Digital Forensics XML and Standardization

Wondering what the future of Digital Forensics XML looks like? You can find recent work by NIST at http://www.nsrl.nist.gov/Downloads.htm (with a draft schema from based on the original spec for fileobjects at http://www.nsrl.nist.gov/DFXML/fileobject.xsd). You can also find ongoing work as part of CyBOX at MITRE at http://cybox.mitre.org/.

BitCurator depends on DFXML output when producing reports on private and personally identifying information, disk and file formats and organization. As part of our commitment to identifying and implementing ways in which DFXML can be used to enhance the description of and provenance records associated with archival born-digital materials, we’ve joined in a discussion with NIST, MITRE, and other interested parties on the future of standards-compliant DFXML.

Institutional Workflows

In December 2011 and January 2012, the core BitCurator project team met with advisory group members to elicit requirements for incorporating digital forensics tools and techniques into existing institutional workflows.

Based on the feedback we gathered, we’ve now drafted the steps for a BitCurator-supported workflow. We welcome additional feedback – please contact us.