Originally published in the series: Practitioner Series
2nd ed. 2007
Springer eBooks may be purchased by end-customers only and are sold without copy protection (DRM free). Instead, all eBooks include personalized watermarks. This means you can read the Springer eBooks across numerous devices such as Laptops, eReaders, and tablets.
You can pay for Springer eBooks with Visa, Mastercard, American Express or Paypal.
After the purchase you can directly download the eBook file or read it online in our Springer eBook Reader. Furthermore your eBook will be stored in your MySpringer account. So you can always re-download your eBooks.
Authors educate senior police investigators in the UK in this field
Professor Sammes has testified in countless criminal cases from fraud to issues of national security
Covers the basics of investigation of hardware and updated with mobile devices such as personal organisers
Second edition, updated to fall in line with ACPO 2003 guidelines
Forensic computing is becoming of primary importance as computers increasingly figure as sources of evidence in all sorts of criminal investigations. However, in order for such evidence to be legally useful, it is vital that it be collected and processed according to rigorous principles.
In the second edition of this very successful book, Tony Sammes and Brian Jenkinson show how information held in computer systems can be recovered when it has been hidden or subverted by criminals, and give the reader the means to insure that it is accepted as admissible evidence in court. Updated to fall in line with ACPO 2003 guidelines, "Forensic Computing: A Practitioner's Guide" is illustrated with plenty of case studies and worked examples, and will help practitioners and students gain a clear understanding in:
* The principles involved in password protection and data encryption * The evaluation procedures used in circumventing a system’s internal security safeguards * Full search and seizure protocols for experts and police officers.
The new volume not only discusses the new file system technologies brought in by Windows XP and 2000 but now also considers modern fast drives, new encryption technologies, the practicalities of "live" analysis, and the problems inherent in examining personal organisers.
Tony Sammes is Professor of Forensic Computing at Cranfield University and the Director of the Centre for Forensic Computing based at the Defence Academy in Shrivenham. His department has been more or less solely responsible for training and educating senior law enforcement officers in the UK in the art of forensic computing. His testimony as an expert witness has been called in a variety of cases, some of national importance.
Brian Jenkinson is a retired Detective Inspector, formally Head of the Cambridgeshire Constabulary Fraud Squad. He is now an independent Forensic Computer Consultant and is also closely involved in teaching to both law enforcement and commercial practitioners. He was appointed Visiting Professor for Forensic Computing in 2002 at Cranfield University and the Defence Academy.
Content Level »Professional/practitioner
Keywords »Attribut - Bridge - Jenkins - Windows XP - code - data encryption - information - security
Appendices: Common Character Codes; Some Common File Format Signatures; A Typical Set of POST codes; Typical BIOS Beep Codes and Error Messages; Disk Partition Table Types; Ezxtended Partitions; Registers and Order Code for the INtel 8086; NFTS Boot Sector and BIOS Parameter Block; MFT Header and Attribute Maps; The Relationship Between CHS and LBA Addressing; Alternate Data Streams - a Brief Explanation