PROPOSAL OF A CONCEPTUAL FRAMEWORK TO REPRESENT THE HISTORICAL RECORD OF EVENTS IN THE CHAIN OF CUSTODY: A DOCTORAL THESIS REVIEW

Autores

  • Fabio Vivan Grigollo
  • Roberto Fabiano Fernandes

DOI:

https://doi.org/10.54899/dcs.v22i80.2660

Palavras-chave:

Computer Forensics, Chain of Custody, Privacy, Data Protection, Information Security

Resumo

The increasing complexity of digital investigations and the demand for reliable evidence pose challenges to digital forensics, especially with regard to the chain of custody and the security of collected evidence. The absence of a framework that integrates security, privacy, and data protection, combined with the risk of contamination of evidence, compromises its admissibility in legal proceedings. Given this scenario, this study proposes a conceptual framework for the historical record of evidence, covering the stages of collection, acquisition, examination, analysis, and ongoing custody. The methodology adopted combines a literature review, analysis of existing frameworks, and interviews with experts, allowing the validation and improvement of the proposed framework. The conceptual framework developed aims to strengthen the integrity and reliability of digital evidence, mitigating risks associated with its improper handling. In addition, it seeks to ensure that privacy, data protection, and information security are considered in an integrated manner, reducing vulnerabilities and increasing the efficiency in the preservation of digital evidence. The results obtained indicate the feasibility of applying the conceptual framework in real scenarios, contributing significantly to the admissibility of evidence in courts and to the improvement of practices in digital forensics.

Downloads

Não há dados estatísticos.

Referências

Anwar, M. J., & Gill, A. Q. (2020). Developing an integrated ISO 27701 and GDPR based information privacy compliance requirements model. In Proceedings of the Australasian Conference on Information Systems (ACIS 2020), Wellington.

Arias, E.C. (2014). Un estudio comparado en Latinoamérica sobre la cadena de custodia de las evidencias en el proceso penal. Revista de la Facultad de Derecho y Ciencias Políticas, 44.

Beebe, N. L., & Clark, J. G. (2004). A hierarchical, objectives-based framework for the digital investigations process. Digital Forensic Research Workshop.

Brezinski, D., & Killalea, T. (2002). Guidelines for evidence collection and archiving. Network Working Group. In-Q-Tel; neart.org. RFC 3227. Best Current Practice No. 55.

Bardin, L. (1977). Análise de conteúdo (L. A. Reto & A. Pinheiro, Trads.). Edições 70.

Carvalho, R. W. R. (2020). A Importância da Cadeia de Custódia na Computação Forense. Revista Brasileira de Criminologia, 9(2), 134-138. DOI: http://dx.doi.org/10.15260/rbc.v9i2.463

Cantore, J. A. G. (2014). Cadena de custodia de evidencias [Chain of custody of evidence]. Anales de la Facultad de Ciencias Médicas (Asunción), 47(1).

Campos, L. M. O., Gomes, E., & Martins, H. P. (2016). Forensic Expertise in Storage Device USB Flash Drive: Procedures and Techniques for Evidence. IEEE Latin America Transactions, 14(7).

Ćosić, J., & Bača, M. (2010). A framework to (im)prove chain of custody in digital investigation process. In Proceedings of the 21st Central European Conference on Information and Intelligent Systems (pp. 435-438).

Ferreira, D. A. A., Pinheiro, M. M. K., & Marques, R. M. M. (2022). Privacidade e proteção de dados pessoais: perspectiva histórica. InCID: R. Ci. Inf. e Doc., Ribeirão Preto, 12(2), 151-172. https://doi.org/10.11606/issn.2178-2075.v12i2p151-172

International Organization for Standardization. (2013). ISO/IEC 27037:2013 Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence. ISO.

Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Guide to integrating forensic techniques into incident response (NIST Special Publication 800-86). National Institute of Standards and Technology. https://www.nist.gov/publications/guide-integrating-forensic-techniques-incident-response.

Machado, N. T., Basile, F. R. M., Amate, F. C., & López, L. J.R. (2021). Protocolo de informática forense ante ciberincidentes en telemedicina para preservar información como primera respuesta. Revista Científica General José María Córdova, 19(33), 181-203. http://dx.doi.org/10.21830/19006586.726.

Malhotra, N. K. (2019). Pesquisa de Marketing: Uma Orientação Aplicada. Brasil: Bookman.

Nandhakumar, N. K., Agarwal, U., & Faizal, H. (2012). Use of AFF4 Chain of Custody - Methodology for Foolproof Computer Forensics Operation. International Journal of Communication and Networking System, 1(1), 49. ISSN: 2278-2427.

Netto, A. da S., & Silveira, M. A. P. da. (2007). Gestão da segurança da informação: Fatores que influenciam sua adoção em pequenas e médias empresas. Journal of Information Systems and Technology Management, 4(3), 375-397. TECSI FEA USP. ISSN 1807-1775.

Ramadhan, R. A., Setiawan, P. R., & Hariyadi, D. (2022). Digital forensic investigation for non-volatile memory architecture by hybrid evaluation based on ISO/IEC 27037:2012 and NIST SP800-86 framework. IT Journal Research and Development (ITJRD), 6(2). https://doi.org/10.25299/itjrd.2022.8968

Riaño, J. J. K. B. (2020). Avances de la informática forense en Colombia en los últimos cuatro años. Revista Ingeniería, Investigación y Desarrollo, 20(1), 69-78.

Ramírez, D. A. M., Gonzales, R. M., & Castro, G. A. H. (2019). Digital evidence focused on solid state drives (SSD): a review. Revista Ingeniería, Investigación y Desarrollo, 20(1), 69-78. https://doi.org/10.14483/issn.2248-4728.

Sansigolo, G. (2015). A importância da série ISO 27000. Faculdade de Tecnologia de São José dos Campos.

Tomlinson, J. J., Elliott-Smith, W., & Radosta, T. (2006). Laboratory information management system chain of custody: reliability and security. Journal of Automated Methods and Management in Chemistry. Hindawi Limited.

Trivinos, A. N. S. (1987). Introdução à pesquisa em ciências sociais: A pesquisa qualitativa em educação. Atlas.

Voronkova, S. (2011). A Computational Forensic Methodology for Malicious Application Detection on Android OS (Master's thesis). Free University of Bozen/Bolzano, Faculty of Computer Science.

Yalçın, N., & Kılıç, B. (2019). Digital evidences according to ISO/IEC 27035-2, ISO/IEC 27037, ISO/IEC 27041, ISO/IEC 27042 and ISO/IEC 27043 standards. In Proceedings of the 4th International Symposium on Innovative Approaches in Engineering and Natural Sciences (pp. 444). https://doi.org/10.36287/setsci.4.6.118

Downloads

Publicado

07-05-2025

Como Citar

Grigollo , F. V., & Fernandes , R. F. (2025). PROPOSAL OF A CONCEPTUAL FRAMEWORK TO REPRESENT THE HISTORICAL RECORD OF EVENTS IN THE CHAIN OF CUSTODY: A DOCTORAL THESIS REVIEW. Revista DCS, 22(80), e2660. https://doi.org/10.54899/dcs.v22i80.2660

Edição

v. 22 n. 80 (2025)

Seção

Artigos

Licença

Copyright (c) 2025 Derecho y Cambio Social

Creative Commons License

Este trabalho está licenciado sob uma licença Creative Commons Attribution-NonCommercial 4.0 International License.