Open Computer Forensics Architecture

From ForensicsWiki
Revision as of 03:05, 15 May 2006 by Capibara (Talk | contribs)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework build by the "Dutch National Police Agency". The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through an easy to use search and browse interface.

The architecture forms an environment where existing forensic tools and libraries can be easily plugged into the architecture and can thus be made part of the recursive extraction of data and metadata from digital evidence.

The Open Computer Forensics Architecture aims to be highly modular, robust fault tolerant, recursive and scalable in order to be usable in large investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.

Currently the Open Computer Forensics Architecture is only available for law enforcement. Organizations interested can send an email to ocfa@dnpa.nl. Under NDA conditions it can also be made available for academic purposes. Questions about licensing can be directed at license@dnpa.nl.