Authenticating Digital Evidence

Given the proliferation of digital media, the question of what types of evidence are admissible in court, and how they should be handled, is increasingly complex. Cellphone video has played a pivotal role in scores of high-profile cases in the US, as have recordings of 911 calls and footage captured from police body cameras

There’s no question this evidence is valuable, but ensuring its integrity and demonstrating an unbroken chain of custody, the documentation that records the chronological sequence of the custody, control and disposition of a piece of evidence, often proves difficult.

To avoid controversies surrounding digital evidence, some public safety authorities have started turning to a seemingly unlikely solution: blockchain technology. At its core, a blockchain is a decentralised database shared across a network. Unlike centralised databases, however, records are only accepted after attaining group consensus. It provides a way to incorporate a variety of data from multiple sources, anonymise it, track it and ensure its authenticity without the need for third-party validation. 

Indeed, blockchain holds the potential to help transform public safety by improving the way agencies handle their most sensitive evidence and data, enhancing interagency cooperation and promoting greater public trust in the integrity of investigations.

Blockchain is uniquely suited to tackling this challenge, according to gcn.com. In fact, the existing US federal guidelines for handling digital evidence are surprisingly similar to the way blockchains work. When seizing a hard drive, for example, special personnel will scan the contents and use that data to generate a hash value. In the same way blockchains use hash values to verify linked blocks, digital forensics investigators use hashes to track digital evidence. Blockchain presents multiple advantages over the current procedures. The principal advantage is the redundancy blockchain provides. 

Instead of relying on a team of specialists to first extract the data, then hash it, then track it, a “blockchain of custody” would allow for open submission of data to the blockchain, where it would be automatically verified by consensus, hashed and then entered into an immutable, shared public record.

Data collection by various agencies in the US has grown exponentially, but the ability to generate intelligence and then act upon this data continues to be hampered by bureaucratic inefficiencies, interagency divisions and siloed data.

Establishing a unified data standard poses many challenges because it requires buy-in from so many agencies.

Blockchain circumvents this problem by enabling trustless collaboration and removing the need for centralised authority. The promise of an immutable, open public record of all data submitted could overcome a major hurdle for interagency collaboration.

Blockchain’s “smart contract” feature could ensure protocols between agencies are always followed because they would be executed automatically by the system. 

Basically, a smart contract is a computer protocol that facilitates, verifies or enforces the performance of a contract or contract clause. In addition to formalising information requests and opening investigations, smart contracts might also help balance data privacy and public safety.

I-HLS

You Might Also Read:

Blockchain Will Radically Transform Anti-Fraud:

 

 

« EU Elections: Facebook Prepares
GCHQ Chief Wants A Big Effort To Improve British Cybersecurity »

Perimeter 81

Directory of Suppliers

DigitalStakeout

DigitalStakeout

A simple and cost-effective solution to monitor, investigate and analyze data from the web, social media and cyber sources to identify threats and make better security decisions.

eBook: Practical Guide to Security in the AWS Cloud

eBook: Practical Guide to Security in the AWS Cloud

AWS Marketplace would like to present you with a digital copy of the new book, Practical Guide to Security in the AWS Cloud, by the SANS Institute.

WEBINAR: How to fuel your DevSecOps in AWS

WEBINAR: How to fuel your DevSecOps in AWS

Thursday, May 20, 2021 - In this webinar, SANS and AWS Marketplace will discuss how to build a strategy that encompasses visibility and automation for the DevSecOps pipeline in AWS.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Free Access: Cyber Security Supplier Directory listing 5,000+ specialist service providers.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Versasec

Versasec

Versasec is a leader in identity and access management, providing customers with security solutions for managing digital identities.

VdS

VdS

VdS is an independent safety and security testing institution. Cybersecurity services include standards, audit/assessment and certification for SMEs.

Polyverse

Polyverse

Polyverse offers application security, zero-day defense, proactive cyber resiliency and more. Protect your critical applications with moving target defense.

Secure Channels

Secure Channels

Secure Channels products offer advanced access control, adaptable encryption, data protection, enterprise confidentiality solutions and proximity-based monitoring and intelligence capabilities.

Edvance

Edvance

Edvance operates a range of cybersecurity businesses including value added cybersecurity solutions distribution, security technology innovation and development, and SaS solution offerings.

Statice

Statice

Statice develops state-of-the-art data privacy technology that helps companies double-down on data-driven innovation while safeguarding the privacy of individuals.

Absio

Absio

Absio provides the technology you need to build data security directly into your software by default, and the design and development services you need to make it happen.

Ensurity Technologies

Ensurity Technologies

Ensurity is a deep-tech cybersecurity engineering company; designs and manufactures specialized secure hardware, software, and mobile application solutions.

Option3Ventures (O3V)

Option3Ventures (O3V)

Option3Ventures LLC specializes in finding and developing attractive investment opportunities at the frontiers of cybersecurity and immediately adjacent technologies.

ThreatReady Resources

ThreatReady Resources

ThreatReady reduces an organization’s risk by delivering cyber security awareness training based on the latest, state-of-the-art learning science to effectively drive long-term cyber-safe behavior.