Abstract
Cloud computing has become one of the most game changing technologies in the recent history of computing. It is gaining acceptance and growing in popularity. However, due to its infancy, it encounters challenges in strategy, capabilities, as well as technical, organizational, and legal dimensions. Cloud service providers and customers do not yet have any proper strategy or process that paves the way for a set procedure on how to investigate or go about the issues within the cloud. Due to this gap, they are not able to ensure the robustness and suitability of cloud services in relation to supporting investigations of criminal activity. Moreover, both cloud service providers and customers have not yet established adequate forensic capabilities that could assist investigations of criminal activities in the cloud. The aim of this chapter is to provide an overview of the emerging field of cloud forensics and highlight its capabilities, strategy, investigation, challenges, and opportunities. This paper also provides a detailed discussion in relation to strategic planning for cloud forensics.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
ACPO. (2012). ACPO Good Practice Guide for Digital Evidence, U.K. Association of Chief Police Officers.
Beebe, N., & Clark, J. (2005). A hierarchical, objectives-based framework for the digital investigations process. Digital Investigation, 2(2), 147–167.
Beebe, N. (2009). Digital forensic research: The good, the bad and the unaddressed. In International Conference on Digital Forensics (pp. 17–36). Berlin: Springer.
Broadhurst, R. (2006). Developments in the global law enforcement of cybercrime. Policing: International Journal of Police Strategies and Management, 29(2), 408–433.
CSA. (2009). Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. Retrieved October 11, 2016, from https://cloudsecurityalliance.org/csaguide.pdf.
Carrier, B., & Spafford, E. (2003). Getting physical with the digital investigation process. International Journal of Digital Evidence, 2(2), 1–20.
Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers and the internet (3rd ed.). New York: Elsevier Academic Press.
Catteddu, D. (2010). Cloud computing: Benefits, risks and recommendations for information security. In Web application security (pp. 17–17). Berlin: Springer.
Chabrow, E. (2011). 5 Essential Characteristics of Cloud Computing. Retrieved October 10, 2016, from http://www.inforisktoday.co.uk/5-essential-characteristics-cloud-computing-a-4189.
Cruz, X. (2010). The Basics of Cloud Forensics. Retrieved October 10, 2016, from http://cloudtimes.org/2012/11/05/the-basics-of-cloud-forensics/.
EurActiv. (2011). Cloud computing: A legal maze for Europe. Retrieved October 10, 2016, from http://www.euractiv.com/section/innovation-industry/linksdossier/cloud-computing-a-legal-maze-for-europe/.
Freiling, C., & Schwittay, B. (2007). A common process model for incident response and computer forensics. In 3rd International Conference on IT-Incident Management & IT-Forensics, (pp. 19–40).
ISO/IEC. (2011). ISO/IEC 27035. Information technology–security techniques–information security incident management. Geneva, Switzerland: International Organization for Standardization.
ISO/IEC. (2015). ISO/IEC 27043: Incident investigation principles and processes. London: British Standards Institution.
Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Guide to integrating forensic techniques into incident response. NIST Special Publication, 800–86.
Kohn, M., Eloff, M., & Eloff, J. (2013). Integrated digital forensic process model. Computers & Security, 38, 103–115.
Liles, S., Rogers, M., & Hoebich, M. (2009). A survey of the legal issues facing digital forensic experts. In International Conference on Digital Forensics (pp. 267–276). Berlin: Springer.
Lukan, D. (2014). Cloud Forensics: An Overview. Retrieved October 11, 2016, from http://resources.infosecinstitute.com/overview-cloud-forensics/.
Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. Communications of the ACM, 53(6), 50.
Meyers, M., & Rogers, M. (2004). Computer forensics: The need for standardization and certification. International Journal of Digital Evidence, 3(2), 1–11.
Montasari, R. (2016). A comprehensive digital forensic investigation process model. International Journal of Electronic Security and Digital Forensics (IJESDF), 8(4), 285–301.
Montasari, R., & Peltola, P. (2015) Computer forensic analysis of private browsing modes. In Proceedings of 10th International Conference on Global Security, Safety and Sustainability: Tomorrow’s Challenges of Cyber Security (pp. 96–109). London: Springer International Publishing.
Oberheide, J., Cooke, E., & Jahanian, V. (2008). CloudAV: N-version antivirus in the network cloud. In Proceedings of the Seventeenth USENIX Security Conference (pp. 91–106).
Palmer, G. (2001). A road map for digital forensic research. 1st Digital Forensic Research Workshop (DFRWS) (pp. 27–30).
Perry, R., Hatcher, E., Mahowald, R., & Hendrick, S. (2009). Force. com Cloud Platform Drives Huge Time to Market and Cost Savings. IDC White Paper, International Data Corporation, Framingham, Massachusetts.
Quick, D., & Choo, K. (2016). Big forensic data reduction: Digital forensic images and electronic evidence. Cluster Computing, 1–18.
Roussev, V., Wang, L., Richard, G., & Marziale, L. (2009). A cloud computing platform for large-scale forensic computing. In International Conference on Digital Forensics (pp. 201–214). Berlin: Springer.
Rowlingson, R. (2004). A ten step process for forensic readiness. International Journal of Digital Evidence, 2(3), 1–28.
Ruan, K., Carthy, J., Kechadi, T., & Crosbie, M. (2011). Cloud forensics. In International Conference on Digital Forensics (pp. 35–46). Berlin: Springer.
US-CERT. (2012). Computer Forensics. U.S. Department of Homeland Security. Retrieved June 17, 2006, from https://www.us-cert.gov/security-publications/computer-forensics.
Valjarevic, A., & Venter, H. (2015). A comprehensive and harmonized digital forensic investigation process model. Journal of Forensic Sciences, 60(6), 1467–1483.
Wilson, D. (2015). Legal Issues with Cloud Forensics. Retrieved October 12, 2016, from http://digital.forensicmag.com/forensics/april_may_2015?pg=18#pg18.
Zawoad, S., & Hasan, R. (2013). Digital Forensics in the Cloud, In Alabama University in Birmingham (pp. 1–4).
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2017 Springer International Publishing AG
About this chapter
Cite this chapter
Montasari, R. (2017). An Overview of Cloud Forensics Strategy: Capabilities, Challenges, and Opportunities. In: Hosseinian-Far, A., Ramachandran, M., Sarwar, D. (eds) Strategic Engineering for Cloud Computing and Big Data Analytics. Springer, Cham. https://doi.org/10.1007/978-3-319-52491-7_11
Download citation
DOI: https://doi.org/10.1007/978-3-319-52491-7_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-52490-0
Online ISBN: 978-3-319-52491-7
eBook Packages: EngineeringEngineering (R0)