Use of organisational topologies for forensic investigations

George Grispos, Sorren Hanvey, Bashar Nuseibeh

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

In today’s highly regulated business environment, it is becoming increasingly important that organisations implement forensic-ready systems and architectures to aid the investigation of security incidents and data breaches. Previously, different solutions have been proposed for implementing forensic readiness within organisations. One of these solutions is that organisations implement an organisational structure that takes into consideration digital forensics by establishing roles and responsibilities to assist with investigations. However, no previous research has defined how this can actually be accomplished within an organisation. In this paper, we put forth the idea of using the topology of an organisation’s structure to define the roles and responsibilities to assist with handling a forensic investigation. In the past, the role of topology has been examined from various perspectives, including software engineering. We draw on this previous research and use the topological properties of containment, proximity and reachability in order to define a representation of the organisational structure that takes into consideration digital forensics. For example, topology can be used to express and provide a context regarding the location of assets that need to be investigated, as well as the individuals, whose assistance is required to investigate such assets. Furthermore, knowing the topology of an organisation’s structure can also assist investigators identify stakeholders that could be of interest to an investigation, based on their relationship to the asset(s) under investigation.

Original languageEnglish (US)
Title of host publicationSERF 2017 - Proceedings of the 1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics, Co-located with FSE 2017
EditorsDalal Alrajeh, Liliana Pasquale
PublisherAssociation for Computing Machinery, Inc
Pages2-5
Number of pages4
ISBN (Print)9781450351560
DOIs
StatePublished - Sep 4 2017
Externally publishedYes
Event1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics, SERF 2017 - 11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on theFoundations of Software Engineering, ESEC/FSE 2017 - Paderborn, Germany
Duration: Sep 4 2017 → …

Publication series

NameSERF 2017 - Proceedings of the 1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics, Co-located with FSE 2017

Conference

Conference1st ACM SIGSOFT International Workshop on Software Engineering and Digital Forensics, SERF 2017 - 11th Joint Meeting of the European Software Engineering Conference and the ACM SIGSOFT Symposium on theFoundations of Software Engineering, ESEC/FSE 2017
CountryGermany
CityPaderborn
Period9/4/17 → …

Keywords

  • Forensic Readiness
  • Organisational Structures
  • Topology

ASJC Scopus subject areas

  • Software

Fingerprint Dive into the research topics of 'Use of organisational topologies for forensic investigations'. Together they form a unique fingerprint.

Cite this