With the advancement of information and communication technology, Internet application has become increasingly widespread, along with information security incidents as focus of public attention. Information and communication security incident may cause varying degrees of losses and damages to organizations and units, or even imperil their survival according to their dependence on information and communication. With proliferation of information and communication infrastructure, close attention to information and communication security, promotion of i-Taiwan information and communication plan, and information and communication security policy development of National Information and Communication Security Taskforce, better information security governance mechanism should be actively implemented. This study discussed the information security governance and explored Control Objectives for Information and related Technology (COBIT 4.1) DS5 pertaining to ensuring systems security. Mapping of PLSE model with Digital Evidence Forensics Standard Operating Procedure (DEFSOP), and discussion of mapping COBIT4.1 with DEFSOP, this study suggested Information Security Governance Digital Forensics Standard Operating Procedure (IGDSOP). Further, this study implemented Honeynet system. The system features are used to map IGDSOP to verify the collected digital evidence which can help assign governance responsibilities and give feedback to adaptability of policy.
Security Governance, COBIT, DEFSOP, IGDSOP, Honeynet.
To return to the Volume/Number webpage, click here.
THE INTERNATIONAL JOURNAL OF FORENSIC COMPUTER SCIENCE - IJoFCS
Volume 7, Number 2, pages 33-45, DOI: 10.5769/J201202003 or http://dx.doi.org/10.5769/J201202003
Study on Constructing Forensics Mechanism of Digital Evidence Based on Information Security Governance - Using Digital Evidence Forensic System as an Example
By I-Long Lin, Tai-Kuo Woo, Yen-Chun Chen, Tsung-Lin Lu, and Ian-Sue Shu
To download this paper, click here.