Digital Evidence Archive (DEA) helps investigative units manage and store digital evidence on AWS. It equips investigators and other law enforcement personnel with a web user interface (UI) that they can use to create and update cases with the associated digital evidence. The UI removes the reliance on physical devices, such as USBs and hard drives, and reduces cost that is incurred when running a local data center.
DEA supports file integrity, hashing, encryption, and audit logging, helping customers meet the requirements of the Criminal Justice Information Services (CJIS) Security Policy.
A simple interface that allows investigative units to manage their data in one place without interacting with the AWS Console. No cloud knowledge is required to leverage the scale, elasticity, and automation capabilities of this AWS Solution.
Customers are only charged for the storage and compute services they use. The default storage service delivers automatic storage cost savings through intelligent-tiering.
Data within Digital Evidence Archive is encrypted. Files are hashed when uploaded and can be validated to ensure evidence is locked in its original form, allowing users to maintain chain of custody. Access controls allow permissions to be granted on an as-needed basis.
The following diagram shows how digital evidence is stored and managed for Digital Evidence Archive on AWS. Digital Evidence is uploaded through the UI or an application programming interface (API). The data can be locked, preventing it from being overwritten or deleted. Server-side encryption protects the data in AWS while also providing a point-in-time recovery.
Solution users sign in through their existing CJIS compliant Identity Provider (IdP), which federates with Amazon Cognito, to access the DEA on AWS API and web UI.
Amazon DynamoDB registers the case creation event, and tracks user authentication sessions to mitigate malicious case actions.
AWS CloudTrail registers CloudTrail events and Amazon S3 object-level changes in the S3 evidence bucket.
An AWS Key Management Service (AWS KMS) customer-managed key (CMK) provides server-side encryption, preventing malicious adaptation to evidence as it is associated to cases and uploaded and downloaded.
Digital Evidence Archive on AWS enables law enforcement customers to store and manage their digital evidence through a simple user interface. Evidence stored in the system does not change, and that integrity is verifiable using audit and accountability reports, file hashing, CJIS-level encryption, and access controls. Learn more about the benefits and how to get started in this one page overview.