Digital forensics as a service: Game on

The big data era has a high impact on forensic data analysis. Work is done in speeding up the processing of large amounts of data and enriching this processing with new techniques. Doing forensics calls for specific design considerations, since the processed data is incredibly sensitive. In this paper we explore the impact of forensic drivers and major design principles like security, privacy and transparency on the design and implementation of a centralized digital forensics service.     

Privacy by design and anonymisation techniques in action: Case study of Match technology

Privacy by Design is now enjoying widespread acceptance. The EU has recently expressly included it as one of the key principles in the revised data protection legal framework. But how does Privacy by design and data anonymisation work in practise? In this article the authors address this question from a practical point of view by analysing a case study on EU Financial Intelligence Units (“FIUs”) using the Ma³tch technology as additional feature to the existing exchange of information via FIU.NET decentralised computer network. They present, analyse, and evaluate Ma³tch technology from the perspective of personal data protection. The authors conclude that Ma³tch technology can be seen as a valuable example of Privacy by Design. It achieves data anonymisation and enhances data minimisation and data security, which are the fundamental elements of Privacy by Design. Therefore, it may not only improve the exchange of information among FIUs and allow for the data processing to be in line with applicable data protection requirements, but it may also substantially contribute to the protection of privacy of related data subjects. At the same time, the case study clearly shows that Privacy by Design needs to be supported and complemented by appropriate organisational and technical procedures to assure that the technology solutions devised to protect privacy would in fact do so.     

Ambient Intelligence, Criminal Liability and Democracy

In this contribution we will explore some of the implications of the vision of Ambient Intelligence (AmI) for law and legal philosophy. AmI creates an environment that monitors and anticipates human behaviour with the aim of customised adaptation of the environment to a person’s inferred preferences. Such an environment depends on distributed human and non-human intelligence that raises a host of unsettling questions around causality, subjectivity, agency and (criminal) liability. After discussing the vision of AmI we will present relevant research in the field of philosophy of technology, inspired by the post-phenomenological position taken by Don Ihde and the constructivist realism of Bruno Latour. We will posit the need to conceptualise technological normativity in comparison with legal normativity, claiming that this is necessary to develop democratic accountability for the implications of emerging technologies like AmI. Lastly we will investigate to what extent technological devices and infrastructures can and should be used to achieve compliance with the criminal law, and we will discuss some of the implications of non-human distributed intelligence for criminal liability.

构件技术在分布式信息系统中的应用

建立一个高效、稳健、可靠性和可维护性高的分布式信息系统是软件开发者面临的一个新课题。可以在系统分析和建模的基础上,设计出可靠性高、可重用性好的各种构件,通过构件的组装复用快速开发应用系统。这种基于构件的开发方法与传统的基于代码的开发方法相比,显著地提高了系统开发的效率和质量。     

A RAM triage methodology for Hadoop HDFS forensics

This paper discusses the challenges of performing a forensic investigation against a multi-node Hadoop cluster and proposes a methodology for examiners to use in such situations. The procedure's aim of minimising disruption to the data centre during the acquisition process is achieved through the use of RAM forensics. This affords initial cluster reconnaissance which in turn facilitates targeted data acquisition on the identified DataNodes. To evaluate the methodology's feasibility, a small Hadoop Distributed File System (HDFS) was configured and forensic artefacts simulated upon it by deleting data originally stored in the cluster. RAM acquisition and analysis was then performed on the NameNode in order to test the validity of the suggested methodology. The results are cautiously positive in establishing that RAM analysis of the NameNode can be used to pinpoint the data blocks affected by the attack, allowing a targeted approach to the acquisition of data from the DataNodes, provided that the physical locations can be determined. A full forensic analysis of the DataNodes was beyond the scope of this project.     

Information assurance in a distributed forensic cluster

When digital forensics started in the mid-1980s most of the software used for analysis came from writing and debugging software. Amongst these tools was the UNIX utility ‘dd’ which was used to create an image of an entire storage device. In the next decade the practice of creating and using ‘an image’ became established as a fundamental base of what we call ‘sound forensic practice’. By virtue of its structure, every file within the media was an integrated part of the image and so we were assured that it was wholesome representation of the digital crime scene. In an age of terabyte media ‘the image’ is becoming increasingly cumbersome to process, simply because of its size. One solution to this lies in the use of distributed systems. However, the data assurance inherent in a single media image file is lost when data is stored in separate files distributed across a system. In this paper we assess current assurance practices and provide some solutions to the need to have assurance within a distributed system.     

Distributed filesystem forensics: XtreemFS as a case study

Distributed filesystems provide a cost-effective means of storing high-volume, velocity and variety information in cloud computing, big data and other contemporary systems. These technologies have the potential to be exploited for illegal purposes, which highlights the need for digital forensic investigations. However, there have been few papers published in the area of distributed filesystem forensics. In this paper, we aim to address this gap in knowledge. Using our previously published cloud forensic framework as the underlying basis, we conduct an in-depth forensic experiment on XtreemFS, a Contrail EU-funded project, as a case study for distributed filesystem forensics. We discuss the technical and process issues regarding collection of evidential data from distributed filesystems, particularly when used in cloud computing environments. A number of digital forensic artefacts are also discussed. We then propose a process for the collection of evidential data from distributed filesystems.     

中国货币政策扼制通货膨胀的效果——基于2005．7—2008．9样本的实证分析

实证分析的结果表明,2005年7月以后,中国实施紧缩性货币政策在调控方向上是正确的,有利于扼制通货膨胀.但由于前期通货膨胀的惯性和外汇占款的增加,紧缩性货币政策的效果被严重削弱,甚至出现了"紧缩性货币政策下的通货膨胀".只有各种经济政策特别是货币政策、财政政策和汇率政策本身有所改进,而且在方向、时间和力度上能够相互配合,才能提高中国货币政策扼制通货膨胀的有效性.     

我国货币供应量与经济增长关系的实证分析

货币供应量作为各国中央银行实施货币政策的主要中介目标，它与实际经济增长的关系直接决定了货币政策的效果。从货币供应量中的M1、M2的角度，建立分布滞后模型，分析动态的货币供应量M1、M2分别对我国经济发展的影响。     

开发基于Web的分布式应用程序策略研究

分布式对象技术已经成为建立服务器应用框架和软件构件的核心技术,本文结合当前三种主流的分布式对象技术CORBA、COM、Java,对开发分布式Web应用系统的策略进行了探讨。