Skip to main content
SpringerLink
Log in

An Overview of Cloud Forensics Strategy: Capabilities, Challenges, and Opportunities

  • Chapter
  • First Online:
Strategic Engineering for Cloud Computing and Big Data Analytics

Abstract

Cloud computing has become one of the most game changing technologies in the recent history of computing. It is gaining acceptance and growing in popularity. However, due to its infancy, it encounters challenges in strategy, capabilities, as well as technical, organizational, and legal dimensions. Cloud service providers and customers do not yet have any proper strategy or process that paves the way for a set procedure on how to investigate or go about the issues within the cloud. Due to this gap, they are not able to ensure the robustness and suitability of cloud services in relation to supporting investigations of criminal activity. Moreover, both cloud service providers and customers have not yet established adequate forensic capabilities that could assist investigations of criminal activities in the cloud. The aim of this chapter is to provide an overview of the emerging field of cloud forensics and highlight its capabilities, strategy, investigation, challenges, and opportunities. This paper also provides a detailed discussion in relation to strategic planning for cloud forensics.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 89.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 119.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 169.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. ACPO. (2012). ACPO Good Practice Guide for Digital Evidence, U.K. Association of Chief Police Officers.

    Google Scholar 

  2. Beebe, N., & Clark, J. (2005). A hierarchical, objectives-based framework for the digital investigations process. Digital Investigation, 2(2), 147–167.

    Article  Google Scholar 

  3. Beebe, N. (2009). Digital forensic research: The good, the bad and the unaddressed. In International Conference on Digital Forensics (pp. 17–36). Berlin: Springer.

    Google Scholar 

  4. Broadhurst, R. (2006). Developments in the global law enforcement of cybercrime. Policing: International Journal of Police Strategies and Management, 29(2), 408–433.

    Google Scholar 

  5. CSA. (2009). Security Guidance for Critical Areas of Focus in Cloud Computing V2.1. Retrieved October 11, 2016, from https://cloudsecurityalliance.org/csaguide.pdf.

  6. Carrier, B., & Spafford, E. (2003). Getting physical with the digital investigation process. International Journal of Digital Evidence, 2(2), 1–20.

    Google Scholar 

  7. Casey, E. (2011). Digital evidence and computer crime: Forensic science, computers and the internet (3rd ed.). New York: Elsevier Academic Press.

    Google Scholar 

  8. Catteddu, D. (2010). Cloud computing: Benefits, risks and recommendations for information security. In Web application security (pp. 17–17). Berlin: Springer.

    Google Scholar 

  9. Chabrow, E. (2011). 5 Essential Characteristics of Cloud Computing. Retrieved October 10, 2016, from http://www.inforisktoday.co.uk/5-essential-characteristics-cloud-computing-a-4189.

  10. Cruz, X. (2010). The Basics of Cloud Forensics. Retrieved October 10, 2016, from http://cloudtimes.org/2012/11/05/the-basics-of-cloud-forensics/.

  11. EurActiv. (2011). Cloud computing: A legal maze for Europe. Retrieved October 10, 2016, from http://www.euractiv.com/section/innovation-industry/linksdossier/cloud-computing-a-legal-maze-for-europe/.

  12. Freiling, C., & Schwittay, B. (2007). A common process model for incident response and computer forensics. In 3rd International Conference on IT-Incident Management & IT-Forensics, (pp. 19–40).

    Google Scholar 

  13. ISO/IEC. (2011). ISO/IEC 27035. Information technology–security techniques–information security incident management. Geneva, Switzerland: International Organization for Standardization.

    Google Scholar 

  14. ISO/IEC. (2015). ISO/IEC 27043: Incident investigation principles and processes. London: British Standards Institution.

    Google Scholar 

  15. Kent, K., Chevalier, S., Grance, T., & Dang, H. (2006). Guide to integrating forensic techniques into incident response. NIST Special Publication, 800–86.

    Google Scholar 

  16. Kohn, M., Eloff, M., & Eloff, J. (2013). Integrated digital forensic process model. Computers & Security, 38, 103–115.

    Article  Google Scholar 

  17. Liles, S., Rogers, M., & Hoebich, M. (2009). A survey of the legal issues facing digital forensic experts. In International Conference on Digital Forensics (pp. 267–276). Berlin: Springer.

    Google Scholar 

  18. Lukan, D. (2014). Cloud Forensics: An Overview. Retrieved October 11, 2016, from http://resources.infosecinstitute.com/overview-cloud-forensics/.

  19. Mell, P., & Grance, T. (2011). The NIST definition of cloud computing. Communications of the ACM, 53(6), 50.

    Google Scholar 

  20. Meyers, M., & Rogers, M. (2004). Computer forensics: The need for standardization and certification. International Journal of Digital Evidence, 3(2), 1–11.

    Google Scholar 

  21. Montasari, R. (2016). A comprehensive digital forensic investigation process model. International Journal of Electronic Security and Digital Forensics (IJESDF), 8(4), 285–301.

    Article  Google Scholar 

  22. Montasari, R., & Peltola, P. (2015) Computer forensic analysis of private browsing modes. In Proceedings of 10th International Conference on Global Security, Safety and Sustainability: Tomorrow’s Challenges of Cyber Security (pp. 96–109). London: Springer International Publishing.

    Google Scholar 

  23. Oberheide, J., Cooke, E., & Jahanian, V. (2008). CloudAV: N-version antivirus in the network cloud. In Proceedings of the Seventeenth USENIX Security Conference (pp. 91–106).

    Google Scholar 

  24. Palmer, G. (2001). A road map for digital forensic research. 1st Digital Forensic Research Workshop (DFRWS) (pp. 27–30).

    Google Scholar 

  25. Perry, R., Hatcher, E., Mahowald, R., & Hendrick, S. (2009). Force. com Cloud Platform Drives Huge Time to Market and Cost Savings. IDC White Paper, International Data Corporation, Framingham, Massachusetts.

    Google Scholar 

  26. Quick, D., & Choo, K. (2016). Big forensic data reduction: Digital forensic images and electronic evidence. Cluster Computing, 1–18.

    Google Scholar 

  27. Roussev, V., Wang, L., Richard, G., & Marziale, L. (2009). A cloud computing platform for large-scale forensic computing. In International Conference on Digital Forensics (pp. 201–214). Berlin: Springer.

    Google Scholar 

  28. Rowlingson, R. (2004). A ten step process for forensic readiness. International Journal of Digital Evidence, 2(3), 1–28.

    Google Scholar 

  29. Ruan, K., Carthy, J., Kechadi, T., & Crosbie, M. (2011). Cloud forensics. In International Conference on Digital Forensics (pp. 35–46). Berlin: Springer.

    Google Scholar 

  30. US-CERT. (2012). Computer Forensics. U.S. Department of Homeland Security. Retrieved June 17, 2006, from https://www.us-cert.gov/security-publications/computer-forensics.

  31. Valjarevic, A., & Venter, H. (2015). A comprehensive and harmonized digital forensic investigation process model. Journal of Forensic Sciences, 60(6), 1467–1483.

    Article  Google Scholar 

  32. Wilson, D. (2015). Legal Issues with Cloud Forensics. Retrieved October 12, 2016, from http://digital.forensicmag.com/forensics/april_may_2015?pg=18#pg18.

  33. Zawoad, S., & Hasan, R. (2013). Digital Forensics in the Cloud, In Alabama University in Birmingham (pp. 1–4).

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Department of Computing and Mathematics, University of Derby, Kedleston Road, Derby, DE22 1GB, UK

    Reza Montasari

Authors
  1. Reza Montasari
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reza Montasari .

Editor information

Editors and Affiliations

  1. School of Computing, Creative Technologies and Engineering, Leeds Beckett University, Leeds, United Kingdom

    Amin Hosseinian-Far

  2. School of Computing, Creative Technologies and Engineering, Leeds Beckett University, Leeds, United Kingdom

    Muthu Ramachandran

  3. School of Computing, Creative Technologies and Engineering, Leeds Beckett University, Leeds, United Kingdom

    Dilshad Sarwar

Rights and permissions

Reprints and permissions

Copyright information

© 2017 Springer International Publishing AG

About this chapter

Cite this chapter

Montasari, R. (2017). An Overview of Cloud Forensics Strategy: Capabilities, Challenges, and Opportunities. In: Hosseinian-Far, A., Ramachandran, M., Sarwar, D. (eds) Strategic Engineering for Cloud Computing and Big Data Analytics. Springer, Cham. https://doi.org/10.1007/978-3-319-52491-7_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-52491-7_11

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-52490-0

  • Online ISBN: 978-3-319-52491-7

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation