标准编号:ISO/IEC 27042:2015
中文名称:信息技术 安全技术 数字证据的分析和解释指南
英文名称:Information technology — Security techniques — Guidelines for the analysis and interpretation of digital evidence
发布日期:2015-06
标准范围
This International Standard provides guidance on the analysis and interpretation of digital evidencein a manner which addresses issues of continuity, validity, reproducibility, and repeatability. Itencapsulates best practice for selection, design, and implementation of analytical processes andrecording sufficient information to allow such processes to be subjected to independent scrutinywhen required. It provides guidance on appropriate mechanisms for demonstrating proficiency andcompetence of the investigative team.Analysis and interpretation of digital evidence can be a complex process. In some circumstances, therecan be several methods which could be applied and members of the investigative team will be requiredto justify their selection of a particular process and show how it is equivalent to another process usedby other investigators. In other circumstances, investigators may have to devise new methods forexamining digital evidence which has not previously been considered and should be able to show thatthe method produced is “fit for purpose”.Application of a particular method can influence the interpretation of digital evidence processed bythat method. The available digital evidence can influence the selection of methods for further analysisof digital evidence which has already been acquired.This International Standard provides a common framework, for the analytical and interpretationalelements of information systems security incident handling, which can be used to assist in theimplementation of new methods and provide a minimum common standard for digital evidenceproduced from such activities.
标准预览图
立即下载标准文件