标准摘要
[中文适用范围]: 本国际标准提供了关于处理具有证据价值的数字证据的特定活动的指南,这些活动包括:识别、收集、获取和保存数字证据。本国际标准为个人在处理数字证据过程中遇到的常见情况提供指导,并协助组织进行纪律处分程序以及促进不同司法管辖区之间潜在数字证据的交换。本国际标准为以下设备和/或功能在各种情况下使用的指南: - 用于标准计算机的数字存储介质,如硬盘、软盘、光盘和磁光盘、具有类似功能的数据设备; - 移动电话、个人数字助理(PDA)、个人电子设备(PED)、存储卡; - 移动导航系统; - 数字静止和摄像机(包括闭路电视); - 具有网络连接的标准计算机; - 基于TCP/IP和其他数字协议的网络; - 具有上述类似功能的设备。 注1:上述设备列表为指示性列表,并非详尽无遗。 注2:情况包括上述设备以各种形式存在。例如,汽车系统可能包括移动导航系统、数据存储和传感系统。 [外文原描述]: ISO/IEC 27037:2012 provides guidelines for specific activities in the handling of digital evidence, which are identification, collection, acquisition and preservation of potential digital evidence that can be of evidential value. It provides guidance to individuals with respect to common situations encountered throughout the digital evidence handling process and assists organizations in their disciplinary procedures and in facilitating the exchange of potential digital evidence between jurisdictions. ISO/IEC 27037:2012 gives guidance for the following devices and circumstances: Digital storage media used in standard computers like hard drives, floppy disks, optical and magneto optical disks, data devices with similar functions, Mobile phones, Personal Digital Assistants (PDAs), Personal Electronic Devices (PEDs), memory cards, Mobile navigation systems, Digital still and video cameras (including CCTV), Standard computer with network connections, Networks based on TCP/IP and other digital protocols, and Devices with similar functions as above. The above list of devices is an indicative list and not exhaustive.
英文名称Information technology - Security techniques - Guidelines for identification, collection, acquisition and preservation of digital evidence