Scribd Logo
Upload

Welcome to Scribd!

  • Webinar Bbe5: Manajemen Pengelolaan Bukti Elektronik

    Uploaded by

    hidayat perdana
    28 views14 pages
    This document discusses standards and best practices for digital evidence management. It outlines principles from organizations like the National Institute of Justice and Association of Chief Police Officers regarding how to properly secure, collect, and examine digital evidence without altering the original data. The document also discusses how digital evidence should be documented, preserved, and made available for review. It provides guidelines for various stages of digital evidence handling from initial response and collection through examination, presentation in court, and final disposition. Critical aspects like chain of custody, personnel training, and forensic tool validation are emphasized.

    Original Description:

    Original Title

    WEBINAR BBE

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    This document discusses standards and best practices for digital evidence management. It outlines principles from organizations like the National Institute of Justice and Association of Chief Police Officers regarding how to properly secure, collect, and examine digital evidence without altering the original data. The document also discusses how digital evidence should be documented, preserved, and made available for review. It provides guidelines for various stages of digital evidence handling from initial response and collection through examination, presentation in court, and final disposition. Critical aspects like chain of custody, personnel training, and forensic tool validation are emphasized.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    28 views14 pages

    Webinar Bbe5: Manajemen Pengelolaan Bukti Elektronik

    Uploaded by

    hidayat perdana
    This document discusses standards and best practices for digital evidence management. It outlines principles from organizations like the National Institute of Justice and Association of Chief Police Officers regarding how to properly secure, collect, and examine digital evidence without altering the original data. The document also discusses how digital evidence should be documented, preserved, and made available for review. It provides guidelines for various stages of digital evidence handling from initial response and collection through examination, presentation in court, and final disposition. Critical aspects like chain of custody, personnel training, and forensic tool validation are emphasized.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    Download as pdf or txt
    of 14

    WEBINAR BBE5

    MANAJEMEN PENGELOLAAN
    BUKTI ELEKTRONIK
    Apa ada Standar
    Pengelolaan Bukti
    Elektronik?
    Prinsip-prinsip Penanganan Bukti Elektronik
    National Institute of Justice (NIJ) DOJ-USA Association of Chief Police Officer (UK)

    Actions taken to secure and collect digital evidence Principle 1: No action taken by law enforcement
    should not affect the integrity of that evidence. agencies, persons employed within those agencies or
    their agents should change data which may
    Persons conducting an examination of digital evidence subsequently be relied upon in court.
    should be trained for that purpose Principle 2: In circumstances where a person finds it
    necessary to access original data, that person must be
    Activity relating to the seizure, examination, storage, or competent to do so and be able to give evidence
    transfer of digital evidence should be documented, explaining the relevance and the implications of their
    preserved, and available for review. actions.
    Principle 3: An audit trail or other record of all
    Through all of this, the examiner should be cognizant of processes applied to digital evidence should be created
    the need to conduct an accurate and impartial and preserved. An independent third party should be
    examination of the digital evidence. able to examine those processes and achieve the same
    result.
    Principle 4: The person in charge of the investigation
    has overall responsibility for ensuring that the law and
    these principles are adhered to
    Penanganan Bukti Elektronik
    Penanganan Awal
    Pemeriksaan/Eksaminasi Presentasi/Pembuktian Eksekusi Putusan
    (First Responder)

    Identifikasi, Koleksi, Proses ekstraksi data dan Presentasi/pembuktian Penghapusan Data


    Akuisisi, Preservasi Bukti pembuatan salinan/image sebagai alat bukti petunjuk, Elektronik untuk Bukti
    Elektronik dengan panduan forensik digital (Master keterangan ahli, atau alat Elektronik yang dirampas
    SNI ISO/IEC 27037. dan Working Copy); bukti surat. Negara/Bukti yang harus
    dimusnahkan.
    Field Search, termasuk Data recovery, Search Pembuktian yang terkait
    kegiatan olah TKP, (hashset filtering), Find, delik pada pasal sangkaan. Re-eksaminasi Bukti
    penggeledahan dan and Extract; Elektronik untuk putusan
    penyitaan Testimoni ahli di terlampir dalam berkas
    Analysis: Timeline, persidangan perkara/dipergunakan
    Windows Forensics untuk perkara lain
    Analysis, MacOS, Android,
    iOS, Sqlite Database,
    Malware, User Attribution,
    dll
    Dasar Kewenangan Hukum (Legal Authority)
    ● Surat Perintah Penggeledahan
    Proses Bukti Elektronik dengan
    01 izin Pengadilan/Dewas


    Surat Perintah Penyitaan
    Surat Perintah Pengadilan lainnya

    ● Surat Pernyataan Persetujuan


    Proses Bukti Elektronik tanpa
    02 izin Pengadilan/Dewas


    Surat Penerimaan Resiko Tindakan
    Surat Pernyataan lainnya

    03 Proses Bukti Elektronik BMN




    Surat Resmi Permohonan kepada Instansi
    Berita Acara Pinjam Pakai beserta tanda terimanya

    ● Surat Perintah Tugas


    Proses Bukti Elektronik Tak
    04 Bertuan


    Berita Acara Penemuan Barang
    Berita Acara Inspeksi Mendadak (SIDAK)

    Proses Bukti Elektronik kondisi


    05 lainnya
    ● Surat resmi dengan dasar hukum
    perundang-undangan yang berlaku.
    Dokumentasi dan Catatan Ketelusuran

    1 2 3 4

    Perpindahan 1 Perpindahan 2 Perpindahan 3 Dan seterusnya...

    Pemilik/penguasa Bukti Elektronik Petugas yang berwenang Laboratorium Barang Bukti Setiap perpindahan bukti
    kepada Petugas menyerahkan kepada Elektronik menyerahkan hasil elektronik didokumentasikan
    (Penyelidik/Penyidik) yang Laboratorium Barang Bukti proses forensik dan dalam catatan ketelusuran atau
    berwenang Elektronik KPK untuk di proses mengembalikan kepada Petugas Chain of Custody (COC)
    forensik yang berwenang
    Dokumentasi dan Catatan Ketelusuran
    Kritikal/Formil vs Non Kritikal/Materil

    Prosedur Peralatan BBE


    Kritikal/Formil: Jika tidak Kritikal/Formil: Peralatan Kritikal/Formil: BBE yang
    dilakukan dengan tepat Forensik Digital yang perlu dapat dilakukan pembuatan
    mungkin akan berdampak dilakukan validasi/verifikasi salinan forensik digital
    tidak diterimanya bukti kinerja secara berkala dengan nilai hash identik
    elektronik di pengadilan

    ● Pemeriksaan Fisik dan SI dan HI ● Peralatan Sistem Proteksi Akses Tulis ● Kritikal/Formil: Hard Disk non SSD,
    ● Sterilisasi Media Penyimpanan ● Drive Duplicator / Imaging USB Flash disk, micro SD, dll
    ● Sistem Proteksi Akses Tulis ● Forensic Workstation
    ● Penyalinan membuat Image forensik ● Non Kritikal/Materil: SSD, RAM,
    ● Analisa untuk Opini Pendapat Ahli Mobile Device
    Best Practices
    Best Practices
    Layanan LBBE:
    ● Field Search, penanganan awal BBE/layanan luar Laboratorium.
    ● Layanan KIOSK, proses Search/Find/Extract mandiri.
    ● Preview in Lab, review bukti elektronik sebelum diajukan untuk dieksaminasi.
    ● Investigative Review System, proses pencarian, tagging, commenting
    terhadap dokumen/informasi elektronik hasil eksaminasi sementara.

    Program Pelatihan dan Kompetensi Personel (Pelatihan dan Sertifikasi Personel


    baik dari Internal maupun Eksternal);

    Program Validasi Peralatan Forensik Digital (CFTT-NIST)


    Best Practices
    Hal-hal yang berlaku untuk semua tindakan terhadap bukti elektronik:

    ● Memastikan adanya dasar kewenangan hukum (legal authority) sebelum


    melakukan tindakan;
    ● Menentukan pendekatan teknis/operasional (situasi dan kondisi);
    ● Menentukan peralatan-peralatan yang sesuai (valid, sah dan legal);
    ● Menentukan prosedur-prosedur yang digunakan (SOP dan referensi best
    practices).
    Kompetensi Personel
    ● Certified Forensic Computer Examiner (CFCE)
    Pemeriksa Forensik
    FE (Forensic Examiner)



    Certified Computer Examiner (CCE)
    Encase Forensic Examiner (EnCE)
    Cellebrite Certified Mobile Examiner (CCME)

    ● Program Pelatihan dan Kompetensi Internal (Digital Forensic Examiner 1)


    Petugas Teknis Forensik
    FT (Forensic Technician)


    Cellebrite Certified Physical Analyzer (CCPA)
    Cellebrite Certified Operator (CCO)

    ● Program Pelatihan dan Kompetensi Internal (Digital Forensic Examiner 1)


    Penanganan Awal BBE
    FR (First Responder)



    CompTia A+ IT Technician (CompTia A+)
    Oxygen Forensic Certification (OFC)
    Cellebrite Mobile Forensic Fundamental (CMFF)
    Manajemen Laboratorium BBE
    Terima Kasih

    You might also like