MOBILE DEVICE FORENSICS: COMPARISON OF MOBILE ENCRYPTION HARDWARE AND SOFTWARE

Authors

DOI:

https://doi.org/10.28925/2663-4023.2024.26.687

Keywords:

Android; iOS; data protection; encryption; forensic analysis; Secusmart GmbH.

Abstract

Today, mobile devices have become indispensable tools in personal and professional spheres, which requires a high level of security for data storage and transmission. The article is devoted to a comparison of the Android and iOS platforms in the context of mobile communication encryption, as well as their use in digital forensics. The features of the architectures of these platforms, security mechanisms, Trusted Execution Environment in Android and Secure Enclave in iOS, and loading processes that affect data protection are considered. The key methods of detecting digital evidence and their effectiveness when working with open sources are analyzed. Conclusions are drawn on the advantages and disadvantages of each platform in terms of ensuring information security and forensic research. Special attention is paid to the methods of studying encrypted information, the use of AES-256 algorithms in GCM mode, as well as the capabilities of the platforms in storing and analyzing digital evidence. The study identifies the advantages and disadvantages of the data protection mechanisms of both platforms, focusing on the impact of their architecture on the effectiveness of forensic analysis. The solution of Secusmart GmbH is separately considered as an example of an integrated approach to ensuring mobile security. The study demonstrates that iOS is a more secure platform, but Android offers greater flexibility for researchers and developers. The encryption solutions offered by Secusmart GmbH confirm the importance of mobile security. Further research should have the prospect of creating innovative protection methods that take into account both the needs of users and the requirements of law enforcement agencies. It is recommended for Android to standardize security updates, and for iOS, it is key to develop protection mechanisms without degrading the user experience and the use of encryption solutions.

Downloads

Download data is not yet available.

References

nformation technology – Security techniques – Guidelines for identification, collection, acquisition and preservation of digital evidence (ISO/IEC 27037:2012). (2012). https://www.iso.org/standard/44381.html

Berkeley Protocol on Investigations Using Open Digital Data. Translation. (2020). United Nations.

The European Convention on Human Rights. Council of Europe. (б. д.). https://www.coe.int/en/web/human-rights-convention

Dumchikov, M. O. (2020). Digitalization processes and forensics: a retrospective analysis. Forensic Science and Forensic Science, 65, 100–108.

Kolodina, A. S., & Fedorova, T. S. (2022). Digital forensics: problems of theory and practice. Kyiv Law Journal, (1), 176–180.

Najafli, E. (2022). Digital state in the context of legal reform in Ukraine: theoretical and legal aspect. Law and Security, 2(85), 202–217.

Latysh, K. (2021). Criminalistics analysis of cyber tools for committing crimes. Problems of Legality, (153), 165–172. https://doi.org/10.21564/2414-990X.153.230429

Laptiev, O., Savchenko, V., Shuklin, G., & Stefurak, O. (2020). Detection and blocking of means of illegal obtaining of information at objects of information activity. Kyiv: SUT.

Yevseiev, S., et al. (2021). Synergy of building cybersecurity systems: monograph. Kharkiv: PC TECHNOLOGY CENTER. https://doi.org/10.15587/978-617-7319-31-2

Yurchenko, O.M. (2001). Information protection in computer systems from unauthorized access: Textbook. Kyiv: Publishing House of the European University.

Protection methods. Information security management systems. Requirements (DSTU ISO/IEC 27001:2015). (2015).

Information technology. Protection methods. Report of practices on information security measures (DSTU ISO/IEC 27002:2015). (2015).

Information technology. Protection methods. Information security risk management (DSTU ISO/IEC 27005:2019). (2019).

On the Protection of Information in Information and Telecommunication Systems, Law of Ukraine No. 80/94-ВР (2024) (Ukraine). https://zakon.rada.gov.ua/laws/show/80/94-вр#Text.

On Information, Law of Ukraine No. 2657-XII (2024) (Ukraine). https://zakon.rada.gov.ua/laws/show/2657-12#Text

On the Basic Principles of Ensuring Cybersecurity of Ukraine, Law of Ukraine No. 2163-VIII (2024) (Ukraine). https://zakon.rada.gov.ua/laws/show/2163-19#Text

Laptev, O. A. (2020). Methodological foundations of automated search for digital means of covert information acquisition. K. Millennium.

Lenkov, S. V., Peregudov, D. A., & Khoroshko, V. A. (2008). Methods and means of information protection (in 2 volumes). K: Ary, 2008.

Downloads


Abstract views: 0

Published

2024-12-19

How to Cite

Onyshchuk , O. (2024). MOBILE DEVICE FORENSICS: COMPARISON OF MOBILE ENCRYPTION HARDWARE AND SOFTWARE. Electronic Professional Scientific Journal «Cybersecurity: Education, Science, Technique», 2(26), 246–257. https://doi.org/10.28925/2663-4023.2024.26.687

Issue

Vol. 2 No. 26 (2024): Cybersecurity: Education, Science, Technique

Section

Articles

License

Copyright (c) 2024 Оксана Онищук

Creative Commons License

This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.