Part of the Dalhousie Libraries Documentation Wiki

Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 4 Next »

There are two primary workflows for digital forensics:

WorkflowDescription

Bulk forensic imaging for preservation

Create forensic images to support acquisition and preservation of born-digital archives. Transfer forensic images into digital backlog until further processing is scheduled.

Collection-based forensics for archival processing and monetary appraisal

Create forensic images to support acquisition and archival processing of born-digital archives. Select files from forensic images and transfer files to ingest storage for transfer into digital preservation system.

Bulk forensic imaging for preservation

  1. Add item to register of digital storage devices.

  2. Prepare item for forensic imaging.

  3. Use FTK Imager to create forensic image of item.

  4. Transfer forensic images to Libraries' digital backlog storage for preservation until further processing.

  5. Delete local copy of forensic image after transfer validation.

  6. Update entry in register of digital storage devices.

Collection-based forensics for archival processing and monetary appraisal

  1. Add item to register of digital storage devices.

  2. Prepare item for forensic imaging.

  3. Use FTK Imager to create forensic image of item and create a secondary (i.e., local backup) copy of the forensic image.

  4. Update entry in register of digital storage devices.

  5. Load forensic image(s) into FTK.

  6. Run additional analysis processing.

  7. Create filters as necessary.

  8. Create labels to support archival appraisal decisions:

    1. DeleteĀ 
    2. Review for deletion
    3. Review for selection
    4. Select for retention
    5. Select for retention (contains PII)

  9. Create word list based on selection criteria.

  10. Create hierarchical set of bookmarks to support archival arrangement:

    1. Fonds title
      1. Series title
        1. Sub-series title
      2. Series title

  11. Use a combination of filters, searching, and browsing to identify and select records for retention. Use labels and bookmarks to facilitate this process.

  12. Use a combination of tools to identify confidential and personal information. Use labels and bookmarks to facilitate this process.
  13. Use bookmarks to export files and metadata from FTK.

    1. Export files option
    2. Report option

  14. Transfer package to Libraries' ingest storage for transfer into digital preservation system.

  15. Delete local backup data and FTK case after successful generation of AIPs.


  • No labels

Dalhousie Libraries - Documentation Wiki