Computer Forensics was created to help various kinds of police investigations to quickly and reliably collect digital data from the suspect's electronic media (PCs, mobile phones, printers, etc.) and their presentation to the court.
The Open Computer Forensics Architecture is a program created by the Dutch police to accelerate police research, automate the collection of digital data and enable police researchers to have ongoing access to the data of the case that has been found so far.
Open Computer Forensics Architecture has been developed on Linux and requires good knowledge of SQL language and knowledge of Computer Forensics in general.
By connecting Open Computer Forensics Architecture to the suspect's computer, it's easy to find and retrieve digital data that can be presented to court as evidence.
With OCFA's specialized use, data can be obtained that show information about a document or information that the suspect has attempted to delete. This data is called Meta Data.
Communication between the departments within the OCFA is determined by a communication system consisting of two levels.
At the first level there is the OCFA Anycast Relay messaging system, which is responsible for caching and storing unsent messages and for balancing load between the same type of OCFA components. On the second level, OCFA XML Router distributes the evidence to the appropriate sections of the OCFA. For distributing the data, the XML Router sees the meta data from the previous segments.
Although OCFA is simple to use, its capabilities are highlighted in its specialized use and architecture.
The last OCFA tool is the OCFA Data Store Module. This tool processes the data and meta data and stores the useful information in a database. OCFA can be downloaded by anyone who wants it from the page http://ocfa.sourceforge.net/ if it is free of charge.
From Danish Giannis and Gerasimos Kounadi @Wikibooks