made to align several principles in order to have internationally accepted principles that can be applied across the world (Taylor et al., 2011). The standardization efforts have resulted in the adoption of four key principles. First, digital evidence should be collected in a manner that does not allow alteration of crucial data. This principle attempts to uphold the integrity of evidence (Taylor et al., 2011).

Second, the processes of collecting, storing and analyzing digital data should be fully documented, and reasons should be given for any manipulation done. This principle aims to make professionals handling digital evidence responsible for their actions. Third, digital evidence should only be accessed by forensically competent persons. This principle ensures that non-competent persons do not interfere with digital evidence (Nelson et al., 2010; Taylor et al., 2011).

Fourth, it should be ensured that the right procedures are followed during computer forensic investigations. If the law and principles of computer forensics are followed, then digital evidence would be admissible in court. Admissible evidence is crucial in promoting justice and fairness in criminal proceedings (Nelson et al., 2010; Taylor et al., 2011; Easttom, 2014).

The role of computer forensics as it relates to other IT disciplines

Computer forensics is the integration of computer science and law. It is crucial in the investigation of crimes that are related to the manipulation of computer systems (Easttom, 2014). All IT applications rely on the use of data that are analyzed, stored and retrieved for particular uses (Nelson et al., 2010).

Computer forensics could be used in legal matters to solve criminal issues in all other IT applications. Therefore, forensic science with regard to computer systems plays crucial legal roles in relation to other IT application (Taylor et al., 2011; Easttom, 2014).

History of computer forensics

Crimes related to the use of computers came to the limelight in 1978 in Florida after legislation was adopted to prohibit unauthorized changes of data preserved in computers. Federal laws recognized crimes related to the use of computers in the 1980s. History of computer forensics can be categorized into three distinct phases (Easttom, 2014). First, the ad-hoc stage was marked by lack of clear frameworks for dealing with computer crimes.

The phase was also characterized by many legal issues that revolved around the applications of computer systems to handle digital evidence used in court. Second, the structured phase involved the adoption of specific tools and procedures in digital crime investigations and prosecutions. Third, the enterprise phase (the current phase) involves fast collection of digital evidence, creation of sophisticated tools and many companies offering forensic services (Nelson et al., 2010; Easttom, 2014).

How to use computer forensics in criminal investigations

For digital evidence to be admissible in court, investigations should be conducted in a manner that adopts the principles of computer forensics (Easttom, 2014). The following steps are involved in computer forensics investigations:

  1. A computer system containing crucial evidence is secured to ensure that data are safe.
  2. All files in a computer system that are not encrypted are copied.
  3. Deleted information is retrieved.
  4. Contents of hidden files are revealed using specific software to identify hidden data.
  5. Protected files are decrypted and accessed.
  6. Inaccessible parts of computer disks are analyzed to locate files that could contain crucial data.
  7. All steps of the procedure are documented.

Constitutional protections and laws covering investigations

Computer forensic investigations are protected by the US constitution and various federal and state laws. Therefore, computer forensic investigators need to conduct investigations within confines of the law. Federal computer crime laws protect various aspects of investigations.

Some of the federal computer crime laws include Health Insurance Portability and Accountability Act, USA Patriot Act, Child Pornography Protection Act, and Communications Decency Act 1986, among others. Case laws are based on verdict given by judges in computer crimes, and they are adopted as legislation that protects computer forensic investigations (Nelson et al., 2010).

Ethics

The code of ethics requires computer forensic investigations to be conducted using accepted ethics (Taylor et al., 2011). Some computer forensic issues include privacy, impact on society and intellectual property rights (Nelson et al., 2010; Easttom, 2014). Computer forensic professionals should protect the secrecy and privacy of clients’ information (Easttom, 2014). A high degree of secrecy and privacy could be achieved when personnel adhere to ethical standards.

Computer forensic professionals should follow standard ethical procedures when conducting investigations. If the standards are followed, then the evidence would have a high degree of accuracy and authenticity. Adherence to standard ethical procedures also goes a long way in preventing alteration of crucial forensic evidence that would be admissible in court.

References

Easttom, C. (2014). System forensics, investigations, and response (2nd ed.). Burlington, MA; Jones and Bartlett Learning.

Nelson, B., Phillips, A., & Steuart, C. (2010). Guide to computer forensics and investigations. Stamford, CT: CengageBrain. com.

Taylor, M., Haggerty, J., Gresty, D., & Lamb, D. (2011). Forensic investigation of cloud computing systems. Network Security, 2011(3), 4-10.

More related papers Related Essay Examples
Cite This paper
You're welcome to use this sample in your assignment. Be sure to cite it correctly

Reference

IvyPanda. (2018, November 28). Computer Forensics and Investigations. https://ivypanda.com/essays/computer-forensics-and-other-information-technologies-principles-of-computer-forensics/

Work Cited

"Computer Forensics and Investigations." IvyPanda, 28 Nov. 2018, ivypanda.com/essays/computer-forensics-and-other-information-technologies-principles-of-computer-forensics/.

References

IvyPanda. (2018) 'Computer Forensics and Investigations'. 28 November.

References

IvyPanda. 2018. "Computer Forensics and Investigations." November 28, 2018. https://ivypanda.com/essays/computer-forensics-and-other-information-technologies-principles-of-computer-forensics/.

1. IvyPanda. "Computer Forensics and Investigations." November 28, 2018. https://ivypanda.com/essays/computer-forensics-and-other-information-technologies-principles-of-computer-forensics/.


Bibliography


IvyPanda. "Computer Forensics and Investigations." November 28, 2018. https://ivypanda.com/essays/computer-forensics-and-other-information-technologies-principles-of-computer-forensics/.

If, for any reason, you believe that this content should not be published on our website, please request its removal.
Updated:
This academic paper example has been carefully picked, checked and refined by our editorial team.
No AI was involved: only quilified experts contributed.
You are free to use it for the following purposes:
  • To find inspiration for your paper and overcome writer’s block
  • As a source of information (ensure proper referencing)
  • As a template for you assignment
1 / 1