gengenbach-forensic-workflows-2012

Recommendations

Info

conforms to the Digital Forensics XML (DFXML) metadata schema. 102 The DFXML file and a copy of the disk image are then packaged using the BagIt object packaging specification developed by the Library of Congress and California Digital Library. 103 The BagIt package allows the disk image and any associated metadata to be packaged as part of the same “bag,” enabling higher-level description and a manifest of the bag contents to be archived in Yale University Libraries digital storage, the Rescue Repository. The Rescue Repository is a library-wide managed storage environment specifically for the digital materials acquired and ingested by each collection in Yale University Libraries. 104 Within the Rescue Repository, files are verified and validated by JSTOR/Harvard Object Validation Environment (JHOVE), and ingests are monitored through ingest activity logs by a nightly reporting script. 105 The Rescue Repository is a “dark archive,” in that it does not allow public access to materials, but only internally to those with proper permissions—mostly the administrators of that material from each of the collections with the ability to ingest into the Repository. For this reason, the Beinecke has provided an alternative method of access by copying the disk image before it is added to a BagIt package. This access disk image copy is maintained on separate network storage, and may be subject to further processing with a robust <strong>forensic</strong> analysis tool, the Forensic Toolkit (FTK). 106 This tool is used for arrangement and description, and to define the levels of access available to the user. Accessible material is then provided to the user on a secure access station in the Beinecke 102 See Appendix D, “fiwalk” and “Digital Forensics XML.” 103 See Appendix D, “BagIt.” 104 “Yale University Rescue Repository: About the Rescue Repository,” Yale University Library: Integrated Systems and Programming Group http://www.library.yale.edu/ito/RRweb/AboutRescueRepository.html (accessed July <strong>2012</strong>). 105 Ibid. 106 Note that this is a different program from FTK Imager. For more information, see Appendix D, “Forensic Toolkit (FTK).” 30
Reading room. The Beinecke Rare Book and Manuscript Library born-digital content workflow map is provided below. 31
Page 1 and 2: Martin J. Gengenbach “The Way We
Page 3 and 4: Table of Contents Introduction.....
Page 5 and 6: Introduction A large number of coll
Page 7 and 8: and the loss of information critica
Page 9 and 10: This definition articulates the spe
Page 11 and 12: of forensics corpora upon which to
Page 13 and 14: institutions, calling for establish
Page 15 and 16: examples of what Kenneth Thibodeau
Page 17 and 18: MAS) program in Vancouver, Canada.
Page 19 and 20: with digital collections, such as l
Page 21 and 22: published by the Council on Library
Page 23 and 24: institutions using digital forensic
Page 25 and 26: preservation is not large; recogniz
Page 27 and 28: discussion of the individual steps
Page 29 and 30: provided in Robert Damelio's The Ba
Page 31: important factors in successfully i
Page 37: As previously mentioned, there are
Page 41 and 42: primary context, and how to best pr
Page 43: undled with the BagIt specification
Page 47 and 48: esided among the paper records, to
Page 51 and 52: Maryland Institute for Technology i
Page 53: who can provide either an un-redact
Page 57 and 58: After the acquisition of removable
Page 61 and 62: University Archives, University of
Page 63: workbench automates the extraction
Page 67 and 68: digital content. UVa staff have und
Page 71 and 72: Library of Congress Manuscript Divi
Page 73 and 74: media was housed in proper housing,
Page 75 and 76: Workflows develop within a variety
Page 77 and 78: a central pipeline: “I was design
Page 79 and 80: it was generally to note that they
Page 81 and 82: also articulated by Jeremy Leighton
Page 83 and 84:
institutions, there are always othe
Page 85 and 86:
management of born-digital content.
Page 87 and 88:
a computer station in the reading r
Page 89 and 90:
who have developed their knowledge
Page 91 and 92:
References “About ClamAV.” Clam
Page 93 and 94:
Carrier, Brian. “Description,”
Page 95 and 96:
“Fiwalk - Forensics Wiki.” Digi
Page 97 and 98:
Jarocki, John. “Forensics 101: Ac
Page 99 and 100:
“Metadata Object Description Sche
Page 101 and 102:
Thomas, Susan. Paradigm: A practica
Page 103 and 104:
I hope to hear from you! Sincerely,
Page 105 and 106:
change with the implementation of s
Page 107 and 108:
Will you receive anything for being
Page 109 and 110:
have already been accessioned? (leg
Page 111 and 112:
2. Archivematica Archivematica is a
Page 113 and 114:
Information Infrastructure and Pres
Page 115 and 116:
7. ClamAV ClamAV is a free, open-so
Page 117 and 118:
encounters. 285 10. ddrescue ddresc
Page 119 and 120:
identify 250 different file types,
Page 121 and 122:
available on a GNU Lesser General P
Page 123 and 124:
Windows OS by AccessData. 315 FTK I
Page 125 and 126:
22. KryoFlux KryoFlux is a USB-base
Page 127 and 128:
filename. 335 It runs on a series o
Page 129 and 130:
application for the cataloging and
Page 131 and 132:
drive is the target of forensic ana
Page 133 and 134:
131
show all

gengenbach-forensic-workflows-2012

You also want an ePaper? Increase the reach of your titles

Delete template?

Save as template?