Deploy a secure, simple user interface to store and manage digital evidence. Purpose-built for law enforcement, digital evidence is securely stored with data integrity verified through audit reports and system controls.
Overview
Digital Evidence Archive (DEA) helps investigative units manage and store digital evidence on AWS. It equips investigators and other law enforcement personnel with a web user interface (UI) that they can use to create and update cases with the associated digital evidence. The UI removes the reliance on physical devices, such as USBs and hard drives, and reduces cost that is incurred when running a local data center.
DEA supports file integrity, hashing, encryption, and audit logging, helping customers meet the requirements of the Criminal Justice Information Services (CJIS) Security Policy.
Benefits
A simple interface that allows investigative units to manage their data in one place without interacting with the AWS Console. No cloud knowledge is required to leverage the scale, elasticity, and automation capabilities of this AWS Solution.
Customers are only charged for the storage and compute services they use. The default storage service delivers automatic storage cost savings through intelligent-tiering.
Data within Digital Evidence Archive is encrypted. Files are hashed when uploaded and can be validated to ensure evidence is locked in its original form, allowing users to maintain chain of custody. Access controls allow permissions to be granted on an as-needed basis.
Technical details
The following diagram shows how digital evidence is stored and managed for Digital Evidence Archive on AWS. Digital Evidence is uploaded through the UI or an application programming interface (API). The data can be locked, preventing it from being overwritten or deleted. Server-side encryption protects the data in AWS while also providing a point-in-time recovery.
Step 1
Solution users sign in through their existing CJIS compliant Identity Provider (IdP), which federates with Amazon Cognito, to access the DEA on AWS API and web UI.
Step 2
Users create cases using API calls to Amazon API Gateway (accessed through the web UI).
Step 3
Case creation API calls are directed to AWS Lambda, the solution's API handler.
Step 4
Lambda sends API event data to Amazon CloudWatch for logging purposes.
Step 5
Amazon DynamoDB registers the case creation event, and tracks user authentication sessions to mitigate malicious case actions.
Step 6
Users upload and download evidence using pre-signed URLs through Amazon Simple Storage Service (S3).
Step 7
AWS CloudTrail registers CloudTrail events and Amazon S3 object-level changes in the S3 evidence bucket.
Step 8
An AWS Key Management Service (AWS KMS) customer-managed key (CMK) provides server-side encryption, preventing malicious adaptation to evidence as it is associated to cases and uploaded and downloaded.
Step 9
Amazon S3 invokes Lambda as needed for S3 Batch Operations.
Step 10
Users retrieve audit reports by querying the DEA audit REST API endpoints. Amazon Athena returns case audit information to the endpoint.
Step 1
Solution users sign in through their existing CJIS compliant Identity Provider (IdP), which federates with Amazon Cognito, to access the DEA on AWS API and web UI.
Step 2
Users create cases using API calls to Amazon API Gateway (accessed through the web UI).
Step 3
Case creation API calls are directed to AWS Lambda, the solution's API handler.
Step 4
Lambda sends API event data to Amazon CloudWatch for logging purposes.
Step 5
Amazon DynamoDB registers the case creation event, and tracks user authentication sessions to mitigate malicious case actions.
Step 6
Users upload and download evidence using pre-signed URLs through Amazon Simple Storage Service (S3).
Step 7
AWS CloudTrail registers CloudTrail events and Amazon S3 object-level changes in the S3 evidence bucket.
Step 8
An AWS Key Management Service (AWS KMS) customer-managed key (CMK) provides server-side encryption, preventing malicious adaptation to evidence as it is associated to cases and uploaded and downloaded.
Step 9
Amazon S3 invokes Lambda as needed for S3 Batch Operations.
Step 10
Users retrieve audit reports by querying the DEA audit REST API endpoints. Amazon Athena returns case audit information to the endpoint.
Related content
Digital Evidence Archive on AWS enables law enforcement customers to store and manage their digital evidence through a simple user interface. Evidence stored in the system does not change, and that integrity is verifiable using audit and accountability reports, file hashing, CJIS-level encryption, and access controls. Learn more about the benefits and how to get started in this one page overview.