Strategy for responding to computer incidents of insecurity set in Ecuadorian law

  • Rodrigo Arturo Proaño Universidad Tecnológica Equinoccial
  • Andrés Fernando Gavilanes Molina Universidad Tecnológica Equinoccial
Keywords: incident, digital evidence, computer security, cyberattack, forensics computer science

Abstract

Assurance the security of information, information systems, services and networks implies socializing, also knowing how to respond to an event where such information security has been violated and how manage the identified digital evidence. The present paper is a solution, based on international standards and complying with the current Law of Ecuador. Digital evidence will be identified at the scene of a computer incident by the authorized persons. The authorization must indicate what motivates, authorizes and limits the identification of evidence. The phase of obtaining the digital evidence identified will depend on the established internal circumstances and policies. The preservation of the objective evidence is carried out through chain of custody, the verifiable, complete and reliable results are reported. The previously described strategy was applied as a case study to the incidents of violation of logical securities. The digital evidence found in the place was recognized, extracted, preserved and informed about. Throughout the process, the chain of custody was implemented, which assurance the integrity and reliability of the data. In each phase it was recorded as, when, where and who manipulated both digital signs and digital devices.

Downloads

Download data is not yet available.

References

Solís, F., Pinto, D., & Solís, S. (2017). Seguridad de la información en el intercambio de datos entre dispositivos móviles con sistema Android utilizando el método de encriptación RSA. Enfoque UTE, 8(1), pp. 160-171. doi:https://doi.org/10.29019/enfoqueute.v8n1.123
Tedtechnology. (2017). sourceforge.net. Obtenido de Quick Hash GUI: https://sourceforge.net/projects/quickhash/

Proaño Escalante, R., Saguay Chafla, C., Jácome Canchig, S., & Sandoval Zambrano, F. (2017). Sistemas basados en conocimiento como herramienta de ayuda en la auditoría de sistemas de información. Enfoque UTE, 8(1), pp. 148-159. doi:https://doi.org/10.29019/enfoqueute.v8n1.122

Proaño Escalante, R., Gavilanes Molina, A. (2017). Guía para reconocer, recoger, extraer, proteger e informar la evidencia digital. INCISCOS 2017.

Catálogo de normas INEN. (2017). Servicio Ecuatoriano de Normalización INEN. Obtenido de http://apps.normalizacion.gob.ec/descarga/

Código orgánico Integral Penal. (2014). Código orgánico Integral Penal. Quito: Gráficas Ayerve C.A.

ISO/IEC 27000. (2016). Information technology — Security techniques — Information security management systems — Overview and vocabulary. Obtenido de Online Browsing Platform (OBP): https://www.iso.org/obp/ui/#iso:std:iso-iec:27000:ed-4:v1:en
ISO/IEC 27035-1. (2016). Information technology — Security techniques — Information security incident management — Part 1: Principles of incident management. Obtenido de Online Browsing Platform (OBP):
https://www.iso.org/obp/ui/#iso:std:iso-iec:27035:-1:ed-1:v1:en

ISO/IEC 27035-2. (2016). Information technology — Security techniques — Information security incident management — Part 2: Guidelines to plan and prepare for incident response. Obtenido de Online Browsing Platform (OBP): https://www.iso.org/obp/ui/#iso:std:iso-iec:27035:-2:ed-1:v1:en

ISO/IEC 27037. (2012). Information technology — Security techniques — Guidelines for identification, collection, acquisition and preservation of digital evidence. Obtenido de Online Browsing Platform (OBP): https://www.iso.org/obp/ui/#iso:std:iso-iec:27037:ed-1:v1:en

ISO/IEC 30121. (2015). Information technology — Governance of digital forensic risk framework. Obtenido de Online Browsing Platform (OBP): https://www.iso.org/obp/ui/#iso:std:iso-iec:30121:ed-1:v1:en
Published
2018-03-30
How to Cite
Proaño, R., & Gavilanes Molina, A. (2018). Strategy for responding to computer incidents of insecurity set in Ecuadorian law. Enfoque UTE, 9(1), pp. 90 -101. https://doi.org/https://doi.org/10.29019/enfoqueute.v9n1.229
Section
Computer Science, ICTs