Panel: Technical, Social and Legal Frameworks for Digital Forensics and CyberInfrastructure Security

Jean West FacesWest Productions/WBKI Television

jean@faceswesttv.com

Ulf Lindqvist SRI International

ulf.lindqvist@sri.com

Peter J. Vasquez, Sr. VTX Communications, LLC

pvasquez@vtxc.net

Moderator: Michael Losavio

University of Louisville Michael.losavio@louisville.edu

Moderator: Sean Peisert University of California, Davis

peisert@cs.ucdavis.edu

Abstract A systematic approach to digital forensic engineering acknowledges the close, intertwine relationship between digital forensics and information security. Just as their technical structures are interrelated, so, too, are issues relating to legal and social frameworks within which they are used. We examine this critical relationship as to critical cyber infrastructure and the threats to it from domestic and transnational criminals and state actors.

1. Introduction The panel reviewed these relationships between government, private industry, the academy and media , discussing what the future may hold for proactive, systematic work in these areas. A systematic approach to digital forensic engineering acknowledges the close, intertwine relationship between digital forensics and information security. Just as their technical structures are interrelated, so, too, are issues relating to legal and social frameworks within which they are used. This is critical in relation to critical cyber infrastructure and the threats to it from domestic and transnational criminals and state actors. 2. Discussion The tendency towards unfunded mandates for industry compliance with forensic efforts concerned panelists. The first concern was that industry may be required to suffer large portions of the cost of providing forensic data on matters unrelated to the business mission. The significant secondary concerns were that requiring industry to divert resources to forensic requests weakens the information security perimeter for those businesses and, at the extreme, risks business interruption. For critical infrastructure such as utilities such business interruption risks significant damage in its own right. Systematic incorporation of digital forensic engineering into system design could alleviate these costs and risks, but raises the issue of cost coverage for that additional engineering. On

2009 Fourth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering

978-0-7695-3792-4/09 $25.00 © 2009 IEEEDOI 10.1109/SADFE.2009.11

97

2009 Fourth International IEEE Workshop on Systematic Approaches to Digital Forensic Engineering

978-0-7695-3792-4/09 $25.00 © 2009 IEEEDOI 10.1109/SADFE.2009.11

97

the other hand, systematic forensic engineering practices could help address the difficulties of analyzing the multitude of proprietary devices with their own unique data systems. These and other issues were connected to the general perception of digital forensics and information security. The panel was concerned as to the lack of understanding of these disciplines and their importance for data integrity, privacy and public safety. Options for addressing public understanding of these disciplines were discussed. One primary proposal was that the engineering community engage in more outreach to the media, structuring and offering resources that translate engineering concepts into more accessible forms for intelligent laymen and journalists. Though outside core engineering practice, such actions accord with the February, 2006 IEEE Code of Ethics commitment “to improve the understanding of technology, its appropriate application, and potential consequences;” 3. Conclusion The panel and the conference participants concurred that these were all issues needing further discussion and development through IEEE and other engineering and computer science forums.

9898