incubator-alois-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Apache Wiki <>
Subject [Alois Wiki] Trivial Update of "IMF2011" by UrsLerch
Date Sat, 15 Jan 2011 03:01:52 GMT
Dear Wiki user,

You have subscribed to a wiki page or wiki category on "Alois Wiki" for change notification.

The "IMF2011" page has been changed by UrsLerch.
The comment on this change is: small correction.


  In this division of tasks, the overall view must not be lost. Here, a cross-software platform
might be of great help for computer forensics. This platform must ensure first of all, that
all the information is available for the entire process in the respective most appropriate
form. This means, that the task of the creation and access to this information corresponds
with the necessary know how in the respective process step. Such a platform can also take
on additional services, such as a workflow or communications. Another advantage of a centralized
database is the possibility of cross-case analysis. Furthermore, it could be assured that
all the information of a case is stored in one place and, therefore, can be easily controlled
and understood. Moreover, as the aim must be to use the most appropriate tool for each task,
it is important that this platform has an open architecture and open interfaces. It must therefore
be independent of a provider. In this respect, it makes sense to pursue a free implementation
of this platform, that is an open source software.
  == Open Source Software ==
- [This brief introduction is an excerpt of the PhD of one of the authors.]
+ [This brief introduction is an excerpt of the PhD of the author.]
  The idea of open source software - originated from a movement of computer hackers who have
developed software primarily in their leisure time for fun - is still wearing the halo of
being a project of unpaid volunteers. However, Free/Libre and Open Source Software (FLOSS)
is in an accelerated process of adaptation to the market. This development takes place along
a cycle of innovation, as is represented in economics by Schumpeter (1961) for example. Therefor,
various studies show that especially the big projects like the Linux operating system, the
office suite OpenOffice or the database MySQL is pursued by a majority of developers paid
for their contributions [eg Kroah-Hartman 2009].
@@ -63, +63 @@

  Of course, Apache ALOIS has to be configured to become a computer forensics platform. But
the configuration has to be done only once. And since it is an open source tool, configuration
can be reused. What has to be done, to make a true computer forensics tool out of Apache ALOIS,
is the task of the extraction of data. In a SIEM this is called an agent. Of course, we wouldn't
dare to propose to rewrite all the great tools used in this area. The meaning of an agent
is the one of a connector. Thus all the tools have to get a connector. This should done by
the vendor of the tool. To make this as easy as possible, Apache ALOIS plans to build a "service
bus" with standardized interfaces. The architecture of such a service bus could look like
- {{}}
+ {{}}
  Therefore, it will not only be easy to connect a - proprietary or open source - application
to the system. It will also be possible to replace one or another standard moduls of Apache
ALOIS with the one that fits better the own special needs.

View raw message