Difference between revisions of "Open Computer Forensics Architecture"

From Forensics Wiki
Jump to: navigation, search
 
(Wikified.)
Line 1: Line 1:
The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework build by the "Dutch National Police Agency". The main goal
+
The '''Open Computer Forensics Architecture''' ('''OCFA''') is a modular computer forensics framework build by the [[Dutch National Police Agency]]. The main goal is to automate the digital forensic process to speed up the investigation and give tactical [[investigator]]s direct access to the seized data through an easy to use search and browse interface.
is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through
+
an easy to use search and browse interface.
+
  
The architecture forms an environment where existing forensic tools and libraries can be easily plugged into the architecture and can thus be made
+
The architecture forms an environment where existing forensic [[tools]] and libraries can be easily plugged into the architecture and can thus be made part of the recursive extraction of data and [[metadata]] from digital evidence.
part of the recursive extraction of data and metadata from digital evidence.
+
  
The Open Computer Forensics Architecture aims to be highly modular, robust fault tolerant, recursive and scalable in order to be usable in large
+
The Open Computer Forensics Architecture aims to be highly modular, robust, fault tolerant, recursive and scalable in order to be usable in large investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.
investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.
+
  
Currently the Open Computer Forensics Architecture is only available for law enforcement. Organizations interested can send an email to
+
Currently the Open Computer Forensics Architecture is only available for [[law enforcement]]. Organizations interested can send an email to [mailto:ocfa@dnpa.nl ocfa@dnpa.nl]. Under [[NDA]] conditions it can also be made available for academic purposes. Questions about licensing can be directed at [mailto:license@dnpa.nl license@dnpa.nl].
ocfa@dnpa.nl. Under NDA conditions it can also be made available for academic purposes. Questions about licensing can be directed at
+
license@dnpa.nl.
+

Revision as of 18:21, 15 May 2006

The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework build by the Dutch National Police Agency. The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through an easy to use search and browse interface.

The architecture forms an environment where existing forensic tools and libraries can be easily plugged into the architecture and can thus be made part of the recursive extraction of data and metadata from digital evidence.

The Open Computer Forensics Architecture aims to be highly modular, robust, fault tolerant, recursive and scalable in order to be usable in large investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.

Currently the Open Computer Forensics Architecture is only available for law enforcement. Organizations interested can send an email to ocfa@dnpa.nl. Under NDA conditions it can also be made available for academic purposes. Questions about licensing can be directed at license@dnpa.nl.