File Systems

What are the primary responsibilities of an operating system and middleware? Why is it important to a forensics investigator to know operating systems and middleware?

If you testify as an expert witness and present electronic evidence as such, you are expected to know the fundamentals of computer operating systems, middleware, and the computer hardware involved with the case, or your credentials as an expert witness may come into question.

In addition, an investigation is often focused on files. It is important to understand the role of the operating system and middleware, as these software components may be responsible for altering system files and data, not the end user directly.

Examples of operating systems include Microsoft Windows, Unix, Linux, Mac OS X, Android, and Apple iOS. Some of these operating systems, such as Unix, Linux, and Android, have great similarities, while others, such as Windows, are very different.

Middleware is essentially software layered on top of the operating system with a more specific purpose, such as providing database management or a web server. Middleware may be common to multiple operating systems, with the Oracle database management system being one example, but may differ significantly in configuration and implementation on each operating system type.

References

Hailperin, M. (2011). Operating systems and middleware: Supporting controlled interaction. https://gustavus.edu/mcs/max/os-book/osm-rev1.1.2.pdf