Using a standard approach to the design of next generation e-Supply Chain Digital Forensic Readiness systems

Abstract

The internet has had a major impact on how information is shared within supply chains, and in commerce in general. This has resulted in the establishment of information systems such as e-supply chains (eSCs) amongst others which integrate the internet and other information and communications technology (ICT) with traditional business processes for the swift transmission of information between trading partners. Many organisations have reaped the benefits that come from adopting the eSC model, but have also faced the challenges with which it comes. One such major challenge is information security. With the current state of cybercrime, system developers are challenged with the task of developing cutting edge digital forensic readiness (DFR) systems that can keep up with current technological advancements, such as (eSCs). Hence, the problem addressed in this paper is the lack of a well-formulated DFR approach that can assist system developers in the development of e-supply chain digital forensic readiness systems. The main objective of such a system being that it must be able to provide law enforcement/digital forensic investigators (DFI) with forensically sound and readily available potential digital evidence that can expedite and support digital forensics incident response processes. This approach, if implemented can also prepare trading partners for security incidents that might take place, if not prevent them from occurring. Therefore, the work presented in this paper is aimed at providing a procedural approach that is based on digital forensics principles. This paper discusses the limitations of current system monitoring tools in relation to the kind of specialised DFR systems that are needed in the eSC environment and proposes an eSC-DFR process model and architectural design model that can lead to the development of next-generation eSC DFR systems. It is the view of the authors that the conclusions drawn from this paper can spearhead the development of cutting-edge next-generation digital forensic readiness systems, and bring attention to some of the shortcomings of current system monitoring tools.