- Open Computer Forensics Architecture
-
Open Computer Forensics Architecture Developer(s) Korps landelijke politiediensten Stable release 2.2.0pl4 Development status Active Operating system Linux Available in English Type Computer forensics Website http://sourceforge.net/apps/trac/ocfa/wiki The Open Computer Forensics Architecture (OCFA) is an distributed open source computer forensics framework used to analyze digital media within a digital forensics laboratory environment. The framework was built by the Dutch national police.
Architecture
OCFA consists of a back end for the Linux platform, it uses a PostgreSQL database for data storage, a custom Content-addressable storage or CarvFS based data repository and a Lucene index. The front end for OCFA has not been made publicly available due to licencing issues.
The framework integrates with other open source forensic tools and includes modules for The Sleuth Kit, Scalpel, Photorec, libmagic, GNU Privacy Guard, objdump, exiftags, zip, 7-zip, tar, gzip, bzip2, rar, antiword, qemu-img and mbx2mbox. OCFA is extensible in C++ or Java.
See also
Branches Computer forensics • Mobile device forensics • Network forensics • Database forensics • Windows To GoHardware Software EnCase • FTK • PTK Forensics • The Sleuth Kit • The Coroner's Toolkit • COFEE • Selective file dumper • HashKeeperCertification Processes / Topics Organisations National Software Reference Library • American Society of Digital Forensics & eDiscovery • HTCIA • Department of Defense Cyber Crime Center • NHTCU • AHTCCPeople Eoghan Casey • Clifford Stoll • Erik LaykinGlossary of digital forensics terms Categories:- Software stubs
- Computer forensics
- Digital forensics software
- Data recovery
- Distributed computing architecture
Wikimedia Foundation. 2010.
