System and method for digital evidence analysis and authentication
First Claim
Patent Images
1. A method for acquiring email and other data from computers and providing a secure and productive environment for the investigation of the data, the method comprising:
- receiving a plurality of sets of data files from one or more remote computers associated with an investigator;
receiving a request from a second remote computer and associated with an examiner, the request for a first set of data files within the plurality of sets of data files containing email for a first specific person;
receiving a second request from the second remote computer and associated with a requester, the request for authorization of the request for the first set of data files, wherein the requester is the examiner;
transmitting the request for authorization to a set of authorizers;
receiving an authorization from one of the set of authorizers of the request for the first set of data files in response to the request for authorization;
thereby creating a first authorization request;
transmitting the first authorization request over a data communications network to one or more servers containing the first set of data files;
receiving the first set of data files over the data communications network from the one or more servers at the second remote computer in response to transmitting the first authorization request; and
making the first set of data files from the one or more servers available in the second remote computer to the requester as one of a set of authorized reviewers of the first set of data files.
1 Assignment
0 Petitions
Accused Products
Abstract
The system disclosed provides an efficient mechanism for acquiring email and other data from remote systems in a forensically sound manner. Email for users can be requested by investigators from email servers across the country. It is then be automatically acquired and made available to the examiner, subject to approval, and any others he deems have a need-to-know on a web based system. The data can be searched and bookmarked, and the bookmarks shared. Data can also be uploaded manually and combined with email data in the searching, bookmarking, and sharing.
23 Citations
24 Claims
-
1. A method for acquiring email and other data from computers and providing a secure and productive environment for the investigation of the data, the method comprising:
-
receiving a plurality of sets of data files from one or more remote computers associated with an investigator; receiving a request from a second remote computer and associated with an examiner, the request for a first set of data files within the plurality of sets of data files containing email for a first specific person; receiving a second request from the second remote computer and associated with a requester, the request for authorization of the request for the first set of data files, wherein the requester is the examiner; transmitting the request for authorization to a set of authorizers; receiving an authorization from one of the set of authorizers of the request for the first set of data files in response to the request for authorization;
thereby creating a first authorization request;transmitting the first authorization request over a data communications network to one or more servers containing the first set of data files; receiving the first set of data files over the data communications network from the one or more servers at the second remote computer in response to transmitting the first authorization request; and making the first set of data files from the one or more servers available in the second remote computer to the requester as one of a set of authorized reviewers of the first set of data files. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22)
-
-
23. A system for acquiring email and other data from computers and providing a secure and productive environment for the investigation of the data, the system comprising:
-
a computer processor; a memory containing computer instructions executable by the computer processor, wherein execution of the instructions; receives a plurality of sets of data files from one or more remote computers associated with an investigator; receives a request from a second remote computer and associated with an examiner, the request for a first set of data files within the plurality of sets of data files containing email for a first specific person; receives a second request from the second remote computer and associated with a requester, the request for authorization of the request for the first set of data files, wherein the requester is the examiner; transmits the request for authorization to a set of authorizers; receives an authorization from one of the set of authorizers of the request for the first set of data files in response to the request for authorization, thereby creating a first authorization request; transmits the first authorization request over a data communications network to one or more servers containing the first set of data files; receives the first set of data files over the data communications network from the one or more servers at the second remote computer in response to transmitting the first authorization request; and makes the first set of data files from the one or more servers available in the second remote computer to the requester as one of a set of authorized reviewers of the first set of data files.
-
-
24. A non-transitory computer-readable medium containing computer executable instructions that, when executed by a processor, perform a method for acquiring email and other data from computers and providing a secure and productive environment for the investigation of the data, the method comprising:
-
receiving a plurality of sets of data files from one or more remote computers associated with an investigator; receiving a request from a second remote computer and associated with an examiner, the request for a first set of data files within the plurality of sets of data files containing email for a first specific person; receiving a second request from the second remote computer and associated with a requester, the request for authorization of the request for the first set of data files, wherein the requester is the examiner; transmitting the request for authorization to a set of authorizers; receiving an authorization from one of the set of authorizers of the request for the first set of data files in response to the request for authorization, thereby creating a first authorization request; transmitting the first authorization request over a data communications network to one or more servers containing the first set of data files; receiving the first set of data files over the data communications network from the one or more servers at the second remote computer in response to transmitting the first authorization request; and making the first set of data files from the one or more servers available in the second remote computer to the requester as one of a set of authorized reviewers of the first set of data files.
-
Specification