Introduction
The rise of the modern digital world, where all the information is manipulated digitally has infused in our daily life. Besides the multiple astonishing features of the digital availability of the data and information, the digitalization has also led critical challenges. These challenges are of both legal and economic backgrounds. The theft and loss of data have raised the need for a solution, i.e. the analysis of the digital information (Delp, Memon & Wu, 2009). The analysis of the issues related to the theft and loss of the digitally available data is termed as the digital forensics. Digital forensic is actually is the application of the scientific knowledge for the collection examination, identification and the analysis of the digital information while maintaining the integrity and secrecy of the information worked on (Zagar, Delija & Sirovatka, 2018).
The use of the diverse collection of the digital devices of the creating, storing and manipulating of the information along with the other factors and features of the digital data such as the volatility, high volume (due to low-cost price for digital storage devices) and malleability is the key reason for the need of the special consideration for the modern-day digital forensics. To perform the process of the digital forensics a large number of both software and hardware tools along with a number of professionals are required (Nanda & Hansen, 2016). The cost of setting up these tools and resources is sometimes much greater than the actual value of the data loss or theft. To overcome this problem the digital forensic labs build.
The idea and purpose of this project is to develop a digital forensic lab that has all those specially required tools in it such as the secure facility for the handling and performing of the digital forensics process, high-quality storage and recovery devices, high speed networks, software packages such as “Password Recovery Toolkit” and “Forensic Tool Kit” and the most important of them all, the human resource, i.e. highly trained professionals that have a varying background from the computer science, law and engineering as the digital forensic is a multidisciplinary subject (Delp, Memon & Wu, 2009).
Unlike the other Capstone projects where there are some specific stakeholders, this project is designed for all the third-party individuals and organizations that need digital forensic help because of their lack of technical and economic ability. The lab build from this project will help in providing them with the solutions they need. The project, therefore, has no specific stakeholder during its ongoing phase. A key summary of the project is as follows:
| Project Title | Digital Forensic Lab | ||
| Project Sponsor | |||
| Project Manager | |||
| Start Date | 4th March 2019 | Projected Finish Date | 10th April 2019 |
| Roles and Responsibilities | |||
| Name | Project Role | Position | Contact |
| Sponsor | |||
| Project Manager | |||
| Expert 1 | |||
| Expert 2 | |||
| Legal Advisor | |||
| Milestones and Deliverables | |||
| Milestones | Deliverables | Expected Date | |
| Selection of the team members and the distribution of their respective responsibilities. | 4th March 2019 | ||
| Study and review of the different digital forensic labs so that the report on the requirements of the lab will be finalized. | 11th March 2019 | ||
| Final report regarding the requirement and plan for the project. | 18th March 2019 | ||
| Meeting with the sponsors and funds liberation. | 20th March 2019 | ||
| Actual start of the forensic lab, equipment, and resource gathering. | 25th March 2019 | ||
| Trial working of the lab. | 4th April 2019 | ||
| Submission of the final project report. | 8th April 2019 | ||
| Team meeting for project closing. | 10th April 2019 |
Project Objective
Although the main objective of this project is to build up a digital forensic lab that will work for like the third party digital forensic service providers to other individuals, organizations and so on, but the main aim of this project is to develop a team of highly expert members that can perform any job related to the digital forensic and to provide them with a base and tools to perform other digital forensic projects. The project is also intended to utilize the resources and tools available and funded by the sponsor of this project in order to actually set up a business related to information technology.
The stakeholders, that will also be the future clients of this project will be benefited by the end result of this project in terms of both legal as well as technological aspects. They will be provided with the services that make them work effectively and efficiently in their grounds and help them in achieving their own aims and objectives. The services provided by this private digital forensic lab will be comprised of password cracking, data recovery, lost data tracing, and illegal and unauthorized logging in and digital intrusion. Since it is clearly established that the security and privacy of the data especially the digital one is of key importance (Notley, 2011), the need of recovering and tracing of the lost or stolen data respectively has gained more and more interests. It is now the strategic priority of almost all the individuals and organization that have been going through or are willing to digitalize their information or simply the ones who are ready to use the internet, that the information that they are digitizing must remain safe and secure. And in case of theft and lost they can trace or get back what belongs to them with ease.
The expected results of this projects are simply the building up of a private digital forensic lab that will help third-party individuals and organizations to perform their digital forensic tasks without losing their resources and time to set up their own digital forensic labs. The private digital forensic lab not only will save them time and money but will also provide them with solutions to their all problem under one roof. At the same time, the setting up of this private digital forensic lab will provide the team members with both the knowledge and earning in their future. The summary of the key objective of this project about the building up of a private digital forensic lab are as follows:
- The project is intended to develop a private digital forensic lab funded by sponsors.
- The lab will serve third party individuals and organizations seeking help in terms of digital forensics.
- The lab will also provide the team members with knowledge and earning.
- This project is designed in order to work in both the present and the future.
- This project will the future stakeholders of the lab in terms of efficiency and cost effectiveness for their digital forensic tasks.
Project Scope
As discussed earlier in the objective section of this project planning report that the key purpose of this project is to set up a private digital forensic lab, the scope of this project, therefore, covers a large area of interests. Since the project scope is defined as the elicitation of all the work, including the functions and features of the final service or the product to be delivered by the project (Moustafaev, 2014), the project scope of this digital forensic lab, therefore, has several steps to be defined.
The first part of a project’s scope is defining the boundaries of the project, i.e. what should be included in the project and what should be excluded. In case of our private digital forensic lab, the project will be designed with an aim to provide the third-party individuals and organization with the services for the digital forensics. So, the project will cover all the requirements a digital forensic lab is required to have. According to Henry B. Wolfe (2003), there are several parts that make up a digital forensic laboratory. The very first thing in term of that is the physical location that provides secure space for performing all the related forensic tasks. The second most import thing is the hardware i.e. the tools since the information and data are when stored in digital format the first thing that pops up in our minds is the digital device, the hardware needed for the digital forensic lab will consist of computers, servers, digital storages, and other electronic equipment. The third most important thing related to the setting up of a digital forensic lab is the software.
This project, therefore, includes the selection and building up of a suitable place or location for the lab, gathering and bringing in of the latest and state of the art hardware tools and the most updated software to be run on that tools. The last but not least the most important thing in any project is the human resource (Tohidi, 2011), therefore the selection of experts from engineering and law background will be another key scope of the project. However, defining the stakeholders for this project is quite hard as the project is designed to just developed a private forensic lab that will work in the future as the service provider for the third-party individuals and the organizations looking forward to the help in terms of digital forensics.
The limitation of this projects is that it is designed to work in the future and not in the present, therefore it will not perform any process or job related to the digital forensic itself. There will be no outcomes of the project in terms of financial benefits at the end of the project. The private digital lab builds as the result of this project will perform as an individual organization that does not have any connection to or with other organization. The services provided by that lab will be related to digital forensics only and may not exceed to legal or any other field of related interests.
Literature Review
Although digital devices are present from a long time the digital forensics is a relatively newer field (Beebe, 2009) that had recently emerged after the rise of the internet. The increasing use of the digital device in almost every field of life had resulted in the engagement of the criminal activities in digital information and data. That indirectly raised the need for solutions to solve the cases regarding digital information. This, in turn, made the digital forensic laboratories a dire necessity. There are hundreds of literature available out there regarding how to set up a digital forensic lab. Some of them have in-depth details while others have just a review. In order to go through a project, it is better to have a look into similar projects and the best way to do so is to have a literature review of some of the previously done projects. Some of the similar literature about setting up a digital forensic lab is discussed here.
Setting up of a digital forensic lab is not so simple as its look. Unlike other labs, the digital forensic lab has usually the simplest structure. It just needs four basic resources or parts. The first part is the physical space, the second one is the hardware tools, the third one is the software and the last but not the least is the professional (Wolfe, 2003). But an in-depth review brings about new challenges that one can face in setting up a digital forensic lab. The very first thing is the digital storages. The increasing size of digital data and the cheaper rates of the digital device have resulted in a large amount of data to be digitalized. For example, a two-terabyte hard drive today costs almost $120 dollars but requires more than seven hours to be fully imaged (Garfinkel, 2010). Similarly, the variety of platforms, i.e. mobiles, computers, video games, and e-book readers have even complexed the simplicity of setting up a digital forensic lab. Hundreds of thousands of mobile phones are available worldwide, these mobile phones operate on five major platforms, Android, iOS, Blackberry, Windows and Symbian with millions of applications available. This diversity has resulted in the need of dozens of connectors for cell phones only to be available in a digital forensic lab (Garfinkel, 2010).
The software on the other hands is also the second most crucial part of a digital lab. In an article about setting up a digital forensic lab in “Zagreb University of Applied Sciences”, Zagar and teammates identified the need of expansion of the current research in order to fully integrate the required digital forensic tools with multiple security software. They also recommended the checking of the performance of the laboratory resources with high loads before finalizing the lab (Zagar, Delija & Sirovatka, 2018). The range of software that a small digital forensic lab must have, should be different operating systems for both computers and mobiles, antiviruses, opensource file viewers, password recovery tools, mobile recovery tools, disk imaging tools, data recovery tools, packet capturing and analysis tools (“Cyber Lab Setup”, 2019).
Reviewing all these literatures it is clearly observable that the need for experts in finalizing the hardware and software resources must be given special consideration. The digital forensic experts are therefore required to create a list of items as they have to use it. The availability of the types and numbers of these resources will play a key part in defining the actual scope of the services the final digital forensic lab can provide (Homem, 2018).
Success Criteria
Projects are defined as multidimensional activities that are intended to perform a specific task. In order to consider a project successful, there are three key features, within the budget, within the time and meeting the specifications or objectives (Bannerman, 2008). The criteria of success for this project of building p a private digital forensic lab is therefore will be based on those three points of project success. The project will be considered successful if and only if it will achieve all of its objectives, i.e. the setting up of a digital forensic lab that will act as the private service provider for the third party individuals and organizations seeking help in terms of the digital forensics, it will end up in its proposed budget and will be finished in the time span given in the introduction section of this very project planning report.
The criteria for justifying the success of this project will be as follows:
- The setting up of the private digital forensic lab, within the budget and the time frame and up to the international standards.
- The ability of the lab to provide the third parties with the services related to the digital forensics.
- The ability of the lab to provide an effective and cost-efficient solution for the third-party individuals and organizations.
- Completion of the project without any risks and problems during the completion process.
Project Signoff
In order to start a project, a signoff, or approval from all the interested parties or stakeholders is required. For this project, the approval of related parties, i.e. the project manager and the project sponsor are therefore also required. This project signoff will bestow the project manager with powers to start and carry on the project as discussed during the meetings and the proposed projects plan. It will also give him or her to demonstrate his or her skills in bring up this project from ground zero to the final stage. The project signoff for setting up a private digital forensic lab is as follows:
| Signatures and Comments | ||
| Name | Signature | Date |
| Comments by Project Manager: | ||
| Comments by Project Sponsor: |
Discussion
The widespread, emerging need of digital dependency in our life can easily be felt in different aspects of our lives (Fenwick & Edwards, 2015). One of these aspects of our daily life is the law. Almost every day, there are cases that are related to digital information. This even caused the transfer of evidence from paper to being digital. Since the method or process of retrieving the digital evidence is different than the normal one, therefore, special services and teams are required to handle them. Unlike the normal forensic methods, the digital forensic since is a fairly new field, therefore, a lot of space is available for the newcomers. The definition of digital forensics varies from perspective to perspective, in general, the digital forensic is defined as the application of the computer science and law side by side to cater the theft related to the digital information (Sammons, 2015). Since the process of the analysis of these digital information needs tools (both software and hardware) that are not cheap enough for everyone to buy and use, special laboratories are developed for this purpose.
The purpose of this project is to develop a similar private digital forensic laboratory that can fulfill the needs of that third-party individuals and organizations that are unable to perform their own digital forensics. The laboratory will act as the key solution for the stakeholders of the region and will not only provide them with the services regarding the data theft but also help them in recovering the lost data as the procedure of the data forensic also have data recovery as one of its basic function.
Problem and Challenges
Problem and challenges are vital part of any project. Almost every project faces some problems and challenges during its going on. In case of the development of digital forensic lab, there are also some challenges that the team may face during the project. The challenges that the team can face during this project are of a variety of nature. These challenges are from basic nature such as the unavailability of certain project items to the complex nature such as the approval of the respected authorities to start a business like this. Some of the key challenges that the team members can face during this project are:
- The unavailability of the space for the laboratory.
- The unavailability of the specific hardware tools or inability of their timely delivery.
- The unavailability of the specific software or inability of their timely delivery.
- Improper time and cost management
- The approval or authorization form the respected government authorities to build up the laboratory.
The major reasons behind these possible challenges are the non-production of the hardware and software at local levels and the ethical and legal constraints regarding the handling of digital data or information. In order to cope with these possible challenges, the team member must be fully prepared before the start of the project. The process of identifying and mitigating the risks is required to be done after the selection of the project has done but before the actual proposal of the project is started (Uhlig, 2012). Therefore, the risks identified for this project along with their mitigation are as follows:
| Risk | Level | Mitigation |
| Shortage of budget. | High level | Pre-market survey and in-depth literature review. |
| Lack of proper human resource. | High level | Selection of competent team members. |
| Unavailability of the tools | High level | Reviewing the market before the selection and the pre-selection of alternatives. |
References
Bannerman, P. (2008). Defining Project Success. Retrieved from https://www.pmi.org/learning/library/defining-project-success-multilevel-framework-7096
Beebe, N. (2009). Digital Forensic Research: The Good, the Bad and the Unaddressed. Advances In Digital Forensics V, 306, 17-36.
Cyber Lab Setup. (2019). Retrieved from http://www.forensicsware.com/lab-setup.html
Delp, E., Memon, N., & Wu, M. (2009). Digital forensics [From the Guest Editors]. IEEE Signal Processing Magazine, 26(2), 14-15.
Fenwick, T., & Edwards, R. (2015). Exploring the impact of digital technologies on professional responsibilities and education. European Educational Research Journal, 15(1), 117-131.
Garfinkel, S. (2010). Digital forensics research: The next 10 years. Digital Investigation, 7, S64-S73.
Homem, I. (2018). Advancing Automation in Digital Forensic Investigations. Stockholm: Department of Computer and Systems Sciences, Stockholm University.
Moustafaev, J. (2014). Project scope management. Auerbach Publications.
Nanda, S., & Hansen, R. (2016). Forensics as a Service: Three-Tier Architecture for Cloud Based Forensic Analysis. 2016 15Th International Symposium On Parallel And Distributed Computing (ISPDC), 178-183.
Notley, T. (2011). Why digital privacy and security are important for development. Retrieved from https://www.theguardian.com/global-development/poverty-matters/2011/aug/04/digital-technology-development-tool
Sammons, J. (2015). The Basics of Digital Forensics. Amsterdam: Elsevier.
Tohidi, H. (2011). Human resources management main role in information technology project management. Procedia Computer Science, 3, 925-929.
Uhlig, S. (2012). Federal construction contracting made easy. Tysons Corner, Va.: Management Concepts.
Wolfe, H. (2003). Setting up an electronic evidence forensics laboratory. Computers & Security, 22(8), 670-672.
Zagar, M., Delija, D., & Sirovatka, G. (2018). Setting up digital forensics laboratory: Experience of Zagreb University of Applied Sciences. 2018 41St International Convention On Information And Communication Technology, Electronics And Microelectronics (MIPRO).
