计算机数字证据的检验、鉴定程序和方法研究

在计算机空前发达的现代社会 ,数字证据的出现给我们提出了新的研究课题。开展计算机数字证据的检验 ,鉴定程序和方法的研究有其必要 ,进而建立一套规范的检验 ,鉴定程序和方法 ,以提高公安机关打击计算机犯罪的功效。     

关注网络安全

2 1世纪是信息产业飞速发展的时代 ,这对网络安全提出了前所未有的要求 ,文章对网络安全的现状进行了分析 ,并就如何保证计算机信息系统的保密性、完整性和可用性提出了相应的控制对策。     

公安院校计算机基础课程改革设想

计算机应用水平已成为衡量大学生应用能力的基础性标志。当前计算机教学存在学生起点差别较大、课程跟不上实际需要等问题,为此,应在调整教学内容、建立教学平台、注重能力培养等方面进行改革。     

Developments in cybercrime law and practice in Ethiopia

With increasing access to information and communication technologies such as the Internet, Ethiopia has recently taken responsive legislative measures. One such legislative measure is enactment of cybercrime rules as part of the Criminal Code of 2004. These rules penalize three items of computer crimes namely hacking, dissemination of malware and denial of service attacks. The cybercrime rules are however slightly outdated due to changes that have occurred in the field of cybercrime since the enactment of the Code. The surge of new varieties of cybercrimes previously uncovered under the Code and the need to legislate tailored evidentiary and procedural rules for investigation and prosecution of cybercrimes have recently prompted the Ethiopian government to draft modern and comprehensive cybercrime legislation, but the draft law still needs further work on cybercrimes in light of other major legislative developments at regional and national levels. This article closely examines major developments in cybercrime law and practice in Ethiopia since the enactment of the first set of cybercrime rules and proffers recommendations towards a unified cybercrime regime.     

Examining the nexus between situational factors and job performance through the mediating role of work engagement and self-efficacy

The situational perspectives theory of job performance is a fundamental aspect of organizational and managerial psychology. Consequently, there is growing interest in conducting additional research to assess situational factors and job performance through the theoretical frameworks of social learning and social exchange theories, which are seldom applied in these domains. The data has been collected from 365 employees working in Pakistan Telecommunication Company Limited (PTCL). It was found that supervisor support stimulates job performance. It is also deduced that self-efficacy mediates the relationship while work engagement does not mediate the relationship between supervisor support and job performance. The situational perspectives theory of job performance provides a supportive framework for the development of PTCL employees. This work should be of interest in the area of situational factors and performance improvement. This study is one of the very few studies conducted to empirically assess the influence of situational factor on performance through the mediating role of work engagement and self-efficacy.     

An approach to minimizing legal and reputational risk in Red Team hacking exercises

Robust cyber-resilience depends on sound technical controls and testing of those controls in combination with rigorous cyber-security policies and practices. Increasingly, corporations and other organizations are seeking to test all of these, using methods more sophisticated than mere network penetration testing or other technical audit operations. More sophisticated organizations are also conducting so-called “Red Team” exercises, in which the organization tasks a small team of highly skilled and trained individuals to try to gain unauthorized access to physical and logical company assets and information. While such operations can have real value, they must be planned and conducted with great care in order to avoid violating the law or creating undue risk and reputational harm to the organization. This article explores these sometimes tricky issues, and offers practical risk-based guidance for organizations contemplating these types of exercises.     

The Global Dimension of Cybercrime

Cyberspace and thus cybercrime know no boundaries. This chapter reviews some of the basic forms of cybercrime, draws specific attention to the issues that arise when offences occur across borders and in relation to organised criminal groupings, and provides illustrations based on some of the more celebrated cases of the past few years. The borderless nature of cyberspace and the exponential take-up of digital technology throughout the world guarantee that transnational cybercrime will remain a challenge. Fortunately, many nations are rising to this challenge, individually and collectively, but the web of international cooperation does have its holes and those nations that lag behind the leaders risk becoming havens for cybercriminals of the future.     

公务员面试计算机评分系统中数据加密技术的研究与实现

随着我国公务员录用面试信息化建设工作的深入推进,各地陆续在公务员面试过程中采用了公务员面试计算机评分系统。该系统对考官基本信息库、考官的原始计分表、监督员（复核员）的统计表等数据的加密存贮和传输非常重要。为避免泄密,基于PKI技术的“混合签密”方案应用于面试计算机评分系统,能很好地提供机密性、完整性、可认证和不可否认性保证数据的安全性。     

Can computer forensic tools be trusted in digital investigations?

This paper investigates whether computer forensic tools (CFTs) can extract complete and credible digital evidence from digital crime scenes in the presence of file system anti-forensic (AF) attacks. The study uses a well-established six stage forensic tool testing methodology based on black-box testing principles to carry out experiments that evaluate four leading CFTs for their potential to combat eleven different file system AF attacks. Results suggest that only a few AF attacks are identified by all the evaluated CFTs, while as most of the attacks considered by the study go unnoticed. These AF attacks exploit basic file system features, can be executed using simple tools, and even attack CFTs to accomplish their task. These results imply that evidences collected by CFTs in digital investigations are not complete and credible in the presence of AF attacks. The study suggests that practitioners and academicians should not absolutely rely on CFTs for evidence extraction from a digital crime scene, highlights the implications of doing so, and makes many recommendations in this regard. The study also points towards immediate and aggressive research efforts that are required in the area of computer forensics to address the pitfalls of CFTs.