【作者】 刘志军；

【导师】 张焕国；

【作者基本信息】 武汉大学 ， 信息安全， 2009， 博士

【摘要】 社会信息化程度的加速发展,电子政务、电子商务等的普及,由此而来的一些社会问题也和电子信息联系在一起,解决纠纷和争议时电子证据的处理也将成为焦点。电子证据的运用是法学和技术学科的交叉领域研究问题,两者有机结合还缺乏一定的研究。法学领域电子证据的技术特性不够了解,在现代证据制度下,多数法官都远离电子技术或信息技术,法官判定某一电子证据的证明力大小,没有硬性的规则可遵循,只能基于个人的经验。从当前的司法实践上看,对电子证据证明力如何进行认定,即电子证据的证明力如何?往往成为法庭争论的焦点,亦成为法官认定电子证据的棘手之处。由于电子证据容易被篡改,破坏和伪造而不易留痕,电子证据依附的计算机系统容易受到攻击、篡改且不易发觉,也使电子证据面临着被诉讼的问题,电子证据的完整性也变成了当前法庭,侦查机关和被告极为关注的重要的问题。因此有些学者认为电子证据完整性是考察证据证明力的一个重要的属性指标,但电子证据完整性涉及到从电子证据源的固定、证据提取、分析推理、报告的生成中的每个方面,是一个复杂的技术过程,这也是目前国内外学术界对电子证据完整性研究不多的原因。本文作者总结概述了当前计算机取证理论的最新成果和电子证据应用发展需求,提出了电子证据完整性研究课题,明确了本文的研究方向,并提出了以证据监管链为核心,对电子证据的法学调查过程采用分层、划分层次模块地进行电子证据完整性的研究思路。本文作者在研究过程中结合当前电子证据理论研究发展、当前电子证据取证实践应用,当前法庭对电子证据处理应用,系统地对电子证据完整性的几个关键技术问题展开了有针对性研究。具体的研究内容包括：电子证据完整性程度的评估体系及其定量化的分析方法；证据收集阶段中的证据时间分析技术；以数字签名的密码技术解决文档层的电子证据完整性方案设计；呈述层中的电子证据分析推理的完整性分析。部分理论成果如作者提出的证据的时间绑定技术、在证据分析阶段中的以Biba模型为基础的动态标记技术和方法、以条件有限状态机进行证据的推理过程的模型化定义等内容,已在本文作者作为国家司法鉴定人参与的一些案件如“熊猫烧香”、“全国首例网站联盟诈骗”等实践中进行了初步应用探索。更多还原

【Abstract】 With the accelerated development of social informatization level and the popularity of applications of the e-government, e-business, etc, thus some social problems and digital information relate in together, the key to settle disputes is to appropriately ensure the digital evidence. As an interdiscipline of law and computer science, the application of digital evidence still lacks further study. Researchers of law investigate the relevant law features and identification of digital evidence, which lack technological features and acquisition methods of digital evidences. The majority of judges stand away from the information technology, there are no rigid constraints to follow, only based on personal experiences, to evaluate the probative force of digital evidence for the judges. But for a particular case to be testified, how much weight does the digital evidence? To what degree does the digital evidence has probative force? It becomes the court debates and a ticklish question for the judges as the judicial evidence.The ease with which digital evidence can be altered, destroyed, or manufactured in a convincing way is alarming, which constrains the widespread utilization of digital evidence in crucial litigious procedures. Protecting the integrity of digital evidence becomes paramount concern for courts, investigation organs and those accused. When studying the digital evidence integrity, some law learners consider it as an important attribute index of the probative value of digital evidence. Protecting the integrity of digital evidence is a complicated technological process, which involves in several aspects such as:fixation of digital evidence source, extraction of digital evidence, analysis and expression of digital evidence. This is also the reason that less research on integrity of digital evidence by the domestic and international academic circles.In this paper, after summarizing the newest academic achievement of computer forensic and the application development requirement of digital evidence, the research subject of digital evidence integrity are briefly introduced. Then the author proposes Chain of Custody as core and law investigation of computer forensic being divided into several module-levels to analyze the integrity of digital evidence. Based on combining the research development of current digital evidence theory, the practical use of the digital forensics and digital evidence application of current court prosecution, this article studies the several critical problems of digital evidence integrity and points proposition solutions, which include:integrity index system of digital evidence and quantitative methods of degree evaluation, Digital timestamp of digital evidence, Digital signature of digital evidence integrity, Integrity assurance of evidence analysis. Some research achievements, such as method of the dynamic labels of the Biba model in forensic evidence analysis, etc. are being applied in reality of computer forensics.更多还原