Full Text Available
Note: Clicking the button above will open the full text document at the original institutional repository in a new window.
XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL
Dissertation (MSc)--University of Pretoria, 2015.
Saved in:
| Other Authors: | |
|---|---|
| Format: | Thesis |
| Language: | English |
| Published: |
University of Pretoria
2015
|
| Subjects: | |
| Tags: |
No Tags, Be the first to tag this record!
|
| _version_ | 1867613668616699904 |
|---|---|
| access_status_str | Open Access |
| author2 | Olivier, Martin S. |
| author_browse | Olivier, Martin S. |
| author_facet | Olivier, Martin S. |
| collection | Thesis |
| dc_rights_str_mv | © 2015 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. |
| description | Dissertation (MSc)--University of Pretoria, 2015. |
| format | Thesis |
| id | oai:repository.up.ac.za:2263/50646 |
| institution | University of Pretoria (South Africa) |
| language | English |
| last_indexed | 2026-06-10T12:39:48.717Z |
| license_str | Other — see source repository |
| provenance_str_mv | Harvested via OAI-PMH from UPSpace — University of Pretoria Institutional Repository |
| publishDate | 2015 |
| publishDateRange | 2015 |
| publishDateSort | 2015 |
| publisher | University of Pretoria |
| publisherStr | University of Pretoria |
| record_format | dspace |
| source_str | UPSpace — University of Pretoria Institutional Repository |
| spelling | oai:repository.up.ac.za:2263/50646 XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL Olivier, Martin S. djjkotze@gmail.com Kotze, Dirk J.J. UCTD Cyber-crime Data irregularity Digital forensics Forensic readiness XML accounting XML XBRL (eXtensible Business Reporting Language) Engineering, built environment and information technology theses SDG-08 Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 Dissertation (MSc)--University of Pretoria, 2015. In the 21st century, our worlds are becoming increasingly digitised and the business world is no exception. Financial transactions and accounting data are stored electronically, allowing for sharing and electronic processing. One of the most popular formats employed to store such data is the eXtensible Markup Language (XML). Together with digitisation, crime involving electronic and digital means (cyber-crime) is rising sharply. Investigating acts of cyber-crime involve specialist skills, called digital forensics. Accounting data stored in XML format is particularly vulnerable to unauthorised data modification (tampering) due XML’s requirement to be human-readable. As a result, cyber-criminals can easily commit fraud or obtain financial gain by tampering with XML financial data in this manner. However, detecting such tampering is extremely difficult due to the so-called big data problem or needle-in-a-haystack problem. This involves searching for a particular item (in this case, the set of changes) in a large set of data (the entire XML accounting data file). To exacerbate the problem, it is not known whether tampering has occurred in any given XML accounting data file, causing one to possibly search for evidence of tampering which does not even exist. Traditional approaches to isolate such tampering is not feasible. Firstly, due to the big data problem, using a sequential search of all data contained in the XML file to detect tampering is not efficient. Also, testing for data tampering using standard accounting rules is not possible, as modified data may still be valid in terms of accounting rules. Detecting data tampering in XML data therefore calls for a novel approach, forming the foundation of this work. This study aims to enable an investigator to determine whether tampering occurred in a specific set of XML financial data as well as reconstructing the events leading to the tampering in order to determine the extent and detail of such tampering. In order enable the detection of potential tampering with data, this study proposes the creation of an automated tool to detect such irregularities in XML financial data. Using the parallel of forensic pathology, it is argued that XML financial data needs to be analysed for any artefacts (irregularities) that are not consistent with known normal (or “healthy”) XML financial accounting data. This study furthermore argues that these artefacts are often noted in patterns, allowing one to attribute potential causality to groups of artefacts. It is also noted that compilers are typically used to parse input and detect any input not conforming to a pre-defined set of rules describing normal input. As a result it is therefore proposed that compilers and similar techniques should be used to protect financial data on the merit of their capabilities regarding parsing of data and error reporting and/or error correction. Furthermore, the work performed as part of this study suggests a means to enable an investigator to reconstruct the events leading to the tampering in order to determine the extent and detail of the tampering. As data regarding the history and extent of changes is typically not retained by either the operating system or the XML data format itself, it is proposed that instrumentation be employed to record the additional data necessary in order to reconstruct events. This is achieved by using a combination of version control and audit logging to ensure that data is available to reconstruct tampering events. The XML Accounting Trail Model is therefore proposed to collect data about all modifications affecting the file containing XML accounting data. The model also proposes the combination of digital signatures and a reference monitor to ensure that all changes to the XML data files are recorded and that the XML Accounting Trail Model cannot be circumvented by direct editing of the XML file. tm2015 bs2026 Computer Science MSc Unrestricted SDG-08: Decent work and economic growth SDG-09: Industry, innovation and infrastructure SDG-16: Peace, justice and strong institutions 2015-11-25T09:47:01Z 2015-11-25T09:47:01Z 2015/09/01 2015 Dissertation Kotze, DJ 2015, XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL, MSc Dissertation, University of Pretoria, Pretoria, viewed yymmdd <http://hdl.handle.net/2263/50646> S2015 http://hdl.handle.net/2263/50646 en © 2015 University of Pretoria. All rights reserved. The copyright in this work vests in the University of Pretoria. No part of this work may be reproduced or transmitted in any form or by any means, without the prior written permission of the University of Pretoria. application/pdf University of Pretoria |
| spellingShingle | UCTD Cyber-crime Data irregularity Digital forensics Forensic readiness XML accounting XML XBRL (eXtensible Business Reporting Language) Engineering, built environment and information technology theses SDG-08 Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL |
| title | XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL |
| title_full | XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL |
| title_fullStr | XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL |
| title_full_unstemmed | XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL |
| title_short | XML accounting trail : a model for introducing forensic readiness to XML accounting and XBRL |
| title_sort | xml accounting trail a model for introducing forensic readiness to xml accounting and xbrl |
| topic | UCTD Cyber-crime Data irregularity Digital forensics Forensic readiness XML accounting XML XBRL (eXtensible Business Reporting Language) Engineering, built environment and information technology theses SDG-08 Engineering, built environment and information technology theses SDG-09 Engineering, built environment and information technology theses SDG-16 |
| url | http://hdl.handle.net/2263/50646 |