{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,12,30]],"date-time":"2025-12-30T23:49:56Z","timestamp":1767138596380,"version":"build-2238731810"},"publisher-location":"Cham","reference-count":34,"publisher":"Springer Nature Switzerland","isbn-type":[{"value":"9783031345593","type":"print"},{"value":"9783031345609","type":"electronic"}],"license":[{"start":{"date-parts":[[2023,1,1]],"date-time":"2023-01-01T00:00:00Z","timestamp":1672531200000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2023,6,8]],"date-time":"2023-06-08T00:00:00Z","timestamp":1686182400000},"content-version":"vor","delay-in-days":158,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2023]]},"abstract":"<jats:title>Abstract<\/jats:title>\n                  <jats:p>While approaches aimed at developing forensic-ready systems are starting to emerge, it is still primarily a theoretical concept. This paper presents a case study of integrating forensic readiness capabilities into SensitiveCloud, an information system for storing and processing sensitive data. A risk-based approach to forensic readiness design is followed to achieve it. Consequently, weaknesses in both processes and systems are identified, and forensic readiness requirements are formulated. This case study reports on lessons learned in a practical implementation of a forensic-ready system, its impact on security, and its support towards ISO\/IEC 27k.<\/jats:p>","DOI":"10.1007\/978-3-031-34560-9_31","type":"book-chapter","created":{"date-parts":[[2023,6,7]],"date-time":"2023-06-07T01:05:06Z","timestamp":1686099906000},"page":"522-538","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["A Case Study on\u00a0the\u00a0Impact of\u00a0Forensic-Ready Information Systems on\u00a0the\u00a0Security Posture"],"prefix":"10.1007","author":[{"ORCID":"https:\/\/orcid.org\/0000-0003-0853-2776","authenticated-orcid":false,"given":"Lukas","family":"Daubner","sequence":"first","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1829-4794","authenticated-orcid":false,"given":"Raimundas","family":"Matulevi\u010dius","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-4205-101X","authenticated-orcid":false,"given":"Barbora","family":"Buhnova","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-1380-5647","authenticated-orcid":false,"given":"Matej","family":"Antol","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5547-8720","authenticated-orcid":false,"given":"Michal","family":"R\u016f\u017ei\u010dka","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]},{"ORCID":"https:\/\/orcid.org\/0000-0002-2933-2290","authenticated-orcid":false,"given":"Tomas","family":"Pitner","sequence":"additional","affiliation":[],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"297","published-online":{"date-parts":[[2023,6,8]]},"reference":[{"key":"31_CR1","doi-asserted-by":"crossref","unstructured":"Ab Rahman, N.H., Glisson, W.B., Yang, Y., Choo, K.K.R.: Forensic-by-design framework for cyber-physical cloud systems. IEEE Cloud Comput. 3(1), 50\u201359 (2016)","DOI":"10.1109\/MCC.2016.5"},{"key":"31_CR2","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"282","DOI":"10.1007\/978-3-030-33246-4_18","volume-title":"On the Move to Meaningful Internet Systems: OTM 2019 Conferences","author":"A-AO Affia","year":"2019","unstructured":"Affia, A.-A.O., Matulevi\u010dius, R., Nolte, A.: Security risk management in cooperative intelligent transportation systems: a systematic literature review. In: Panetto, H., Debruyne, C., Hepp, M., Lewis, D., Ardagna, C.A., Meersman, R. (eds.) OTM 2019. LNCS, vol. 11877, pp. 282\u2013300. Springer, Cham (2019). https:\/\/doi.org\/10.1007\/978-3-030-33246-4_18"},{"key":"31_CR3","doi-asserted-by":"crossref","unstructured":"Afzaal, M., Di Sarno, C., Coppolino, L., D\u2019Antonio, S., Romano, L.: A resilient architecture for forensic storage of events in critical infrastructures. In: IEEE HASE 2012, pp. 48\u201355 (2012)","DOI":"10.1109\/HASE.2012.9"},{"key":"31_CR4","doi-asserted-by":"crossref","unstructured":"Alrajeh, D., Pasquale, L., Nuseibeh, B.: On evidence preservation requirements for forensic-ready systems. In: ESEC\/FSE 2017, pp. 559\u2013569. ACM (2017)","DOI":"10.1145\/3106237.3106308"},{"key":"31_CR5","doi-asserted-by":"crossref","unstructured":"Altuhhova, O., Matulevi\u010dius, R., Ahmed, N.: An extension of business process model and notation for security risk management. Int. J. Inform. Syst. Model. Design 4, 93\u2013113 (10 2013)","DOI":"10.4018\/ijismd.2013100105"},{"key":"31_CR6","doi-asserted-by":"crossref","unstructured":"Bajramovic, E., Waedt, K., Ciriello, A., Gupta, D.: Forensic readiness of smart buildings: Preconditions for subsequent cybersecurity tests. In: IEEE ISC2 2016, pp. 1\u20136 (2016)","DOI":"10.1109\/ISC2.2016.7580754"},{"key":"31_CR7","unstructured":"CESG: Good Practice Guide No. 18: Forensic Readiness. Guideline, National Technical Authority for Information Assurance, United Kingdom (2015)"},{"key":"31_CR8","volume":"73","author":"L Daubner","year":"2023","unstructured":"Daubner, L., Macak, M., Matulevi\u010dius, R., Buhnova, B., Maksovi\u0107, S., Pitner, T.: Addressing insider attacks via forensic-ready risk management. J. Inform. Secur. Appl. 73, 103433 (2023)","journal-title":"J. Inform. Secur. Appl."},{"key":"31_CR9","doi-asserted-by":"crossref","unstructured":"Daubner, L., Matulevi\u010dius, R.: Risk-oriented design approach for forensic-ready software systems. In: ARES 2021. ACM (2021)","DOI":"10.1145\/3465481.3470052"},{"key":"31_CR10","doi-asserted-by":"crossref","unstructured":"Daubner, L., Matulevi\u010dius, R., Buhnova, B., Pitner, T.: Business process model and notation for forensic-ready software systems. In: ENASE 2022, pp. 95\u2013106. SCITEPRESS (2022)","DOI":"10.5220\/0011041000003176"},{"key":"31_CR11","doi-asserted-by":"publisher","unstructured":"Dubois, \u00c9., Heymans, P., Mayer, N., Matulevi\u010dius, R.: A Systematic Approach to Define the Domain of Information System Security Risk Management, pp. 289\u2013306. Springer (2010). https:\/\/doi.org\/10.1007\/978-3-642-12544-7_16","DOI":"10.1007\/978-3-642-12544-7_16"},{"key":"31_CR12","unstructured":"EDPB: Data breach: the italian sa fines inail eur 50,000. Decision, European Data Protection Board (2022), https:\/\/edpb.europa.eu\/news\/national-news\/2022\/data-breach-italian-sa-fines-inail-eur-50000_en"},{"key":"31_CR13","doi-asserted-by":"publisher","first-page":"70","DOI":"10.1016\/j.cose.2015.04.003","volume":"52","author":"M Elyas","year":"2015","unstructured":"Elyas, M., Ahmad, A., Maynard, S.B., Lonie, A.: Digital forensic readiness: expert perspectives on a theoretical framework. Comput. Secur. 52, 70\u201389 (2015)","journal-title":"Comput. Secur."},{"key":"31_CR14","first-page":"228","volume":"12","author":"D Ganji","year":"2019","unstructured":"Ganji, D., Kalloniatis, C., Mouratidis, H., Malekshahi Gheytassi, S.: Approaches to develop and implement iso\/iec 27001 standard - information security management systems: systematic literature review. Int. J. Adv. Softw. 12, 228\u2013238 (2019)","journal-title":"Int. J. Adv. Softw."},{"key":"31_CR15","doi-asserted-by":"crossref","unstructured":"Grandry, E., Feltus, C., Dubois, E.: Conceptual integration of enterprise architecture management and security risk management. In: 17th IEEE International Enterprise Distributed Object Computing Conference Workshops, pp. 114\u2013123 (2013)","DOI":"10.1109\/EDOCW.2013.19"},{"key":"31_CR16","doi-asserted-by":"crossref","unstructured":"Grispos, G., Glisson, W.B., Choo, K.K.R.: Medical cyber-physical systems development: A forensics-driven approach. In: IEEE\/ACM CHASE 2017, pp. 108\u2013113 (2017)","DOI":"10.1109\/CHASE.2017.68"},{"key":"31_CR17","doi-asserted-by":"crossref","unstructured":"Grobler, C.P., Louwrens, C.P.: Digital forensic readiness as a component of information security best practice. In: New Approaches for Security, Privacy and Trust in Complex Environments, pp. 13\u201324. Springer (2007)","DOI":"10.1007\/978-0-387-72367-9_2"},{"key":"31_CR18","doi-asserted-by":"crossref","unstructured":"Grobler, C., Louwrens, C., von Solms, S.: A framework to guide the implementation of proactive digital forensics in organisations. In: ARES 2010, pp. 677\u2013682 (2010)","DOI":"10.1109\/ARES.2010.62"},{"key":"31_CR19","doi-asserted-by":"publisher","unstructured":"Iqbal, A., Ekstedt, M., Alobaidli, H.: Digital forensic readiness in critical infrastructures: A case of substation automation in the power sector. In: Digital Forensics and Cyber Crime, pp. 117\u2013129. Springer (2018). https:\/\/doi.org\/10.1007\/978-3-319-73697-6_9","DOI":"10.1007\/978-3-319-73697-6_9"},{"key":"31_CR20","unstructured":"ISO\/IEC: Information technology \u2014 Security techniques \u2014 Incident investigation principles and processes. Standard, International Organization for Standardization, Switzerland (2015)"},{"key":"31_CR21","unstructured":"ISO\/IEC: Information technology \u2014 Security techniques \u2014 Information security risk management. Standard, International Organization for Standardization, Switzerland (2018)"},{"key":"31_CR22","unstructured":"Joint Task Force Transformation Initiative: Risk management framework for information systems and organizations: A system life cycle approach for security and privacy. Tech. Rep. Special Publication (NIST SP) - 800\u201337 Rev. 2, NIST (2018)"},{"key":"31_CR23","doi-asserted-by":"publisher","unstructured":"Matulevi\u010dius, R.: Fundamentals of secure system modelling. Springer (2017). https:\/\/doi.org\/10.1007\/978-3-319-61717-6","DOI":"10.1007\/978-3-319-61717-6"},{"key":"31_CR24","doi-asserted-by":"crossref","unstructured":"Mouhtaropoulos, A., Dimotikalis, P., Li, C.T.: Applying a digital forensic readiness framework: Three case studies. In: IEEE HST 2013,pp. 217\u2013223 (2013)","DOI":"10.1109\/THS.2013.6699003"},{"key":"31_CR25","doi-asserted-by":"crossref","unstructured":"Pasquale, L., Alrajeh, D., Peersman, C., Tun, T., Nuseibeh, B., Rashid, A.: Towards forensic-ready software systems. In: Proceedings of the 40th ICSE: New Ideas and Emerging Results, pp. 9\u201312. ICSE-NIER 2018, ACM (2018)","DOI":"10.1145\/3183399.3183426"},{"key":"31_CR26","doi-asserted-by":"crossref","unstructured":"Rivera-Ortiz, F., Pasquale, L.: Automated modelling of security incidents to represent logging requirements in software systems. In: ARES 2020. ACM (2020)","DOI":"10.1145\/3407023.3407081"},{"key":"31_CR27","unstructured":"Rowlingson, R.: A ten step process for forensic readiness. Int. J. Digital Evidence 2 (01 2004)"},{"key":"31_CR28","doi-asserted-by":"crossref","unstructured":"Runeson, P., H\u00f6st, M., Rainer, A., Regnell, B.: Case Study Research in Software Engineering: Guidelines and Examples. Wiley (2012)","DOI":"10.1002\/9781118181034"},{"issue":"3","key":"31_CR29","doi-asserted-by":"publisher","first-page":"403","DOI":"10.1007\/s00766-018-0289-y","volume":"24","author":"S Simou","year":"2019","unstructured":"Simou, S., Kalloniatis, C., Gritzalis, S., Katos, V.: A framework for designing cloud forensic-enabled services (cfes). Requirements Eng. 24(3), 403\u2013430 (2019)","journal-title":"Requirements Eng."},{"key":"31_CR30","doi-asserted-by":"publisher","first-page":"19469","DOI":"10.1109\/ACCESS.2022.3151403","volume":"10","author":"A Singh","year":"2022","unstructured":"Singh, A., Ikuesan, R.A., Venter, H.: Secure storage model for digital forensic readiness. IEEE Access 10, 19469\u201319480 (2022)","journal-title":"IEEE Access"},{"key":"31_CR31","unstructured":"SUSE: SUSE Rancher Technical Architecture Guide. White paper, SUSE, Luxembourg (2021)"},{"key":"31_CR32","unstructured":"Tan, J.: Forensic readiness. Tech. rep., @stake, Inc. (2001)"},{"key":"31_CR33","doi-asserted-by":"crossref","unstructured":"Wang, J., Peng, F., Tian, H., Chen, W., Lu, J.: Public auditing of log integrity for cloud storage systems via blockchain. In: Security and Privacy in New Computing Environments. pp. 378\u2013387. Springer (2019)","DOI":"10.1007\/978-3-030-21373-2_29"},{"issue":"3","key":"31_CR34","doi-asserted-by":"publisher","first-page":"78","DOI":"10.1109\/MC.2016.89","volume":"49","author":"S Zawoad","year":"2016","unstructured":"Zawoad, S., Hasan, R.: Trustworthy digital forensics in the cloud. Computer 49(3), 78\u201381 (2016)","journal-title":"Computer"}],"updated-by":[{"DOI":"10.1007\/978-3-031-34560-9_37","type":"correction","label":"Correction","source":"publisher","updated":{"date-parts":[[2023,6,8]],"date-time":"2023-06-08T00:00:00Z","timestamp":1686182400000}}],"container-title":["Lecture Notes in Computer Science","Advanced Information Systems Engineering"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-031-34560-9_31","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,9,5]],"date-time":"2025-09-05T18:01:22Z","timestamp":1757095282000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/978-3-031-34560-9_31"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2023]]},"ISBN":["9783031345593","9783031345609"],"references-count":34,"URL":"https:\/\/doi.org\/10.1007\/978-3-031-34560-9_31","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"value":"0302-9743","type":"print"},{"value":"1611-3349","type":"electronic"}],"subject":[],"published":{"date-parts":[[2023]]},"assertion":[{"value":"8 June 2023","order":1,"name":"first_online","label":"First Online","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"8 June 2023","order":2,"name":"change_date","label":"Change Date","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"Correction","order":3,"name":"change_type","label":"Change Type","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"A correction has been published.","order":4,"name":"change_details","label":"Change Details","group":{"name":"ChapterHistory","label":"Chapter History"}},{"value":"CAiSE","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Advanced Information Systems Engineering","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Zaragoza","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Spain","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2023","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 June 2023","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 June 2023","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"35","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"caise2023","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}}]}}