Introduction

In Law Enforcement Organizations, there are multiple teams which  include a Case Investigation Team and a team that is responsible for Auditing and Monitoring the activities of the former team. Utilization of a single Portal of Digital Evidence Management is a probability in these cases. Hence, it is essential to limit access to certain content, settings, and especially Audit Trails for any organization's utmost security.


Although VIDIZMO provisions the facility to limit access to content through different policies and strategies, Log Access Level is a finesse that can be utilized to limit access to Audit Logs and Chain of Custody of certain User Groups .This can be achieved by assigning levels to various User Groups in a Portal. To Understand more about Chain of Custody, read Understanding Chain of Custody.

 

Concept

VIDIZMO allows allocating Log Access Levels to each group such that the group with the highest Log Access Level can view the audit logs of all the User Groups with the same Log Level and lower than that. Therefore, the groups who are assigned highest Log Access Level can view Audit Logs and Chain of Custody of all the Users in the Portal.

 

To explain it a little in-depth, consider 3 User Groups assigned Log Access Levels 1,2 and 10(highest). The table depicts how this policy will affect the superiority of access assigned to each User Groups.


Log Access Level

Log Level 1Log Level 2Log Level 10

Can view audit logs and chain of custody of users with Level 1 and 0.

Can only view audit logs and chain of custody of users with Level 2,1 and 0

Can only view audit logs and chain of custody of users with level 10 or less

 

Note: In VIDIZMO'S Digital Evidence Management System, Administrators and Managers can enable the Log Access Levels and can assign levels to each User Group separately.
To read more about configuration, visit How to Enable and Assign Log Access Level.


Hierarchy

To generalize, a hierarchy of a Case Investigation team and another team Auditing their activities for a Digital Evidence Management System can comprise of:

  1. Chiefs
  2. Commanders
  3. Sergeants
  4. Investigators

 

As depicted in the chart above, multiple User Groups can be made based on the following hierarchy. For example, all the investigators will be part of one group, all the sergeants will be part of another group, and so on. All these separate Groups can be assigned Log Access Levels based on the requirements of an organization itself. 

 

This enables a company, to restrict certain Users from accessing Audit logs of other Users. The priority assigned by Log Access Levels can be determined by the company specifically and then be implemented accordingly.

 

The same hierarchy can be characterized in the relative team Auditing the Case Investigation team. A User Group of all the members Auditing should be designated the highest Log Access Level such that their Audit Logs are inaccessible to any other members who are not part of the Auditing circle. 


Considerations

Default Log Access Levels

By default, when the Log-Access Levels are enabled in a Portal, all Groups are set with Log Access Level 0, which is the lowest access level possible. Hence, if there are certain groups that are assigned specific levels excluding few Groups, those few Groups will retain the Log Access Level 0.


User Role Priority 

VIDIZMO provides the User Role the utmost priority in every aspect even irrespective of the Log Access Level assigned to the User Group which it is part of. If a user with the role of Viewer is part of a Group that is assigned Log Access Level 9, it will still not be able to access the Audit Logs and Chain of Custody of Users with the same or lower Log Access Levels because by default, Users with Role Viewer are not able to see Audit Logs and Chain of Custody.


A User, who is a Contributor will only be able to access the Chain of Custody but not the Audit Logs. Hence, the Log Access Level policy will be implemented accordingly for that user only for the Chain of Custody.


Retention of Log Access Levels

VIDIZMO’s intelligent capability allows the levels to be retained even when the Log Access Level policy is disabled after being enabled in the portal. Though, it is worthy to note that these levels are retained but not effective while the policy is disabled.

Therefore, if the policy is reconfigured, the Log Access Levels set for User Groups previously are implemented and displayed accordingly.


Historical Log Access

In VIDIZMO, each event Logged is assigned its own Log Level based on the User's Log Access Level at that particular time. Therefore, personal historic logs will not be visible to the User if his User Group is assigned a lower Log Access Level.

To Understand this concept better, let's take an example:

  1. When a user belonging to a Group with Log Access Level 2 performs some action such that his activity is logged in the Portal's Audit Log with Log Level 2. 
  2. If the Log access Level of the same User is changed to 1, then the User will not be able to see his own previous logs which were tracked when he had Level 2. 
  3. Now, all his new Logs when his Level is 1 will be visible to him along with the logs of other users with log access level 1 or 0 only.


Use-case Scenarios

Let's look at some common scenarios by taking an example of two groups in a Portal; Group A and Group B. At a specific time, Group A with three members is assigned Log Access Level 2 and Group B with three other separate members is assigned Log Access Level 3.


When the User is part of 2 or more Groups

A user who is part of multiple groups will always retain the highest Log Access Level out of all the groups he is part of. Hence, in this scenario, the user who is mutual to both the groups, will have Log Access Level 3 as the highest log level between the Group A and Group B is 3 and will be able to view the Audit Logs and Chain of Custody of all the users in both Group A and B. 

 

 

 


When Group A is added to Group B

In this scenario, all the users specific to Group A are assigned Log level 3 due to corresponding mechanism discussed in the scenario above. Hence, all the users in A and B can view the Audit Logs and Chain of Custody of all the users who are part of Group A and B.

 

When Group B is added to Group A

In this scenario, users in Group B are added to Group A whose log access level is lower than Group B. Due to this, Group B retains the highest Log level between Group A and B which is 3. Group A members still retain Log Level 2 as they are specific to Group A only. Hence, users in B are able to view the Audit Logs and Chain of Custody of Users in A and B but users in A are unable to see the Audit Logs and Chain of Custody of Users in B.