The exponential increase in the volume of generated data together with the systems decentralisation open a wide window of opportunity in the field of cybercrime. This is one of the most important concerns of governments, societies and people, and it implies a high expense and risk for any society, weakens confidence in the Communication and Information Technologies and threatens international peace and stability.
In its fight against cybercrime, one of the most difficult challenges for the European Union is to homogenise the jurisdictions of the Member States. The procedure needed to obtain digital evidence, as well as its recognition in a court of justice, should follow a standardised procedure accepted by most countries within the Union. This procedure should guarantee the origin of the evidence and the integrity of the chain of custody.
Digital evidence is nowadays an integral part of criminal investigations and it is not only focussed on cybercrime specific cases, but also on determining criminal behaviour such as financial fraud, theft of intellectual property, industrial espionage and terrorist networks that constantly use the Internet and cyberspace. Given the ubiquity of digital devices, the correct management of digital evidence is extremely important.
LOCARD aims to develop a holistic platform aimed at ensuring the chain of custody throughout the flow of forensic analysis. It is a distributed and trusted platform that allows the storage of digital evidence metadata using blockchain.
Each node of LOCARD will independently establish its own permission policies and will selectively share access to digital evidence with other nodes (if necessary), and with the required authorisation. Thus, the developed platform will be modular since it will allow different agents to adapt the platform to their specific needs and their role in the digital forensic workflow, from preparation to compilation, analysis and reporting.
In addition, the platform will provide a collection resource module aimed at collecting citizens’ information related to certain law violations, as well as a tracker to allow the detection and correlation of certain deviations based on behavioural patterns. It will also define a set of tools focused on investigators to allow them to collect digital evidence both online and offline.
All this will be managed through an identity management system that will protect privacy and allow access to evidence data, using a Trusted Execution Environment. The blockchain technology will not only guarantee the non-manipulation of information but its interoperability without requiring the services of third parties.
In this section, we provide an overview of LOCARD and the general objectives of the communication and activities plan.