Open Computer Forensics Architecture

From Forensics Wiki
Revision as of 18:23, 15 May 2006 by Uwe Hermann (Talk | contribs)

Jump to: navigation, search

The Open Computer Forensics Architecture (OCFA) is a modular computer forensics framework built by the Dutch National Police Agency. The main goal is to automate the digital forensic process to speed up the investigation and give tactical investigators direct access to the seized data through an easy to use search and browse interface.

The architecture forms an environment where existing forensic tools and libraries can be easily plugged into the architecture and can thus be made part of the recursive extraction of data and metadata from digital evidence.

The Open Computer Forensics Architecture aims to be highly modular, robust, fault tolerant, recursive and scalable in order to be usable in large investigations that spawn numerous terabytes of evidence data and covers hundreds of evidence items.

Currently the Open Computer Forensics Architecture is only available for law enforcement. Organizations interested can send an email to ocfa@dnpa.nl. Under NDA conditions it can also be made available for academic purposes. Questions about licensing can be directed at license@dnpa.nl.