Abstract
Cloud computing is used by consumers to access cloud services. Malicious actors exploit vulnerabilities of cloud services to attack consumers. The link between these two assumptions is the cloud service. Although cloud forensics assists in the direction of investigating and solving cloud-based cyber-crimes, in many cases the design and implementation of cloud services fall back. Software designers and engineers should focus their attention on the design and implementation of cloud services that can be investigated in a forensic sound manner. This paper presents a methodology that aims on assisting designers to design cloud forensic-enabled services. The methodology supports the design of cloud services by implementing a number of steps to make the services cloud forensic enabled. It consists of a set of cloud forensic constraints, a modeling language expressed through a conceptual model and a process based on the concepts identified and presented in the model. The main advantage of the proposed methodology is the correlation of cloud services’ characteristics with the cloud investigation while providing software engineers the ability to design and implement cloud forensic-enabled services via the use of a set of predefined forensic-related tasks.
Similar content being viewed by others
References
Skyhigh (2016) Cloud adoption and risk report Q4 2016. Skyhigh, p 33
Martini B, Choo K-KR (2014) Distributed filesystem forensics: XtreemFS as a case study. Digit Invest 11(4):295–313
Wilshusen GC (2016) Federal information security: actions needed to address challenges. U.S. Government Accountability Office, Washington, D. C., p 17
Simou S, Kalloniatis C, Mouratidis H, Gritzalis S (2016) Towards a model-based framework for forensic-enabled cloud information systems. In: Katsikas S, Lambrinoudakis C, Furnell S (eds) Proceedings of the trust, privacy and security in digital business: 13th international conference, TrustBus 2016, Porto, Portugal. Springer, Switzerland, pp 35–47
McKemmish R (1999) What is forensic computing? Trends and issues in crime and criminal justice. Canberra Aust Aust Inst Criminol 118:1–6
Palmer G (2001) A road map for digital forensic research. technical report from the first digital forensics research workshop (DFRWS). In: Proceedings of the first digital forensic research workshop, Utica, New York, USA, pp 1–48
U.S. Department of Justice (2001) Electronic crime scene investigation: a guide for first responders. In: NIJ research report, NCJ 187736, Washington, p 96
Reith M, Carr C, Gunsch G (2002) An examination of digital forensic models. Int J Digit Evid 1(3):1–12
Carrier B, Spafford EH (2003) Getting physical with the digital investigation process. Int J Digit Evid 2(2):1–20
Baryamureeba V, Tushabe F (2004) The enhanced digital investigation process model. In: Proceedings of the fourth digital forensic research workshop (DFRWS), Baltimore, MD, USA
Ciardhuáin SÓ (2004) An extended model of cybercrime investigations. Int J Digit Evid 3(1):1–22
Selamat SR, Yusof R, Sahib S (2008) Mapping process of digital forensic investigation framework. Int J Comput Sci Netw Secur 8(10):163–169
Beebe NL, Clark JG (2005) A hierarchical, objectives-based framework for the digital investigations process. Digit Invest Int J Digit Forensic Incid Response 2(2):147–167
Kent K, Chevalier S, Grance T, Dang H (2006) Guide to integrating forensic techniques into incident response. NIST Special Publication. SP 800-86, p 121
von Solms S, Louwrens C, Reekie C, Grobler T (2006) A control framework for digital forensics. In: Olivier MS, Shenoi S (eds) Proceedings of the IFIP international conference on digital forensics, National Center for Forensic Science. Advances in digital forensics II, Orlando, Florida. Springer, New York, pp 343–355
Cohen FB (2010) Fundamentals of digital forensic evidence. In: Stavroulakis P, Stamp M (eds) Handbook of information and communication security. Springer, Berlin, pp 789–808
Agarwal A, Gupta M, Gupta S, Gupta SC (2011) Systematic digital forensic investigation model. Int J Comput Sci Secur 5(1):118–131
Valjarevic A, Venter HS (2012) Harmonised digital forensic investigation process model. In: Proceedings of the 2012 information security for South Africa (ISSA), Johannesburg, South Africa, pp 1–10
Guo H, Jin B, Shang T (2012) Forensic investigations in cloud environments. In: Proceedings of the 2012 international conference on computer science and information processing (CSIP), Xi’an, Shaanxi, pp 248–251
Chen G, Du Y, Qin P, Du J (2012) Suggestions to digital forensics in cloud computing ERA. In: 3rd IEEE international conference on network infrastructure and digital content (IC-NIDC), Beijing, China, pp 540–544
Martini B, Choo K-KR (2012) An integrated conceptual digital forensic framework for cloud computing. Digit Investig 9(2):71–80
Ruan K, Carthy J (2012) Cloud Forensic maturity model. In: Rogers M, Seigfried-Spellar KC (eds) Proceedings of the 4th international conference on digital forensics and cyber crime (ICDF2C). Springer, Berlin, pp 22–41
Adams R (2013) The emergence of cloud storage and the need for a new digital forensic process model. In: Ruan K (ed) Cybercrime and cloud forensics: applications for investigation processes. IGI Global, Hershey, pp 79–104
Kohn MD, Eloff MM, Eloff JH (2013) Integrated digital forensic process model. Comput Secur 38:103–115
Zawoad S, Hasan R, Skjellum A (2015) OCF: an open cloud forensics model for reliable digital forensics. In: IEEE 8th international conference on cloud computing (CLOUD). New York City, NY, pp 437–444
Simou S, Kalloniatis C, Gritzalis S, Mouratidis H (2016) A survey on cloud forensics challenges and solutions. Secur Commun Netw 9(18):6285–6314
Simou S, Kalloniatis C, Kavakli E, Gritzalis S (2014) Cloud forensics: identifying the major issues and challenges. In: Jarke M, Mylopoulos J, Quix C, Rolland C, Manolopoulos Y, Mouratidis H, Horkoff J (eds) Proceedings of the 26th international conference on advanced information systems engineering (CAiSE). Thessaloniki, Greece. Springer, Cham, pp 271–284
Kalloniatis C, Mouratidis H, Vassilis M, Islam S, Gritzalis S, Kavakli E (2014) Towards the design of secure and privacy-oriented information systems in the cloud: Identifying the major concepts. Comput Stand Interfaces 36(4):759–775
Zawoad S, Hasan R (2015) FECloud: a trustworthy forensics-enabled cloud architecture. In: Peterson G, Shenoi S (eds) Advances in digital forensics XI. Springer, Berlin, pp 271–285
Liu F, Tong J, Mao J, Bohn R, Messina J, Badger L, Leaf D (2011) NIST cloud computing reference architecture. In: NIST special publication. National Institute of Standards and Technology, SP 500-292, p 35
Catteddu D, Felici D, Hogben G, Holcroft A, Kosta E, Leenes R, Millard C, Niezen M, Nunez D, Papanikolaou N (2013) Towards a model of accountability for cloud computing services. In: Proceedings of the DIMACS/BIC/A4Cloud/CSA international workshop on trustworthiness, accountability and forensics in the cloud (TAFC), Malaga, Spain
Cloud Accountability Project (2016) Accountability in the cloud-conceptual framework. Cited 2018 Feb 18. http://a4cloud.eu/about.html
Newcombe L (2012) Securing cloud services: a pragmatic approach to security architecture in the cloud. IT Governance Publishing, Ely
NIST (2013) NIST cloud computing security reference architecture. In: Working document, Draft SP 500-299. National Institute of Standards and Technology, p 204
Ruan K, Carthy J, Kechadi T, Crosbie M (2011) Cloud forensics. In: Peterson G, Shenoi S (eds) Proceedings of the 7th IFIP WG 11.9 international conference on digital forensics. advances in digital forensics VII. Springer, Berlin, pp 35–46
Chang C, Ramachandran M (2016) Towards achieving data security with the cloud computing adoption framework. Trans Serv Comput 9(1):138–151
Kalloniatis C, Kavakli E, Gritzalis S (2008) Addressing privacy requirements in system design: the PriS method. Requir Eng 13(3):241–255
Shei S, Kalloniatis C, Mouratidis H, Delaney A (2016) Modelling secure cloud computing systems from a security requirements perspective. In: Katsikas S, Lambrinoudakis C, Furnell S (eds) Proceedings of the trust, privacy and security in digital business: 13th international conference, TrustBus 2016. Porto, Portugal. Springer, Switzerland, pp 48–62
Simou S, Kalloniatis C, Kavakli E, Gritzalis S (2014) Cloud forensics solutions: a review. In: Iliadis L, Papazoglou M, Pohl K (eds) Proceedings of the 4th international workshop on information systems security engineering (WISSE). Advanced information systems engineering workshops: CAiSE 2014. Springer, Cham, pp 299–309
Czarnecki K, Eisenecker UW (2000) Generative programming: methods, tools, and applications, vol 1. Addison-Wesley, Boston
Šípka M (2005) Exploring the commonality in feature modeling notations. In: Bielikova M (ed) Proceedings of IIT. SRC, California, pp 139–144
Kavakli E, Kalloniatis C, Loucopoulos P, Gritzalis S (2006) Incorporating privacy requirements into the system design process: the PriS conceptual framework. Internet Res 16(2):140–158
ENISA (2013) Cloud computing incident reporting: framework for reporting about major cloud security incidents, p 38
Beebe N, Clark J (2005) Dealing with terabyte data sets in digital investigations. In: Pollitt M, Shenoi S (eds) Proceedings of the IFIP international Conference on Digital Forensics, National Center for Forensic Science. Advances in digital forensics, Orlando, Florida. Springer, New York, pp 3–16
Grispos G, Storer T, Glisson WB (2012) Calm before the storm: the challenges of cloud computing in digital forensics. Int J Digit Crime Forensics 4(2):28–48
Kokolakis S, Demopoulos AJ, Kiountouzis EA (2000) The use of business process modelling in information systems security analysis and design. Inf Manag Comput Secur 8(3):107–116
Alotaibi Y, Liu F (2014) A novel secure business process modeling approach and its impact on business performance. Inf Sci 277(Supplement C):375–395
Peffers K, Tuunanen T, Rothenberger MA, Chatterjee S (2007) A design science research methodology for information systems research. J Manag Inf Syst 24(3):45–77
Geerts GL (2011) A design science research methodology and its application to accounting information systems research. Int J Account Inf Syst 12(2):142–151
Gregor S, Hevner AR (2013) Positioning and presenting design science research for maximum impact. MIS Q 37(2):337–356
Author information
Authors and Affiliations
Corresponding author
Rights and permissions
About this article
Cite this article
Simou, S., Kalloniatis, C., Gritzalis, S. et al. A framework for designing cloud forensic-enabled services (CFeS). Requirements Eng 24, 403–430 (2019). https://doi.org/10.1007/s00766-018-0289-y
Received:
Accepted:
Published:
Issue Date:
DOI: https://doi.org/10.1007/s00766-018-0289-y