公开(公告)号：US20150304289A1

公开(公告)日：2015-10-22

申请号：US14258086

申请日：2014-04-22

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： Youngjun CHO ,  SeongKu KANG ,  Jaeduck CHOI ,  Mincheol JEON ,  Sinkyu KIM ,  Jungtaek SEO

IPC: H04L29/06 ,  G06F21/64

CPC classification number: H04L63/0471 ,  G06F21/645 ,  H04L63/061 ,  H04L63/123 ,  H04L63/126

Abstract: In a digital evidence collection method, an evidence collection device sends an evidence collection request message requesting permission of evidence collection to a notarization server through a notarization agent. The notarization server sends a collection permission message permitting evidence collection to the evidence collection device through the notarization agent. The evidence collection device requests evidence data from an evidence collection target system through the notarization agent. The evidence collection target system transmits the evidence data to the notarization agent. The notarization agent encrypts the evidence data and transfers encrypted evidence data to the evidence collection device.

Abstract translation: 在数字证据收集方法中，证据收集装置通过公证代理向认证服务器发送请求证据收集许可的证据收集请求消息。 公证服务器通过公证代理向证据收集装置发送允许证据收集的收集许可消息。 证据收集装置通过公证代理人从证据收集目标系统请求证据数据。 证据收集目标系统将证据数据传送给公证人。 公证机构加密证据数据，并将加密证据数据传送给证据收集装置。

公开(公告)号：US20160078240A1

公开(公告)日：2016-03-17

申请号：US14889988

申请日：2013-11-27

Applicant: ELECTRONICS AND TELECOMMUNICATIONS RESEARCH INSTITUTE

Inventor： SeongKu KANG ,  Mincheol JEON ,  Youngjun CHO ,  Jaeduck CHOI ,  Sinkyu KIM ,  Jungtaek SEO

IPC: G06F21/62

CPC classification number: G06F21/6209 ,  G06F21/445 ,  G06F21/552 ,  G06F21/577 ,  G06F21/64 ,  G06F21/78

Abstract: An apparatus and method for collecting digital evidence from a target system to be analyzed at a remote location and then providing security in a remote digital forensic environment based on the collected digital evidence. The method of providing security includes making, by a security providing apparatus, an evidence collection request for collection of evidence of an evidence collection-target apparatus from an evidence collection agent in a remote digital forensic environment, collecting evidence data corresponding to the evidence collection request from the evidence collection agent, verifying the evidence data based on a signature value of the evidence data collected from the evidence collection agent, generating evidence analysis data based on the verified evidence data, verifying the evidence analysis data based on a signature value of the evidence analysis data, and providing security for the evidence collection-target apparatus based on results of the verification of the evidence analysis data.

Abstract translation: 一种用于从远程位置分析的目标系统收集数字证据的装置和方法，然后基于收集的数字证据在远程数字法医环境中提供安全性。 提供安全的方法包括由安全提供设备从远程数字法医环境中的证据收集代理人提供收集证据收集目标设备的证据的证据收集请求，收集与证据收集请求对应的证据数据 从证据采集代理人，根据从证据收集代理收集的证据数据的签名值验证证据数据，根据证实的证据数据生成证据分析数据，根据证据的签名值验证证据分析数据 分析数据，并根据证据分析数据验证结果为证据收集目标设备提供安全性。