Identification

The term “computer forensics” was coined in 1991 in the first training session held by the International Association of Computer Specialists (IACIS) in Portland, Oregon. Since then, computer forensics has become a popular topic in computer security circles and in the legal community. Like any other forensic science, computer forensics deals with the application of law to a science. In this case, the science involved is computer science and some refer to it as Forensic Computer Science. Computer forensics has also been described as the autopsy of a computer hard disk drive because specialized software tools and techniques are required to analyze the various levels at which computer data is stored after the fact. Computer forensics deals with the preservation, identification, extraction, and documentation of computer evidence. The field is relatively new to the private sector, but it has been the mainstay of technologyrelated investigations and intelligence gathering in law enforcement and military agencies since the mid1980s. Like any other forensic science, computer forensics involves the use of sophisticated technology tools and procedures that must be followed to guarantee the accuracy of the preservation of evidence and the accuracy of results concerning computer evidence processing. Typically, computer forensic tools exist in the form of computer software.
[view]

A channel that conveys information by altering the performance of a system component or modifying a resource’s timing in a predictable manner. A covert channel in which one process signals information to another by modulating its own use of system resources in such a way that this manipulation affects the real response time observed by the second process. Covert channel in which one process signals information to another process by modulating its own use of system resources (e. g. , central processing unit time) in such a way that this manipulation affects the real response time observed by the second process.
[view]

A channel of communication within a computer system, or network, that is not designed or intended to transfer information. The means by which data can be communicated outside of normal, expected, or detectable methods. Unintended and/or unauthorized communications path that can be used to transfer information in a manner that violates an information system security policy. (. See overt channel and exploitable channel. )
[view]

An ISDN service type that provides two B, or data, channels and one D, or management, channel. Each B channel offers 64 Kbps, and the D channel offers 16 Kbps. Supports a total signaling rate of 144 kbps, which is divided into two B or bearer channels running at 64 kbps, and a D or data channel runing at 16 kbps. The bearer channels carry the actual voice, video, or data information, and the D channel is used for signaling.
[view]

A channel that conveys information by writing data to a common storage area where another process can read it. A covert channel that involves the direct or indirect writing of a storage location by one process and the direct or indirect reading of the storage location by another process. Covert storage channels typically involve a finite resource that is shared by two subjects at different security levels. Covert channel involving the direct or indirect writing to a storage location by one process and the direct or indirect reading of the storage location by another process. Covert storage channels typically involve a finite resource (e. g. , sectors on a disk) that is shared by two subjects at different security levels.
[view]