“Database Application Schema Forensics”

Beyers, Olivier, and Hancke


Citation information

H. Beyers, M. S. Olivier, and G. P. Hancke. “Database Application Schema Forensics”. In: South African Computer Journal 55 (2014)


The application schema layer of a Database Management System (DBMS) can be modified to deliver results that may warrant a forensic investigation. Table structures can be corrupted by changing the metadata of a database or operators of the database can be altered to deliver incorrect results when used in queries. This paper will discuss categories of possibilities that exist to alter the application schema with some practical examples. Two forensic environments are introduced where a forensic investigation can take place in. Arguments are provided why these environments are important. Methods are presented how these environments can be achieved for the application schema layer of a DBMS. A process is proposed on how forensic evidence should be extracted from the application schema layer of a DBMS. The application schema forensic evidence identification process can be applied to a wide range of forensic settings.

Definitive version

The definitive version of the paper is available from the publisher.
DOI: 10.18489/sacj.v55i0.188

BibTeX reference

author={Hector Beyers and Martin S Olivier and Gerhard P Hancke},
title={Database Application Schema Forensics},
journal={South African Computer Journal},
volume={55} )

[Publications] [Home]
Page maintained by Martin Olivier
Database updated: November 8, 2015

Beta version of new bibliography database; please report errors (or copyright violations) that may have slipped in.