Copy the page URI to the clipboard
Tun, Thein; Price, Blaine; Bandara, Arosha; Yu, Yijun and Nuseibeh, Bashar
(2016).
Abstract
Police investigations involving digital evidence tend to focus on forensic examination of storage units on personal electronic devices (laptops, smartphones, etc). However, a number of factors are making digital forensic tools increasingly ineffective: (i) storage capacities of electronic devices have increased, and so have the amounts of personal information held on them; (ii) cyber crimes are increasingly committed on social media, and evidence of crimes are held on social media platforms, not necessarily on personal devices; (iii) there is a greater need for protecting digital privacy, especially when examining digital evidence from witnesses and victims of cyber crimes.
These factors pose a number of practical challenges for both law enforcement agencies and citizens when disclosing and handling the digital evidence. This paper defines and illustrates the key challenges, and proposes the concept of verifiable limited disclosure, which defines a communication protocol to ensure privacy, continuity and integrity of digital evidence. More specifically, the protocol allows (i) citizens to decide what evidence to disclose to law enforcement agencies and (ii) any of the two parties to be able to prove any tampering of the digital evidence. The paper discusses methods for implementing the communication protocol using standard security and privacy tools and presents a pathway to evaluating their effectiveness.