DEMS : dealing with the growing tidal wave of digital evidence
Digital CCTV systems, digital crime scene photos, digitally recorded interviews, in car digital cameras, body worn cameras and citizen provided digital evidence all add up to exponentially more digital data than ever before, that must be uploaded, catalogued, made searchable and kept secure. A critical part of keeping the evidence secure is ensuring a legally defensible chain of custody as well as being able to prove in court that the digital evidence has not been changed since it was obtained. It is in this last data security requirement where Q by SoLVBL can really add value to a DEMS.
Current data verification approach
Currently, a DEMS may use cryptographic hashes to validate digital evidence. The digital evidence is hashed when it is first obtained and the hash is stored with the evidence in the DEMS. When the integrity of the evidence needs to be verified, the stored evidence is hashed again and the current and historic hash values are compared. If the hash values are identical, the integrity of the evidence is "proven".
There are Issues with the current hash method
Using hashes to verify evidence integrity is vulnerable to malicious actors with access to the DEMS. Such an actor could alter or delete digital evidence and swap or delete the corresponding hash value. The tampered evidence would, upon subsequent hashing, produce a hash value identical to the (forged) hash value in the DEMS.
*Note: Secured backups, change logs, and well tailored access control can all mitigate the risks of such malicious access, but will not eliminate it.
Q Addresses this vulnerability
Q uses additional cryptographic techniques, immutable storage and enhanced blockchain technologies to provide an immutable seal. These seals replace the current hashing method.
A Q seal is obtained by submitting the signed hash value of the evidence (but not the evidence itself) to our cloud server. A representation of the submission is published on blockchain and the signed hash value is stored on Write-Once-Read-Many ('WORM') storage. The returned seal contains irrefutable proofs of these operations.
Any subsequent modification or deletion of sealed evidence in the DEMS will cause it to fail seal verification or create a provable 'gap' in the evidence set.
Enhance Your DEMS with True Data Verification
Digital evidence sealed by Q is cryptographically proven to be verifiable and therefore will stand up in court against any challenge a lawyer might try. Sealing data with Q provides additional benefits including blockchain verifiable timestamps, identity linking and the ability to audit seals to detect missing records.