Computing Reviews
Today's Issue Hot Topics Search Browse Recommended My Account Log In
Review Help
Search
Digital forensics for enterprise rights management systems
Schrittwieser S., Kieseberg P., Weippl E.  IIWAS 2012 (Proceedings of the 14th International Conference on Information Integration and Web-based Applications & Services, Bali, Indonesia, Dec 3-5, 2012)111-120.2012.Type:Proceedings
Date Reviewed: May 16 2013

Enterprise rights management (ERM) is concerned with managing and protecting data in an enterprise context. Digital forensics issues run into considerations of encryption and access protection. Existing guidelines and standards, such as National Institute of Standards and Technology (NIST) SP800-86, don’t address encrypted data where accessing the cryptographic key is essential. After exploring digital forensics for ERM systems in general, the authors present “specific guidelines for forensic investigations targeting Microsoft Active Directory Rights Management Services (RMS) and Adobe LiveCycle Rights Management.”

After setting the tone in an introductory section, the authors consider related work before giving the problem description and methodology of investigation, including details of two products in common use. Research results and database forensics follow, and a proposed set of ERM forensics guidelines is presented. The concluding section summarizes both the findings of the paper and emerging issues that will influence both digital forensics and the ERM domain.

There are three primary contributions of the paper. First, the authors analyze digital forensics in ERM as commonly practiced. Second, the paper notes that strict central control of access can have unexpected consequences on ERM. Third, it shows that ERM forensics is bound tightly to database forensics, and that recovery of targeted information may be accomplished on the database side even if access through ERM is no longer possible. Important in this paper and for future work is the notion of anti-forensics, which involves eliminating data that is no longer legally required to be available. Overall, this provides ERM architectures with the opportunity to become more trustworthy.

Reviewer:  M. G. Murphy Review #: CR141222 (1308-0719)
Bookmark and Share
  Reviewer Selected
Featured Reviewer
 
 
Access Controls (D.4.6 ... )
 
 
Information Networks (H.3.4 ... )
 
Would you recommend this review?
yes
no
Other reviews under "Access Controls": Date
Access control lists in capability environments
Lopriore L. Technology and Science of Informatics 3(3): 163-174, 1984. Type: Article
Mar 1 1985
Some variants of the take-grant protection model
Biskup J. (ed) Information Processing Letters 19(3): 151-156, 1984. Type: Article
Jun 1 1985
On access checking in capability-based systems
Kain R., Landwehr C. (ed) IEEE Transactions on Software Engineering SE-13(2): 202-207, 1987. Type: Article
Dec 1 1987
more...

E-Mail This Printer-Friendly
Send Your Comments
Contact Us
Reproduction in whole or in part without permission is prohibited.   Copyright 1999-2024 ThinkLoud®
Terms of Use
| Privacy Policy