David Gresty

Feature: Forensic investigation of cloud computing systems

Cloud computing describes a computing concept where software services, and the resources they use, operate as (and on) a virtualised platform across many different host machines, connected by the Internet or an organisations internal network. From a business or system users point of view, the cloud provides, via virtualisation, a single platform or service collection in which it can operate. Cloud computing is a new concept in the distributed processing of data and is likely to make computer forensic evidence acquisition and evidence analysis increasingly complex. Currently there do not appear to be any published guidelines that specifically address the conduct of computer forensic investigations of cloud computing systems. In order to understand and analyse evidence within this environment, computer forensics examiners will require a broader range of technical knowledge across multiple hardware platforms and operating systems. Dr Mark Taylor et al examine the issues concerning the forensic investigation of cloud systems.

Computer game-flow design

Computer games are a rapidly growing segment of the entertainment industry. Design and development of modern computer games can be a complex activity involving many participants from a variety of disciplines. However, computer game design approaches typically appear to be less formalised than those used for other types of software systems. In this article we describe an approach to computer game-flow design intended for the design of individual game levels within a computer game and demonstrate its application in practice.

Knowledge for Web site development

Web site development work is a growing aspect of the IT activities within many organisations. However, the skills and knowledge required by IT practitioners for successful Web site development are still largely uncertain. In this paper we examine the results of a research exercise involving case studies in 20 UK organisations aimed at investigating: the skills and knowledge that are required for Web site development work, how such skills and knowledge are used in actual practice, and the mechanisms by which such skills and knowledge can be acquired and improved.

Forensic investigation of social networking applications

Social networking applications such as Facebook, LinkedIn, MySpace and Twitter provide facilities including email, blogging, instant messaging and photo sharing for social and commercial exchange.1 There has been a rapid growth in the use of social networking applications by both individuals and organisations.2,3 And an increasing number of organisations use Facebook and Twitter as part of their marketing campaigns.4,5Social networking applications such as Facebook, Twitter and LinkedIn may be involved in instances of misuse that can affect both organisations and individuals.Dr Mark Taylor, Dr John Haggerty, David Gresty, Peter Almond and Dr Tom Berry of Liverpool John Moores University, Nottingham Trent University and University of Greenwich examine the forensic process of obtaining digital evidence from social networking applications and the legal aspects involved in potential misuse.

Determining Culpability in Investigations of Malicious E-mail Dissemination within the Organisation

Investigating cases of e-mail misuse within an organization (e.g. sexist / racist content, offensive material, etc.) to determine culpability can be a complex process. Such investigations are less likely to result in a formal prosecution, but are more likely to end in disciplinary action. In a criminal investigation, the evidence is collected, analyzed and then presented to the court. In an internal corporate forensics investigation, management must not only assess evidence to determine culpability, but must also determine appropriate levels of corporate discipline to be applied. These range from informal verbal warnings through formal verbal and written warnings, to suspension or termination of employment. Such a process may often be conducted by management who have no experience of the investigatory process. The social network analysis approach presented in this paper can be used not only to analyze and appreciate what can be a complex sequence of events involved in e-mail misuse, but also to determine levels of culpability.

Knowledge for network support

Abstract Computer network support is a growing area of IT activities within most organisations. Even small businesses are typically moving towards computer networks rather than separate stand-alone PCs. However, the skills and knowledge required for effective computer network support are still largely uncertain. In this paper the results of a research exercise investigating the skills and knowledge required for computer network support, based on case studies in 25 organisations are reported.

Avoiding the misuse of social media by employees

Social networking applications such as Facebook, Twitter and YouTube are increasingly being used in various ways by organisations. Organisations may adopt the use of social media for a variety of reasons including engaging with customers and clients, and supporting communication between employees.1-3 Although social media can potentially support communication between employees, care needs to be taken that they are used in a manner appropriate for relevant business purposes, at all times.Social networking applications are increasingly being used by organisations to engage with customers and support communications between employees.However, care needs to be taken that social media are used in a manner appropriate to relevant business purposes. This articles examines the potential misuse of social media by employees, the UK legislation relevant to such misuse, and also explores approaches by which organisations can attempt to limit such misuse.

Investigating employee harassment via social media

Purpose – The purpose of this paper is to examine the process of investigation of employee harassment via social media to develop best practices to help organisations conduct such investigations more effectively. Design/methodology/approach – It reviews the technical, managerial and legal literature to develop guidance for organisations conducting investigations of employee harassment via social media. Findings – Organisations may not have effective procedures for the investigation of social media misuse, in general, and employee harassment via social media, in particular. This paper provides guidance for organisations to conduct investigation of employee harassment via social media more effectively. Originality/value – The paper consolidates the fragmented discussion of investigation of social media misuse with regard to employee harassment via a literature review across technical, managerial and legal disciplines. The paper provides guidance to support organisations for conducting investigations of empl...

Teaching information technology law

In this paper we discuss an approach to the teaching of information technology law to higher education computing students that attempts to prepare them for professional computing practice. As information technology has become ubiquitous its interactions with the law have become more numerous. Information technology practitioners, and in particular specialists in the newer roles of computer forensic analyst and computer forensic expert witnesses are increasingly affected by the law. In this paper we review the development of the subject of information technology law and consider the issues of design, content and delivery of such modules to undergraduate computing students.

Teaching Business IT Ethics A Professional Approach

In UK higher education a primary aim of business IT-related qualifications is the preparation of students for a relevant career. In this article we discuss an approach to teaching business IT ethics in a university context that prepares students for the ethical problems that they may meet in their future IT careers, and we demonstrate how this approach can be integrated and implemented into undergraduate business IT courses.