Abstract
Digital evidence is a critical component in today’s organizations, as it is the foundation on which any certification is based. This paper presents a risk assessment of evidence in the certification domain to identify the main security risks. To mitigate these risks, it also proposes an adaptation of an existing Blockchain-based audit trail system to create an evidence trustworthiness system enhancing security and usability. This system covers specific additional requirements from auditors: evidence confidentiality and integrity verification automation. The system has been validated with cloud service providers to increase the security of evidence for a cybersecurity certification process. However, it can be also extended to other certification domains.
| Original language | English |
|---|---|
| Article number | 1 |
| Journal | Journal of Cybersecurity and Privacy |
| Volume | 5 |
| Issue number | 1 |
| DOIs | |
| Publication status | Published - Mar 2025 |
Keywords
- blockchain
- certification
- evidence
- integrity
- risk assessment
- trustworthiness