A digital forensic logging system must prevent the booting of unauthorized programs and the modification of evidence. Our previous research developed Dig-Force2, a boot control system for Windows XP platforms that employs API hooking and a trusted platform module. However, Dig-Force2 cannot be used for Windows Vista systems because the hooked API cannot monitor booting programs in user accounts. This paper describes an enhanced version of Dig-Force2, which uses a TPM and a white list to provide boot control functionality for Windows Vista systems. In addition, the paper presents the results of security and performance evaluations of the boot control system.
CITATION STYLE
Ashino, Y., Fujita, K., Furusawa, M., Uehara, T., & Sasaki, R. (2009). Implementing boot control for windows vista. In IFIP Advances in Information and Communication Technology (Vol. 306, pp. 133–141). Springer New York LLC. https://doi.org/10.1007/978-3-642-04155-6_10
Mendeley helps you to discover research relevant for your work.