公开(公告)号：US20120102571A1

公开(公告)日：2012-04-26

申请号：US13320173

申请日：2010-05-13

Applicant: Andrew David Sheldon

Inventor： Andrew David Sheldon

IPC: G06F21/00

CPC classification number: G06F21/6218

Abstract: A digital forensic system for performing forensics on a target device comprises a control pod and a collection device. The control pod, which has a unique identity in order to enable accurate audit, is arranged to register and allocated a unique identity to the collection device and to clean, load a profile onto the collection device, the profile defining a subset of data. The collection device is connected to the target device and copies data from the target device to the collection device according to the profile. The control pod is then arranged to create a report on the collection device, the report derived from the copied data. Once a user input has been received, indicating that the collection device be marked as evidence, then the control pod is arranged to lock the collection device in response to the user input.

Abstract translation: 用于在目标设备上执行取证的数字取证系统包括控制盒和收集装置。 具有唯一身份以便能够进行准确审核的控制盒被布置为向收集装置注册和分配唯一身份，并且将轮廓加载到收集装置上，该轮廓定义数据的子集。 收集设备连接到目标设备，并根据配置文件将数据从目标设备复制到收集设备。 然后，控制盒被安排为在收集装置上创建报告，该报告从复制的数据得出。 一旦已经接收到用户输入，指示收集装置被标记为证据，则控制盒被布置成响应于用户输入来锁定收集装置。

公开(公告)号：US20100299740A1

公开(公告)日：2010-11-25

申请号：US12445866

申请日：2006-10-23

Applicant: Andrew David Sheldon ,  Floris Petrus Coetzee ,  Liam Peter Bateman

Inventor： Andrew David Sheldon ,  Floris Petrus Coetzee ,  Liam Peter Bateman

IPC: G06F21/00 ,  G06F15/16

CPC classification number: H04L63/101 ,  H04L67/1097 ,  H04L67/125

Abstract: A system for providing remote access to a storage device (38) comprises a network (34), a workstation (10) and a remote device (32). The workstation (10) comprises a write protected device interface (in the drive unit) for receiving the storage device (38), a processor (the POD server) connected to the device interface and arranged to execute one or more services on the storage device (38) and a gateway device (the PAD) arranged to create and to manage secure private connections to and from the processor over the network. The remote device (32) comprises a network interface for connecting to the network, and a processor connected to the network interface and arranged to transmit instructions to control the execution of one or more services of the workstation (10) on the storage device (38). The system can also include a management server (FIMS) which comprises a network interface for connecting to the network, and a processor connected to the network interface and arranged to transmit to the remote device (32) access information to facilitate a network connection between the network interface of the remote device and the gateway device of the workstation.

Abstract translation: 用于提供对存储设备（38）的远程访问的系统包括网络（34），工作站（10）和远程设备（32）。 工作站（10）包括用于接收存储设备（38）的写保护设备接口（在驱动单元中），连接到设备接口并被安排为在存储设备上执行一个或多个服务的处理器（POD服务器） （38）和网关设备（PAD），其被安排成创建并管理通过网络与处理器之间的安全私人连接。 远程设备（32）包括用于连接到网络的网络接口和连接到网络接口并被布置成发送指令以控制在存储设备（38）上的工作站（10）的一个或多个服务的执行的处理器 ）。 该系统还可以包括管理服务器（FIMS），该管理服务器（FIMS）包括用于连接到网络的网络接口，以及连接到网络接口并被配置为向远程设备（32）发送访问信息以便于网络连接 远程设备的网络接口和工作站的网关设备。