An Open Digital Evidence Container
Our life is more and more affected by digital data. But digital data can often be manipulated easily without any traces of the change. To use digital data as part of contracts or in an investigation there is a pressing demand for an easy way to preserve data in a way its integrity and origin is assured.
This project has the goal to implement a tool set for creating, validating, and exploring digital evidence containers.
The concept of the ODEC is based on the following paper:
Kiertscher, T.; Vielhauer, C.; Leich, M.: Automated Forensic Fingerprint Analysis: A Novel Generic Process Model and Container Format. In: Lecture Notes in Computer Science. 2011. Vol 6583/2011. S 262-273. Springer, Heidelberg. DOI 10.1007/978-3-642-19530-3_24. ISBN 978-3-642-19529-7. PDF
- Specification - A detailed specification of the container format and its process model can be found in doc/specification.md.
- Command Line Manual - A brief manual for the command line interface of the Microsoft .NET / mono based reference implementation
odec.execan be found in src/clr/odec/odec.help.md.
Because of a bug in the mono framework since version 2.10.x, regarding the XML validation with XML schema files, the CLR implementation of ODEC only works under mono 2.6.7 and Microsoft .NET.