Skip to main content
SpringerLink
Log in

A framework for designing cloud forensic-enabled services (CFeS)

  • Original Article
  • Published:
Requirements Engineering Aims and scope Submit manuscript

Abstract

Cloud computing is used by consumers to access cloud services. Malicious actors exploit vulnerabilities of cloud services to attack consumers. The link between these two assumptions is the cloud service. Although cloud forensics assists in the direction of investigating and solving cloud-based cyber-crimes, in many cases the design and implementation of cloud services fall back. Software designers and engineers should focus their attention on the design and implementation of cloud services that can be investigated in a forensic sound manner. This paper presents a methodology that aims on assisting designers to design cloud forensic-enabled services. The methodology supports the design of cloud services by implementing a number of steps to make the services cloud forensic enabled. It consists of a set of cloud forensic constraints, a modeling language expressed through a conceptual model and a process based on the concepts identified and presented in the model. The main advantage of the proposed methodology is the correlation of cloud services’ characteristics with the cloud investigation while providing software engineers the ability to design and implement cloud forensic-enabled services via the use of a set of predefined forensic-related tasks.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Fig. 7
Fig. 8
Fig. 9
Fig. 10
Fig. 11
Fig. 12
Fig. 13
Fig. 14
Fig. 15
Fig. 16
Fig. 17
Fig. 18
Fig. 19
Fig. 20
Fig. 21
Fig. 22
Fig. 23
Fig. 24

Similar content being viewed by others

References

  1. Skyhigh (2016) Cloud adoption and risk report Q4 2016. Skyhigh, p 33

  2. Martini B, Choo K-KR (2014) Distributed filesystem forensics: XtreemFS as a case study. Digit Invest 11(4):295–313

    Article  Google Scholar 

  3. Wilshusen GC (2016) Federal information security: actions needed to address challenges. U.S. Government Accountability Office, Washington, D. C., p 17

    Google Scholar 

  4. Simou S, Kalloniatis C, Mouratidis H, Gritzalis S (2016) Towards a model-based framework for forensic-enabled cloud information systems. In: Katsikas S, Lambrinoudakis C, Furnell S (eds) Proceedings of the trust, privacy and security in digital business: 13th international conference, TrustBus 2016, Porto, Portugal. Springer, Switzerland, pp 35–47

    Chapter  Google Scholar 

  5. McKemmish R (1999) What is forensic computing? Trends and issues in crime and criminal justice. Canberra Aust Aust Inst Criminol 118:1–6

    Google Scholar 

  6. Palmer G (2001) A road map for digital forensic research. technical report from the first digital forensics research workshop (DFRWS). In: Proceedings of the first digital forensic research workshop, Utica, New York, USA, pp 1–48

  7. U.S. Department of Justice (2001) Electronic crime scene investigation: a guide for first responders. In: NIJ research report, NCJ 187736, Washington, p 96

  8. Reith M, Carr C, Gunsch G (2002) An examination of digital forensic models. Int J Digit Evid 1(3):1–12

    Google Scholar 

  9. Carrier B, Spafford EH (2003) Getting physical with the digital investigation process. Int J Digit Evid 2(2):1–20

    Google Scholar 

  10. Baryamureeba V, Tushabe F (2004) The enhanced digital investigation process model. In: Proceedings of the fourth digital forensic research workshop (DFRWS), Baltimore, MD, USA

  11. Ciardhuáin SÓ (2004) An extended model of cybercrime investigations. Int J Digit Evid 3(1):1–22

    Google Scholar 

  12. Selamat SR, Yusof R, Sahib S (2008) Mapping process of digital forensic investigation framework. Int J Comput Sci Netw Secur 8(10):163–169

    Google Scholar 

  13. Beebe NL, Clark JG (2005) A hierarchical, objectives-based framework for the digital investigations process. Digit Invest Int J Digit Forensic Incid Response 2(2):147–167

    Google Scholar 

  14. Kent K, Chevalier S, Grance T, Dang H (2006) Guide to integrating forensic techniques into incident response. NIST Special Publication. SP 800-86, p 121

  15. von Solms S, Louwrens C, Reekie C, Grobler T (2006) A control framework for digital forensics. In: Olivier MS, Shenoi S (eds) Proceedings of the IFIP international conference on digital forensics, National Center for Forensic Science. Advances in digital forensics II, Orlando, Florida. Springer, New York, pp 343–355

    Google Scholar 

  16. Cohen FB (2010) Fundamentals of digital forensic evidence. In: Stavroulakis P, Stamp M (eds) Handbook of information and communication security. Springer, Berlin, pp 789–808

    Chapter  Google Scholar 

  17. Agarwal A, Gupta M, Gupta S, Gupta SC (2011) Systematic digital forensic investigation model. Int J Comput Sci Secur 5(1):118–131

    Google Scholar 

  18. Valjarevic A, Venter HS (2012) Harmonised digital forensic investigation process model. In: Proceedings of the 2012 information security for South Africa (ISSA), Johannesburg, South Africa, pp 1–10

  19. Guo H, Jin B, Shang T (2012) Forensic investigations in cloud environments. In: Proceedings of the 2012 international conference on computer science and information processing (CSIP), Xi’an, Shaanxi, pp 248–251

  20. Chen G, Du Y, Qin P, Du J (2012) Suggestions to digital forensics in cloud computing ERA. In: 3rd IEEE international conference on network infrastructure and digital content (IC-NIDC), Beijing, China, pp 540–544

  21. Martini B, Choo K-KR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9(2):71–80

    Article  Google Scholar 

  22. Ruan K, Carthy J (2012) Cloud Forensic maturity model. In: Rogers M, Seigfried-Spellar KC (eds) Proceedings of the 4th international conference on digital forensics and cyber crime (ICDF2C). Springer, Berlin, pp 22–41

    Google Scholar 

  23. Adams R (2013) The emergence of cloud storage and the need for a new digital forensic process model. In: Ruan K (ed) Cybercrime and cloud forensics: applications for investigation processes. IGI Global, Hershey, pp 79–104

    Chapter  Google Scholar 

  24. Kohn MD, Eloff MM, Eloff JH (2013) Integrated digital forensic process model. Comput Secur 38:103–115

    Article  Google Scholar 

  25. Zawoad S, Hasan R, Skjellum A (2015) OCF: an open cloud forensics model for reliable digital forensics. In: IEEE 8th international conference on cloud computing (CLOUD). New York City, NY, pp 437–444

  26. Simou S, Kalloniatis C, Gritzalis S, Mouratidis H (2016) A survey on cloud forensics challenges and solutions. Secur Commun Netw 9(18):6285–6314

    Article  Google Scholar 

  27. Simou S, Kalloniatis C, Kavakli E, Gritzalis S (2014) Cloud forensics: identifying the major issues and challenges. In: Jarke M, Mylopoulos J, Quix C, Rolland C, Manolopoulos Y, Mouratidis H, Horkoff J (eds) Proceedings of the 26th international conference on advanced information systems engineering (CAiSE). Thessaloniki, Greece. Springer, Cham, pp 271–284

    Google Scholar 

  28. Kalloniatis C, Mouratidis H, Vassilis M, Islam S, Gritzalis S, Kavakli E (2014) Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts. Comput Stand Interfaces 36(4):759–775

    Article  Google Scholar 

  29. Zawoad S, Hasan R (2015) FECloud: a trustworthy forensics-enabled cloud architecture. In: Peterson G, Shenoi S (eds) Advances in digital forensics XI. Springer, Berlin, pp 271–285

    Chapter  Google Scholar 

  30. Liu F, Tong J, Mao J, Bohn R, Messina J, Badger L, Leaf D (2011) NIST cloud computing reference architecture. In: NIST special publication. National Institute of Standards and Technology, SP 500-292, p 35

  31. Catteddu D, Felici D, Hogben G, Holcroft A, Kosta E, Leenes R, Millard C, Niezen M, Nunez D, Papanikolaou N (2013) Towards a model of accountability for cloud computing services. In: Proceedings of the DIMACS/BIC/A4Cloud/CSA international workshop on trustworthiness, accountability and forensics in the cloud (TAFC), Malaga, Spain

  32. Cloud Accountability Project (2016) Accountability in the cloud-conceptual framework. Cited 2018 Feb 18. http://a4cloud.eu/about.html

  33. Newcombe L (2012) Securing cloud services: a pragmatic approach to security architecture in the cloud. IT Governance Publishing, Ely

    Google Scholar 

  34. NIST (2013) NIST cloud computing security reference architecture. In: Working document, Draft SP 500-299. National Institute of Standards and Technology, p 204

  35. Ruan K, Carthy J, Kechadi T, Crosbie M (2011) Cloud forensics. In: Peterson G, Shenoi S (eds) Proceedings of the 7th IFIP WG 11.9 international conference on digital forensics. advances in digital forensics VII. Springer, Berlin, pp 35–46

    Google Scholar 

  36. Chang C, Ramachandran M (2016) Towards achieving data security with the cloud computing adoption framework. Trans Serv Comput 9(1):138–151

    Article  Google Scholar 

  37. Kalloniatis C, Kavakli E, Gritzalis S (2008) Addressing privacy requirements in system design: the PriS method. Requir Eng 13(3):241–255

    Article  Google Scholar 

  38. Shei S, Kalloniatis C, Mouratidis H, Delaney A (2016) Modelling secure cloud computing systems from a security requirements perspective. In: Katsikas S, Lambrinoudakis C, Furnell S (eds) Proceedings of the trust, privacy and security in digital business: 13th international conference, TrustBus 2016. Porto, Portugal. Springer, Switzerland, pp 48–62

    Chapter  Google Scholar 

  39. Simou S, Kalloniatis C, Kavakli E, Gritzalis S (2014) Cloud forensics solutions: a review. In: Iliadis L, Papazoglou M, Pohl K (eds) Proceedings of the 4th international workshop on information systems security engineering (WISSE). Advanced information systems engineering workshops: CAiSE 2014. Springer, Cham, pp 299–309

    Chapter  Google Scholar 

  40. Czarnecki K, Eisenecker UW (2000) Generative programming: methods, tools, and applications, vol 1. Addison-Wesley, Boston

    Google Scholar 

  41. Šípka M (2005) Exploring the commonality in feature modeling notations. In: Bielikova M (ed) Proceedings of IIT. SRC, California, pp 139–144

    Google Scholar 

  42. Kavakli E, Kalloniatis C, Loucopoulos P, Gritzalis S (2006) Incorporating privacy requirements into the system design process: the PriS conceptual framework. Internet Res 16(2):140–158

    Article  Google Scholar 

  43. ENISA (2013) Cloud computing incident reporting: framework for reporting about major cloud security incidents, p 38

  44. Beebe N, Clark J (2005) Dealing with terabyte data sets in digital investigations. In: Pollitt M, Shenoi S (eds) Proceedings of the IFIP international Conference on Digital Forensics, National Center for Forensic Science. Advances in digital forensics, Orlando, Florida. Springer, New York, pp 3–16

    Google Scholar 

  45. Grispos G, Storer T, Glisson WB (2012) Calm before the storm: the challenges of cloud computing in digital forensics. Int J Digit Crime Forensics 4(2):28–48

    Article  Google Scholar 

  46. Kokolakis S, Demopoulos AJ, Kiountouzis EA (2000) The use of business process modelling in information systems security analysis and design. Inf Manag Comput Secur 8(3):107–116

    Article  Google Scholar 

  47. Alotaibi Y, Liu F (2014) A novel secure business process modeling approach and its impact on business performance. Inf Sci 277(Supplement C):375–395

    Article  Google Scholar 

  48. Peffers K, Tuunanen T, Rothenberger MA, Chatterjee S (2007) A design science research methodology for information systems research. J Manag Inf Syst 24(3):45–77

    Article  Google Scholar 

  49. Geerts GL (2011) A design science research methodology and its application to accounting information systems research. Int J Account Inf Syst 12(2):142–151

    Article  MathSciNet  Google Scholar 

  50. Gregor S, Hevner AR (2013) Positioning and presenting design science research for maximum impact. MIS Q 37(2):337–356

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Privacy Engineering and Social Informatics Laboratory, Department of Cultural Technology and Communication, University of the Aegean, 81100, University Hill, Mytilene, Greece

    Stavros Simou & Christos Kalloniatis

  2. Information and Communication Systems Security Laboratory, Department of Information and Communications Systems Engineering, University of the Aegean, 83200, Samos, Greece

    Stefanos Gritzalis

  3. Department of Computing and Informatics, Bournemouth University, Poole House, Fern Barrow, BH12 5BB, UK

    Vasilios Katos

Authors
  1. Stavros Simou
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christos Kalloniatis
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Stefanos Gritzalis
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Vasilios Katos
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Stavros Simou.

Rights and permissions

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

Simou, S., Kalloniatis, C., Gritzalis, S. et al. A framework for designing cloud forensic-enabled services (CFeS). Requirements Eng 24, 403–430 (2019). https://doi.org/10.1007/s00766-018-0289-y

Download citation

  • Received:

  • Accepted:

  • Published:

  • Issue Date:

  • DOI: https://doi.org/10.1007/s00766-018-0289-y

Keywords

Search

Navigation