Dissertationen zum Thema „Digital enforcement“

Researchers contend that chronic exposure to child exploitation material (CEM) contributes to stress, psychological and interpersonal problems among police officers in digital forensic roles. The spouses of these officers have been identified as key supports, who potentially influence the officers’ coping experiences. The existing research is, however, limited in that no studies have specifically examined Western Australian officers’ experiences nor investigated the support role of the officers’ spouses. Psychologists and managers of Australian digital forensic officers therefore have little evidence to inform policies, programs, and interventions that act to minimise adverse outcomes among these personnel. As such, across four stages, this research project used interpretative phenomenological analysis to explore the experience and effects of work-related CEM exposure in Western Australian digital forensic officers and their spouses. Stage one involved individual, semi-structured interviews with 13 members of the Western Australian Police Computer Crime Squad to examine “What is the meaning and essence of the lived experience of working with CEM?” Six themes emerged: context and culture over time; construction of identity; perceptions of work role; cognitive structures of CEM; perceived outcomes of CEM exposure; and coping. Stage two involved a single group interview which explored the perspectives of two of the squad’s supervisors, revealing three focal points: perceptions of stage one findings; perceived stressors and outcomes; and supervisory perspectives. Stage three used individual, semi-structured interviews with three of the offices’ spouses to investigate “What is the meaning and lived experience of being the spouse of a digital forensic officer who is exposed to CEM?” Six themes emerged: sense making of identity; perceptions of officer partner’s work experiences; perceptions of CEM exposure; gatekeeping role; perceived stress experiences of officer partner; perceptions of coping and support. In stage four the experiences of four new, less-experienced squad, members were explored. Five themes emerged across the individual, semi-structured interviews which closely reflected those of stage one, though more comprehensively captured early experiences with CEM exposure. Taken together, four conclusions emerged. First, adjusting to CEM exposure, although somewhat neglected in previous research, is a crucial evolving process during early exposures. Second, working with CEM transcends professional and personal lived experience, and these effects are not necessarily negative; for example, many officers derive a sense of meaning through their work. Third, consistent with previous findings, coping with CEM exposure is a complex and dynamic experience. Fourth, organisational and cultural practices are critical in these experiences. These findings contribute to the evidence-base upon which policies, practices and education programs that support these police officers and their spouses, can be developed and implemented. Psychologists need to be aware that work-related CEM exposure is qualitatively distinct from other policing stressors and that efforts to minimise risk, while promoting adaptive coping and supports, are crucial to the wellbeing of digital forensic officers.

Context: The widespread use of communication and digital technology in the society has affected the number of devices requiring analysis in criminal investigations. Additionally, the increase of storage volume, the diversity of digital devices, and the use of cloud environment introduce more complexities to the digital forensic domain. Objective: This work aims to supply a taxonomy of the main challenges and success factors faced in the digital forensic domain in law enforcement. Method: The chosen method for this research is a systematic literature review of studies with topics related to success factors and challenges in digital forensics for law enforcement. The candidate studies were 1,428 peer-reviewed scientific articles published between 2015 and 2021. Those studies were retrieved from five digital databases following a systematic process. From those candidate studies, twenty were selected as primary studies due to their relevance to the topic. After backward searching, eight other studies were also included in the group of primary studies. A total of twentyeight primary studies were analyzed by applying thematic coding. Furthermore, a survey of digital forensic practitioners from the Swedish Police was held to triangulate the results achieved with the systematic literature review.

Increasingly, government agencies are facing the challenge of effective implementation of information technologies that are critical to their digital government programs and initiatives. This dissertation reports two user-centric evaluation studies of COPLINK, a criminal knowledge management system that supports and enhances law enforcement officers' crime-fighting activities. Specifically, these aforementioned evaluations concentrated on system usability and user acceptance in a law enforcement setting. The chapters of this dissertation describe the study design, highlight the analysis results, and discuss their implications for digital government research and practices. Overall, the models used in this study showed a reasonably good fit with officers' usability and acceptance assessments and exhibited satisfactory explanatory power. The analysis also showed that individuals included in the current study exhibited important characteristics common to individual professionals. Compared to end-users and knowledge workers in business settings, law enforcement officers appear to be pragmatic in their technology acceptance assessments, concentrating more on the usefulness of a technology than on its ease of use. Participating officers also attached limited weight to the suggestions or opinions of significant referents. Findings from this study should provide valuable insights to digital government systems evaluation and, at the same time, shed light on how government agencies can design management interventions to foster technology acceptance and use.

The thesis examines to what extent copyright holders can enforce the online reproduction and communication rights against online service providers in Egypt. The objective of the thesis is therefore to highlight that the existing Egyptian copyright law 2002/82 is insufficient to impose liability on internet service providers, both substantively and also with regards to enforcement. Various recommendations are thus made to improve the legislative framework in Egypt, all with a view of achieving that a fair balance is struck for all those parties, who/which are involved in digital communications, particularly online end users, so that their rights to online privacy and access to information are preserved. For this purpose, a comparative methodology has been adopted and recourse is made to US and European laws. This comparative approach is further complemented by a critical examination of existing deficiencies within the legislative liability regime for internet service providers in the US and Europe in order to ensure that foreign laws are not merely transplanted, but that the best and most suitable legislative framework is adopted by the Egyptian legislator.

Today’s law enforcement agencies are presented with challenges regarding how to navigate the rapidly changing technical landscape. The proliferation of digital devices in society has presented opportunities for modern criminals, resulting in substantial changes in criminal behavior. Digital devices have, thus, become a crucial piece of evidence within forensic investigation processes, which has caused the field of digital forensics to emerge as a central part of modern law enforcement. However, law enforcement is experiencing substantial challenges in regard to handling the complexity of modern digital devices, as well as the data quantities that these devices imply. While digital forensics literature commonly discusses the challenges that law enforcement agencies are facing, it fails to address the role and responsibilities that the digital forensic companies have in ensuring that law enforcement agencies possess the necessary means to counteract criminal activity. Therefore, this study aims to investigate how the companies that supply the tools that law enforcement depends on, can help the agencies to overcome these challenges. Although the need for digital forensics is at an all time high, the consensus among practitioners is that they lack the necessary means to adequately handle digital evidence. Moreover, it is identified that lack of organizational understanding is impeding law enforcement from prioritizing allocation of capital towards digital forensics. Thus, this study also assesses how digital forensic companies can adapt their marketing approaches based on the purchasing behavior of law enforcement, in order to efficiently communicate the need within the customer organizations and ensure that law enforcement agencies possess the necessary means to counteract modern criminality. In order to investigate this area of research and address the identified problems, ii the study is set up as a case study in collaboration with a European digital forensic company. The study includes several internal interviews with company representatives, as well as a large amount of external interviews with digital forensic experts from different European law enforcement agencies. The empirical evidence is assessed against renowned literature within digital forensics and organizational buying behavior to acquire a comprehensive understanding of the problems and help answer the proposed research questions. The study concludes that the main challenges that law enforcement is facing in regard to digital forensics originate from a lack of organizational understanding. This results in insufficient resources being allocated towards digital forensics. In turn, this limits law enforcement’s ability to properly educate their staff and purchase the necessary tools to effectively handle the complexity and quantity of evidence that modern digital forensics implies. To address this, digital forensic companies are required to adapt their business models to the resource limitations of their customers by offering more flexible training solutions and tailor the tools based on specific user needs. Moreover, it is determined that companies should be involved in pursuing law enforcement management to improve the organizational understanding regarding the importance of digital forensics. The study also identifies that the organizational structure of law enforcement agencies highly impact their purchasing behavior. Depending on the degree of law enforcement centralization, the buying center structure varies. For centralized organizations the scale of the buying center is generally larger and the same applies for its purchases. The individual members of the buying center have minor influence over the decision making process, instead the decisions are a consequence of collective decision making by different departments. In contrast, decentralized organizations make smaller purchases through smaller buying centers. The individual members within the decentralized buying center have far more influence over the buying behaviour in comparison to the members of a centralized organization’s buying center. Therefore, digital forensic companies need to employ different marketing strategies to anchor their products within different law enforcement organizations. It is established that companies should aspire to identify the buying centers of potential and existing customer organizations, to improve efficiency of marketing efforts. Mapping out organizational and authoritative structure is, thus, concluded to be crucial in order to successfully capitalize on the purchasing behavior of different law enforcement organizations. To enable digital forensic companies to practically apply these suggestions within the context of their marketing strategies, applicable models based on theory and empirics are proposed.
Dagens brottsbekämpande myndigheter står inför en stor mängd utmaningar när det kommer till att navigera i det snabbföränderliga tekniska landskapet. Spridningen av digitala enheter i samhället har presenterat möjligheter för kriminella, vilket har resulterat i väsentliga förändringar i kriminellt beteende. Digitala enheter har därför blivit viktiga som bevis inom moderna forensiska utredningsprocesser, vilket har lett till att digital forensik har blivit en central del av modern brottsutredning. Brottsutredande myndigheter upplever dock betydande utmaningar när det kommer till att hantera komplexiteten hos moderna digitala enheter, samt den mängd data som dessa enheter medför. Litteratur om digital forensik tar frekvent upp utmaningarna som brottsbekämpande myndigheter står inför. Däremot tar litteraturen inte upp rollen och ansvaret som digital forensik-företagen har i att säkra att brottsutredande myndigheter har de nödvändiga verktygen för att bekämpa brottslighet. Därför är syftet med studien att undersöka hur företagen som förser brottsutredande myndigheter med verktyg, kan hjälpa till att lösa dessa problem. Trots att behovet av digital forensik är rekordhögt, är konsensusen bland utövare att de saknar de nödvändiga medlen för att hantera digitalt bevismaterial. Dessutom identifieras det att organisatorisk förståelse hindrar brottsutredande myndigheter från att prioritera allokering av kapital för digital forensik. Därmed undersöker denna studie också hur digital forensik-företag kan anpassa sina marknadsföringsstrategier baserat på brottsutredande myndigheters inköpsbeteende, för att effektivt kunna kommunicera behovet inom kundorganisationerna och försäkra att brottsutredande myndigheter innehar de nödvändiga medlen för att kunna bekämpa kriminalitet. För att undersöka detta forskningsområde och hantera de identifierade problemen, är studien strukturerad som en fallstudie i samarbete med ett Europeiskt digital forensik-företag. Studien inkluderar ett mindre antal interna intervjuer iv med företagsrepresentanter, samt ett flertal externa intervjuer med digital forensikexperter från olika brottsutredande myndigheter i Europa. Det empiriska underlaget analyseras med hjälp av erkänd litteratur inom digital forensik samt ramverk inom organisationellt köpbeteende för att få en omfattande förståelse för problemen och kunna besvara de föreslagna forskningsfrågorna. Studien drar slutsatsen att de mest omfattande utmaningarna som brottsutredande myndigheter står inför när det gäller digital kriminalteknik, grundas i brist på organisatorisk förståelse. Detta resulterar i att de resurser som allokeras till digital brottsbekämpning är otillräckliga. I sin tur begränsar detta brottsutredande myndigheters möjligheter att i tillräcklig utsträckning utbilda personal samt anskaffa de nödvändiga verktygen för att effektivt hantera komplexiteten och beviskvantiteten som dagens digitala brottsbekämpning innebär. För att hantera detta krävs att digital forensik-företag anpassar sina affärsmodeller efter kundernas resursbegränsningar genom att erbjuda mer flexibla utbildningslösningar och verktyg som är skräddarsydda utifrån specifika användarbehov. Dessutom fastställs det att företagen bör vara involverade i att övertyga brottsutredande myndigheter på ledningsnivå om digital brottsbekämpnings betydelse och relevans. Studien identifierar också organisatorisk struktur inom brottsutredande myndigheter som en faktor som har stor inverkan på inköpsbeteende. Beroende på graden av centralisering, så kommer “buying center”-strukturen att förändras. För centraliserade organisationer är både skalan av buying centret och inköpen stora. De individuella medlemmarna av buying centret har lite inflytande över beslutsprocessen, istället så är besluten en konsekvens av kollektiva beslut fattade av flertalet avdelningar. I kontrast till centraliserade organisationer så gör decentraliserade organisationer mindre inköp genom mindre buying centers. De individuella medlemmarna inom decentraliserade buying centers har betydligt mer inflytande över köpbeteendet i jämförelse med medlemmarna i en centraliserad organisations buying center. Därför behöver digital forensikföretag adoptera olika marknadsföringsstrategier för att lyckas nå ut och förankra produkterna inom brottutredingsorganisationer. Det fastställs att företag borde sträva efter att identifiera potentiella och befintliga kunders så kallade buying centers för att effektivisera marknadsföringsinsatserna. Kartläggning av organisatoriska och auktoritära strukturer är därför nödvändigt för att framgångsrikt kapitalisera på rättsutredande organisationers inköpsbeteenden. För att göra det möjligt för digital forensik-företag att praktiskt tillämpa dessa förslag på deras marknadsföringsstrategier, har applicerbara modeller baserade på teori och empiri föreslagits.

The research, employing a comparative and multidisciplinary approach, aims at understanding the conflict between information privacy and copyright enforcement in the digital era. Throughout the whole study attention will be paid to the effect that technology has on these rights. The systems under scrutiny will be the European one (with particular regard to Italy) and the North American ones (US and Canada). The starting point of this analysis are a number of selected lawsuits in which copyright holders have tried to enforce their rights against Internet users suspected of illegal peer-to-peer downloading. In so doing, copyright enforcement collided with users’ information privacy. In analyzing the way in which these decisions were taken, I shall try to understand how technology affects society. Many studies have demonstrated the interaction between technology and society. Copyright and information privacy laws are themselves a product of technology and innovation. The idea behind my analysis is that technology not only affects society, but that it also affects lawmakers, and even judges (who, directly or indirectly, are lawmakers as well). Indeed, judges do not live a secluded life, but operate within a society. Therefore, it is at least plausible, if not necessary, that their decisions reflect the values of that society. In other words, technology influences society, which, in turn, affects judicial opinion. To assess if my statement is sound, I shall consider the perception of copyright, limited to file-sharing activities, in the three normative systems. The same analysis will be undertaken with regard to information privacy. As will be seen, unsurprisingly, technology has affected in many ways the substance of both privacy and copyright norms. But technology has also affected people’s lives, people’s way of behaving, and, in the end, people’s minds. This has led to a different perception of the need to protect the aforementioned rights, even if in opposite directions. Privacy concerns have been increasing, while copyright is more and more seen as something “negative†, for a variety of reasons. Given this, a plausible answer to my main line of inquiry is that courts’ decisions reflect this common sense position of prioritizing privacy over copyright. In particular, I shall examine the literature related to the way courts judge and if and how they can be influenced by the society and culture in which they operate. Importance will be given to the way that this influence could enter into judicial reasoning. If it is true that technology changes society, which in turn affects the judicial mind, then technology enters into this contextual backdrop for adjudication. Therefore, the question I would like to answer is the following: could this be a reason why, despite similar legal frameworks, the outcomes of lawsuits are quite different among the considered legal systems? This would be the goal of my research, conscious of the fact that anyway my answer would be just one of the many possible explanations.

The research, employing a comparative and multidisciplinary approach, aims at understanding the conflict between information privacy and copyright enforcement in the digital era. Throughout the whole study attention will be paid to the effect that technology has on these rights. The systems under scrutiny will be the European one (with particular regard to Italy) and the North American ones (US and Canada). The starting point of this analysis are a number of selected lawsuits in which copyright holders have tried to enforce their rights against Internet users suspected of illegal peer-to-peer downloading. In so doing, copyright enforcement collided with users’ information privacy. In analyzing the way in which these decisions were taken, I shall try to understand how technology affects society. Many studies have demonstrated the interaction between technology and society. Copyright and information privacy laws are themselves a product of technology and innovation. The idea behind my analysis is that technology not only affects society, but that it also affects lawmakers, and even judges (who, directly or indirectly, are lawmakers as well). Indeed, judges do not live a secluded life, but operate within a society. Therefore, it is at least plausible, if not necessary, that their decisions reflect the values of that society. In other words, technology influences society, which, in turn, affects judicial opinion. To assess if my statement is sound, I shall consider the perception of copyright, limited to file-sharing activities, in the three normative systems. The same analysis will be undertaken with regard to information privacy. As will be seen, unsurprisingly, technology has affected in many ways the substance of both privacy and copyright norms. But technology has also affected people’s lives, people’s way of behaving, and, in the end, people’s minds. This has led to a different perception of the need to protect the aforementioned rights, even if in opposite directions. Privacy concerns have been increasing, while copyright is more and more seen as something “negative”, for a variety of reasons. Given this, a plausible answer to my main line of inquiry is that courts’ decisions reflect this common sense position of prioritizing privacy over copyright. In particular, I shall examine the literature related to the way courts judge and if and how they can be influenced by the society and culture in which they operate. Importance will be given to the way that this influence could enter into judicial reasoning. If it is true that technology changes society, which in turn affects the judicial mind, then technology enters into this contextual backdrop for adjudication. Therefore, the question I would like to answer is the following: could this be a reason why, despite similar legal frameworks, the outcomes of lawsuits are quite different among the considered legal systems? This would be the goal of my research, conscious of the fact that anyway my answer would be just one of the many possible explanations.

The Internet in its most basic form is a complex information sharing organism. There are billions of interconnected elements with varying capabilities that work together supporting numerous activities (services) through this information sharing. In recent times, these elements have become portable, mobile, highly computationally capable and more than ever intertwined with human controllers and their activities. They are also rapidly being embedded into other everyday objects and sharing more and more information in order to facilitate automation, signaling that the rise of the Internet of Things is imminent. In every human society there are always miscreants who prefer to drive against the common good and engage in illicit activity. It is no different within the society interconnected by the Internet (The Internet Society). Law enforcement in every society attempts to curb perpetrators of such activities. However, it is immensely difficult when the Internet is the playing field. The amount of information that investigators must sift through is incredibly massive and prosecution timelines stated by law are prohibitively narrow. The main solution towards this Big Data problem is seen to be the automation of the Digital Investigation process. This encompasses the entire process: From the detection of malevolent activity, seizure/collection of evidence, analysis of the evidentiary data collected and finally to the presentation of valid postulates. This paper focuses mainly on the automation of the evidence capture process in an Internet of Things environment. However, in order to comprehensively achieve this, the subsequent and consequent procedures of detection of malevolent activity and analysis of the evidentiary data collected, respectively, are also touched upon. To this effect we propose the Live Evidence Information Aggregator (LEIA) architecture that aims to be a comprehensive automated digital investigation tool. LEIA is in essence a collaborative framework that hinges upon interactivity and sharing of resources and information among participating devices in order to achieve the necessary efficiency in data collection in the event of a security incident. Its ingenuity makes use of a variety of technologies to achieve its goals. This is seen in the use of crowdsourcing among devices in order to achieve more accurate malicious event detection; Hypervisors with inbuilt intrusion detection capabilities to facilitate efficient data capture; Peer to Peer networks to facilitate rapid transfer of evidentiary data to a centralized data store; Cloud Storage to facilitate storage of massive amounts of data; and the Resource Description Framework from Semantic Web Technologies to facilitate the interoperability of data storage formats among the heterogeneous devices. Within the description of the LEIA architecture, a peer to peer protocol based on the Bittorrent protocol is proposed, corresponding data storage and transfer formats are developed, and network security protocols are also taken into consideration. In order to demonstrate the LEIA architecture developed in this study, a small scale prototype with limited capabilities has been built and tested. The prototype functionality focuses only on the secure, remote acquisition of the hard disk of an embedded Linux device over the Internet and its subsequent storage on a cloud infrastructure. The successful implementation of this prototype goes to show that the architecture is feasible and that the automation of the evidence seizure process makes the otherwise arduous process easy and quick to perform.

Campus networks have recently experienced a proliferation of devices ranging from personal use devices (e.g. smartphones, laptops, tablets), to special-purpose network equipment (e.g. firewalls, network address translation boxes, network caches, load balancers, virtual private network servers, and authentication servers), as well as special-purpose systems (badge readers, IP phones, cameras, location trackers, etc.). To establish directives and regulations regarding the ways in which these heterogeneous systems are allowed to interact with each other and the network infrastructure, organizations typically appoint policy writing committees (PWCs) to create acceptable use policy (AUP) documents describing the rules and behavioral guidelines that all campus network interactions must abide by. While users are the audience for AUP documents produced by an organization's PWC, network administrators are the responsible party enforcing the contents of such policies using low-level CLI instructions and configuration files that are typically difficult to understand and are almost impossible to show that they do, in fact, enforce the AUPs. In other words, mapping the contents of imprecise unstructured sentences into technical configurations is a challenging task that relies on the interpretation and expertise of the network operator carrying out the policy enforcement. Moreover, there are multiple places where policy enforcement can take place. For example, policies governing servers (e.g., web, mail, and file servers) are often encoded into the server's configuration files. However, from a security perspective, conflating policy enforcement with server configuration is a dangerous practice because minor server misconfigurations could open up avenues for security exploits. On the other hand, policies that are enforced in the network tend to rarely change over time and are often based on one-size-fits-all policies that can severely limit the fast-paced dynamics of emerging research workflows found in campus networks. This dissertation addresses the above problems by leveraging recent advances in Software-Defined Networking (SDN) to support systems that enable novel in-network approaches developed to support an organization's network security policies. Namely, we introduce PoLanCO, a human-readable yet technically-precise policy language that serves as a middle-ground between the imprecise statements found in AUPs and the technical low-level mechanisms used to implement them. Real-world examples show that PoLanCO is capable of implementing a wide range of policies found in campus networks. In addition, we also present the concept of Network Security Caps, an enforcement layer that separates server/device functionality from policy enforcement. A Network Security Cap intercepts packets coming from, and going to, servers and ensures policy compliance before allowing network devices to process packets using the traditional forwarding mechanisms. Lastly, we propose the on-demand security exceptions model to cope with the dynamics of emerging research workflows that are not suited for a one-size-fits-all security approach. In the proposed model, network users and providers establish trust relationships that can be used to temporarily bypass the policy compliance checks applied to general-purpose traffic -- typically by network appliances that perform Deep Packet Inspection, thereby creating network bottlenecks. We describe the components of a prototype exception system as well as experiments showing that through short-lived exceptions researchers can realize significant improvements for their special-purpose traffic.

With the development of cyberspace, mankind’s ability to exchange tremendous amounts of information reached astonishing and praise-worthy levels. Unfortunately, such information also includes digital content infringing a variety of legitimate interests, such as copyright, trademarks, privacy, and reputation. Despite the increased regulatory activity of governments from all over the world, aimed at developing adequate legal frameworks governing the removal of access to such content, there are still significant concerns over the performance of this particular branch of online enforcement policy; concerns such as lack of effectiveness, or the impact of the endorsed solutions on the human rights framework. The following thesis is aimed at responding to those concerns, from the perspective of the European Union’s law. The work’s overarching aim is to devise the most adequate, pan-European legal framework governing the removal of access to online content which infringes copyright, trademarks, privacy or is defamatory in nature. While those four content types differ from one another, this project delivers additional value by discovering such differences (as well as similarities) in the enforcement context, and taking them into account in its analysis and recommendations. The path towards attaining the thesis’ research objective is drawn through the following five chapters. The first chapter begins by gathering and organising the legal provisions which, if broken, can mark a piece of digital content as one infringing copyright, trademarks, privacy or reputation. The said provisions are then applied to a wide array of factual scenarios in which the described types of infringing content appear in cyberspace. It should be noted that the thesis draws in this context primarily on the EU law; where this is not possible, the UK law is relied on. This is justifiable by the project’s focus on the enforcement schemes, not on the definitions of infringing content. The second chapter lays out the vast landscape of enforcement schemes endorsed within the EU for the purpose of removing access to the four chosen types of infringing content, both directly and indirectly. Such schemes are divided on those focused on the infringers themselves, and those focused on the intermediaries whose services are used for facilitating the transfer of infringing content. The chapter can be seen as laying out all the tools from the (regulatory) toolbox before deciding which ones to use - or alterate - for the task at hand. The third chapter is the first of the two key, critically analytical chapters; it seeks to uncover and analyse the main challenges tied to the enforcement schemes’ effectiveness. To this end, it begins by analysing three primary concerns of this kind; the renewal of access to infringing content (on a single platform), movements towards the alternative sources of infringing content, and circumvention of the enforcement schemes’ technological aspects. This is followed by the analysis of the deeper effectiveness-related concerns (which often underlie the primary ones). They include the lack of deterrence, the notion of diminishing returns and the issue of social acceptance of infringing activities. The fourth chapter explores the human rights implications of the enforcement schemes, with attention given to the balance struck within the EU law between the human rights protected by the said schemes, and those impaired by them. This is attained through two subchapters; the first one introduces the human rights involved and defines their scope, while the second discusses the enforcement schemes’ impact on the three most affected human rights – the right to privacy, the freedom of expression and the freedom to conduct a business. The conclusive, fifth chapter builds on its predecessors and proposes a fundamental upheaval of the approach to intermediary liability within the EU law, an upheaval aimed at responding to the concerns identified in chapters three and four and improving the degree of legal certainty within this branch of online enforcement. The chapter contains a corresponding proposal for a major reform of the EU legal framework.

Dans cette thèse, j'ai abordé les dispositions d'application des droits de propriété intellectuelle de trois accords d'association (AA), que l'Union européenne (UE) a conclus avec la Géorgie, la Moldavie et l'Ukraine au début des années 2010. J'ai puisé dans ces AA en tant que représentants de la politique extérieure souvent critiquée de l'UE en matière de propriété intellectuelle (PI), lancée en 2004, qui consiste à exporter les règles internes de l'UE en matière de propriété intellectuelle par le biais d'accords commerciaux. Cette analyse m'a permis d'aborder la question fondamentale de cette thèse : y a-t-il quelque chose de bon dans les accords commerciaux de l'UE ? La réponse claire, appuyée par cette thèse sur l'exemple des AA, est « oui ». L'enquête générale, qui a conduit à ces conclusions, était triple. Premièrement, j'ai analysé la politique générale de l'UE envers la Géorgie, la Moldavie et l'Ukraine concernant l'application des droits de propriété intellectuelle, ainsi que sa perception dans la littérature académique. Deuxièmement, après avoir retracé les critiques académiques existantes sur les accords commerciaux de l'UE, j'ai examiné si ces critiques étaient justifiées, telles qu'appliquées aux trois AA. Troisièmement, sur la base de cette analyse, j'ai identifié des problèmes supplémentaires auxquels les pays tiers pourraient être confrontés lors de la mise en oeuvre d'un accord commercial avec l'UE
In this thesis, I have addressed the IPR enforcement provisions of three Association Agreements (AAs), which the European Union (EU) concluded with Georgia, Moldova and Ukraine in the early 2010s. I drew on these AAs as representatives of the EU's often criticized external intellectual property (IP) policy, launched in 2004, which consists of exporting the EU's internal IP rules through trade agreements. Said analysis allowed me to approach the fundamental question of this thesis: is there something good with the EU trade agreements? The plain answer, supported by this thesis on the example of the AAs, is “yes”. The general investigation, which led to these conclusions, was threefold. First, I analyzed the general policy of the EU towards Georgia, Moldova and Ukraine regarding the enforcement of IPRs, as well as its perception in the academic literature. Second, after tracing existing academic criticism of the EU's trade agreements, I examined whether such criticism was justified, as applied to the three AAs. Third, based on this analysis, I identified additional problems that third countries might face when implementing a trade agreement with the EU

This research examined opinions of local law enforcement agencies’ patrol officers in the State of Georgia regarding preparedness and expectations for handling of digital evidence. The increased criminal use of technology requires that patrol officers be prepared to handle digital evidence in many different situations. The researcher’s goal was to gain insight into how patrol officers view their preparedness to handle digital evidence as well as their opinions on management expectations regarding patrol officers’ abilities to handle digital evidence. The research focused on identifying whether a gap existed between patrol officers’ opinions of digital evidence and the patrol officers’ views on what management expectations are for patrol officers handling digital evidence. Using a Web-based survey, the researcher collected data from 144 departments, 407 individual patrol officers in four strata across the State of Georgia. The analysis of the data found that most patrol officers handle digital evidence in at least some situations. The patrol officers’ opinions stated that most understood management expectations for handling of digital evidence and felt those expectations were realistic based on the officers’ current knowledge and training; therefore no significant gap was found. The patrol officers state that they need additional training in order to stay up to date with the current and future needs for handling existing and new technology.

All firearms within the United States are required by the Gun Control Act to be physically marked with a serial number; which is at least 0.003” in depth and 1/16” in height. The purpose of a serial number is to make each firearm uniquely identifiable and traceable. Intentional removal of a serial number is a criminal offense and is used to hide the identity and movements of the involved criminal parties. The current standard for firearm serial number restoration is by chemical etching; which is time & labor intensive as well as destructive to the physical evidence (firearm). It is hypothesized that a new technique that is accurate, precise, and time efficient will greatly aid law enforcement agencies in pursuing criminals. This thesis focuses on using a large chamber scanning electron microscope to take secondary electron (SE) images of a stamped metal plate and analyzing them using the MIRA MX 7 UE image processing software for purposes of depth determination. An experimental peak luminance value of 77 (pixel values) was correlated to the known depth (273 μm) at the bottom of the sample character. Results show that it is potentially possible to determine an unknown depth from a SEM image; using luminance values obtained in the MIRA analysis.

This research used the Queensland Police Service, Australia, as a major case study. Information on principles, techniques and processes used, and the reason for the recording, storing and release of audit information for evidentiary purposes is reported. It is shown that Law Enforcement Agencies have a two-fold interest in, and legal obligation pertaining to, audit trails. The first interest relates to the situation where audit trails are actually used by criminals in the commission of crime and the second to where audit trails are generated by the information systems used by the police themselves in support of the recording and investigation of crime. Eleven court cases involving Queensland Police Service audit trails used in evidence in Queensland courts were selected for further analysis. It is shown that, of the cases studied, none of the evidence presented was rejected or seriously challenged from a technical perspective. These results were further analysed and related to normal requirements for trusted maintenance of audit trail information in sensitive environments with discussion on the ability and/or willingness of courts to fully challenge, assess or value audit evidence presented. Managerial and technical frameworks for firstly what is considered as an environment where a computer system may be considered to be operating “properly” and, secondly, what aspects of education, training, qualifications, expertise and the like may be considered as appropriate for persons responsible within that environment, are both proposed. Analysis was undertaken to determine if audit and control of information in a high security environment, such as law enforcement, could be judged as having improved, or not, in the transition from manual to electronic processes. Information collection, control of processing and audit in manual processes used by the Queensland Police Service, Australia, in the period 1940 to 1980 was assessed against current electronic systems essentially introduced to policing in the decades of the 1980s and 1990s. Results show that electronic systems do provide for faster communications with centrally controlled and updated information readily available for use by large numbers of users who are connected across significant geographical locations. However, it is clearly evident that the price paid for this is a lack of ability and/or reluctance to provide improved audit and control processes. To compare the information systems audit and control arrangements of the Queensland Police Service with other government departments or agencies, an Australia wide survey was conducted. Results of the survey were contrasted with the particular results of a survey, conducted by the Australian Commonwealth Privacy Commission four years previous, to this survey which showed that security in relation to the recording of activity against access to information held on Australian government computer systems has been poor and a cause for concern. However, within this four year period there is evidence to suggest that government organisations are increasingly more inclined to generate audit trails. An attack on the overall security of audit trails in computer operating systems was initiated to further investigate findings reported in relation to the government systems survey. The survey showed that information systems audit trails in Microsoft Corporation's “Windows” operating system environments are relied on quite heavily. An audit of the security for audit trails generated, stored and managed in the Microsoft “Windows 2000” operating system environment was undertaken and compared and contrasted with similar such audit trail schemes in the “UNIX” and “Linux” operating systems. Strength of passwords and exploitation of any security problems in access control were targeted using software tools that are freely available in the public domain. Results showed that such security for the “Windows 2000” system is seriously flawed and the integrity of audit trails stored within these environments cannot be relied upon. An attempt to produce a framework and set of guidelines for use by expert witnesses in the information technology (IT) profession is proposed. This is achieved by examining the current rules and guidelines related to the provision of expert evidence in a court environment, by analysing the rationale for the separation of distinct disciplines and corresponding bodies of knowledge used by the Medical Profession and Forensic Science and then by analysing the bodies of knowledge within the discipline of IT itself. It is demonstrated that the accepted processes and procedures relevant to expert witnessing in a court environment are transferable to the IT sector. However, unlike some discipline areas, this analysis has clearly identified two distinct aspects of the matter which appear particularly relevant to IT. These two areas are; expertise gained through the application of IT to information needs in a particular public or private enterprise; and expertise gained through accepted and verifiable education, training and experience in fundamental IT products and system.

Initial evaluation of the "hydrologically correct" HYDRO1k (2001) data set, found that the drainage network derived from the topographic data using the TOPographic P ArameriZation (TOPAZ) software was inconsistent with the blue line data in the National Atlas of Canada data. Further analysis found minor elevation errors in the HYDRO1k DEM were causing drainage network inconsistencies in some relatively flat and low elevation areas. Implementation of the Australian National University Digital Elevation Model (Hutchinson 1989) algorithm for drainage enforcement corrected the drainage networks, however, it adversely affected the DEM characteristics by substantially lowering high elevation values and created a general smoothing effect across the DEM surface. It was felt that a method that captures ANUDEMs drainage enforcement capabilities, but limits the effect on the surrounding DEM outside the drainage network area would be beneficial. The focus of this project was to develop a new method for the development of a hydrologically correct Digital Elevation Model (DEM). Specifically, this project uses a presently accepted procedure, ANUDEM, developed by Hutchinson (1989), and builds upon it using a series of drainage network based buffers. The new method uses a simple distance weighting of elevation values based on proximity to the drainage network to weight elevation values closest to the drainage network more heavily to ANUDEM calculated values and to give ANUDEM values less weight as the distance moves further away towards the edge of the buffer. This approach effectively minimizes the effect of ANUDEM processing on areas away from the drainage networks. Three drainage basins DEMs were used to test the new procedure, each exhibiting a particular problem for hydrological modeling and automated delineation of drainage networks. The first DEM was extracted from the HYDRO1k database and represented the Saskatchewan River Basin at a resolution of 1 km. It contained minor elevation errors that gave rise to incorrect drainage delineation. The second DEM represented the Mackenzie River Basin at a resolution of 2 km and, as part of an earlier scaling study, had been derived by aggregation of an initial 1 km resolution DEM. The aggregation process introduced several drainage network errors. The third DEM represented the Snare River Basin at a resolution of 100 m. This basin had a very small elevation range nad chaotic drainage pattern which make it very difficult to model. Following implementation of the new procedure for the Saskatchewan River Basin and the Mackenzie River Basin. TOPAZ provided drainage networks that were consistent with the corresponding blue line networks in the National Atlas of Canada data set. Examination of the DEM characteristics found that effects of the new procedure on DEM characteristics were minimal. The range of elevations was maintained and the mean elevation of the DEM is statistically unchanged using a 1, 3 and 5 cell buffer width. Using 10 and 20 cell buffers, also provided correct drainage networks, however, effects on the DEM characteristics started to increase. In the case of the Snare River Basin, ANUDEM was unable to process the DEM for the Snare River Basin presumably because a threshold of drainage network complexity and topographic relief was exceeded.

碩士
元智大學
資訊管理學系
99
“Digital Divide” is a changing concept. According to different historical backgrounds and different development situation of countries, scholars may have different points of view regarding “Digital Divide.” The discussion of digital divide might be about the availability of telephony and computer equipment as well as the internet penetration rate for under-developed countries in the aspect of information technology infrastructure. While it is more about the differentiations of internet access rate, ability of information usage and digital skills among various communities for countries with well-developed information technology. To provide a better environment for information access and to cultivate the digital character, providing courses of information applications as a way to reduce the communications and digital divide is well-received worldwide. This research, based on a number of ongoing programs of Chunghwa Telecom Foundation, is aimed to evaluate and analyze the effectiveness of decreasing the “Digital Divide”.

碩士
國立臺北大學
資訊管理研究所
96
During the practical investigation, many lawsuit cases have lost due to the fact that the litigants failed to understand the importance of digital forensics and how to properly handle the digital evidence. In recent years, many academic institutions and government agencies have actively devoted to advance the field of digital forensics and expected to develop a set of standard operating procedures as the guideline for law enforcement. The standard operating procedure will not only improve the accuracy and non-repudiation of digital evidence in order to assist law enforcement agencies but also provide as guidance for any non law enforcement third parties involved in criminal investigation. The court may not admit the electronically stored information as legit digital evidence if the litigant did not establish a solid standard operating procedure regarding how the digital evidence was obtained. This thesis focuses on establishing a set of digital forensics standard operating procedures for the non- law enforcement parties. The standard operating procedure will be taken as the referential procedure for various enterprises and governmental agencies to strengthen the results of digital forensics and reveal the fact in front of the court.

This thesis introduces a new modeling approach that allows very large power systems to be modeled on a real time electro-magnetic transients (EMT) digital simulator with reduced hardware costs. The key step in achieving this is the development of an improved wide-band multi-port equivalent, which reduces a large power network into a small manageable equivalent model that preserves wideband behaviors. This approach has a foundation method that use a two part equivalent in which the high frequency behavior of the equivalenced network is represented by a terminating frequency dependent network equivalent (FDNE), with the low frequency behavior being modeled using a detailed Transient Stability Analysis (TSA) model that only models the electromechanical behavior. This approach allowed the modelling of medium size electric regions up to hundreds of buses in real time. This thesis extends the equivalent by implementing a reduced order of the detailed electromechanical TSA equivalent mentioned above. Coherency based reduction is used for the electromechanical model of the power network to be equivalenced, and is implemented as a Transient Stability Analysis (TSA) type electromechanical equivalent. A challenge in implementing the FDNE is to ensure that it is a passive network, as otherwise its inclusion could lead to unstable simulation. This thesis also introduces a practical procedure to enforce passivity in the FDNE. The validity of the proposed technique is demonstrated by comparing the approach with detailed electromagnetic simulations of the well-known 39 bus New England system and a modified 39 bus system with an HVDC infeed with coupling between the dc line and an adjacent ac line, in addition to a 108 bus ac system. The power of the method is demonstrated by the real-time simulation of a large system with 2300 busses and 139 generators. It has been shown that this approach has the potential to increase by at least one order of magnitude the size of the network that can be modeled and thus on a real time electro-magnetic transients (EMT) digital simulator with reduced hardware costs.

The study investigated the application of the crime threat analysis process at station level within the Nelson Mandela Metro City area with the objective of determining inhibiting factors (constraints) and best practices. Qualitative research methodology was applied and interviews were conducted with crime analysts and specialised investigators/intelligence analysts. The research design can be best described as descriptive and explorative in nature. The crime threat analysis process embroils the application of various crime analysis techniques and the outcomes thereof intends to have a dual purpose of generating operational crime management information in assisting crime prevention initiatives and crime detection efforts, mainly focussing on the criminal activities of group offenders (organised crime related), repeat offenders and serial offenders. During the study it became evident that crime analysts understand and thus apply the crime threat analysis process indifferently, which impeded on the relevancy and the utilisation thereof as an effective crime management tool.
Criminology
M.Tech. (Policing)