| Along with the rapid development and wide application of information technology, crime cases related to computers have been occurring at an increasingly frequent rate. It is therefore of greater attention and importance to obtain the electronic evidences from computers, and to have effective saving and evaluations for these electronic evidences. In addition to the effort from the jurisprudential circle, it also relies on the practice and exploration of the IT fields to study the definition, characteristics and probative force of the electronic evidences, and to formulate related legal regulations and process standards, so as to effectively combat against computer crimes.This thesis has a detailed review on the electronic evidences after their being obtained, aiming to provide evidence support to juridical practice, and to serve as a reference for the stipulation of standards of electronic evidence by relevant departments.Based on extensive reference from documentations of computer science, law and investigation, the thesis begins with a general summary of the birth, development, present situation and the future trend of computer forensics and electronic evidences, and a general explanation on the definition, principles and technology of computer forensics, the definition, characteristics, and investigative criterion of electronic evidences, and a brief introduction of the existing computer forensics system. Theoretically, this paper studies cryptographic algorithm, identity authentication and access control theory of the realization of anti-tamper system of electronic evidences. Considering the fact that the ultimate purpose of collecting electronic evidences is to service the trial process of court, with specific demand on the collection, investigation and authentication of the evidences, the author has taken into account of the practical experience to compile the management measures of the electronic evidences, and some detailed method of their application on a technical level. Based on the above mentioned research of theory and technology, the thesis gives a general design of the protection system of electronic evidence. An access authentication system is applied to ensure that more than one person is involved in the presentation, reviewing, delete and supervision. A multiple signature technology is used to ensure the completeness, authenticity and non-repudiation of the evidences. An audit methodology is adopted to record the logs of the protection system of electronic evidences, and to hade monitoring and alarm against unauthorized actions. A backup is used to provide data restoration under circumstances of system and file failures of the electronic evidences. The thesis concludes with the realization of the covered cryptographic algorithm. |
PDF Full Text Request