Open Access  Subscription Access

國內近年來大量流行的OTT 機上盒，不僅透過網路民眾可免費無遠弗屆觀賞線各式影音媒體外，也可能淪為新的物聯網資安威脅，本次探討OTT 相關CDN 傳輸技術、內容傳輸合法性、針對以Android 為主的機上盒進行數位鑑識提權(Root)適法性及從個案進行解析提出初步數位鑑識架構探討，而與其他電腦鑑識不同之處，數位載具(行動裝置、穿戴裝置或機上盒)不應繼續堅持做鏡像後來進行鑑識分析，可引用ISO/IEC27037概念直接對於證物進行採證，並仍秉持對於以最小損害性為原則來處理，因此仍循原NIST 所規範之ISO 800-86 鑑識指南，從Collection (收集)、Examination (檢驗)、Analysis(分析)、Reporting(呈現)等4 個步驟框架進行鑑識下，但對於Android 機上盒本文中提出另一種鑑識作法，可鑑供作為現行工具不足下之補強方法，以達成數位鑑識的目標。The new trend of popular OTT Box is such a phenomenon not only for people in Taiwan to have pervasive entertainment with versatile of multimedia content through internet, but, in some way, it also brings the potential security threat of internet of things (IoT). In this paper, we focus on admissibility on rooting Android system for digital forensic purpose with several instants of case study in terms of related technologies in CDN transmission and legality of content transmission in order to propose the primary digital forensic infrastructure on the Android base OTT Box. Compared to generic computer forensics, the forensic technique used for digital platform, such as mobiles, wearables and setup box, should not stick to the principle of image mirroring first and forensic analysis. We may follow concept of ISO/IEC27037 to collect evidence directly and must handle it by rule of minimal impact: the frame procedure from collection, examination, analysis to reporting by ISO 800-86 forensic guideline of NIST. The alternative way we propose in this paper can be used as complementary way for the existing digital forensic procedure to fulfill the demand of investigation objective.

OTT; CDN; 機上盒; 資訊安全; 資安鑑識; 物聯網; Over The Top; CDN; Tv-Box; Information Security; Digital Forensic; Internet of Thing