Abstract
Forensics is undertaken to find out exactly what happened on a computing system and who or what was responsible for it. This is done by a structured investigation while maintaining a documented chain of evidence. Cloud computing is emerging as an attractive, cost effective computing paradigm. The early offerings of cloud capabilities have not provided security, monitoring or attribution that would allow an effective forensics investigation. The high assurance requirement presents many challenges to normal computing and some rather precise requirements that have developed from high assurance issues for web service applications and forensics applications of cloud systems. The challenges of high assurance and the maintenance of a documented chain of evidence associated with cloud computing are primarily in four areas. The first is virtualization and the loss of attribution that accompanies a highly virtualized environment. The second is the loss of ability to perform end-to-end communications. The third is the extent to which encryption is needed and the need for a comprehensive key management process for public key infrastructure, as well as session and other cryptologic keys. The fourth is in the availability of monitoring and logging for attribution, compliance and data forensics. Our view of high assurance and the issues associated with web services is shaped by our work with DoD and the Air Force, but applies to a broader range of applications.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Simpson, W.R., Coimbatore Chandersekaran: Cloud forensics issues. Lecture Notes in Engineering and Computer Science: Proceedings World Congress on Engineering 2012, pp. 475–480. London, 2–4 July 2014
Mell, P., Grance, T.: NIST SP 800–145 Draft: Cloud Computing, Computer Security Division, Information Technology Laboratory. National Institute of Standards and Technology, Gaithersburg, Jan 2011. http://csrc.nist.gov/publications/drafts/800-145/Draft-SP-800-145_cloud-definition.pdf
Jansen, W., Grance, T.: NIST SP 800–144 Draft: Guidelines on Security and Privacy in Public Cloud Computing, Security Division, Information Technology Laboratory. National Institute of Standards and Technology, Gaithersburg, Jan 2011. http://csrc.nist.gov/publications/drafts/800-144/Draft-SP-800-144_cloud-computing.pdf
Catteddu, D., Hogben, G.: European Network Information Security Agency (ENISA), Cloud Computing Risk Assessment, Nov 2009. http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment
Cloud Security Alliance, Security Guidance for Critical Areas of Focus in Cloud Computing V2.1, Dec 2009. https://cloudsecurityalliance.org/csaguide.pdf
Air Force Information Assurance Strategy Team, Air Force Information Assurance Enterprise Architecture, Version 1.70, SAF/XC, 15 Mar 2009 [Not available to all]
Windows Server 2003: Active Directory Infrastructure. Microsoft Press, pp. 1–8 to 1–9 (2003). ISBN: 0-7356-1438-5
OASIS Identity Federation, Liberty Alliance Project. Available at http://projectliberty.org/resources/specifications.php
OASIS Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. Available at http://www.oasis-open.org/committees/tc_home.php?wg_abbrev=security
Web Service Security: Scenarios, Patterns, and Implementation Guidance for Web Services Enhancements (WSE) 3.0. Microsoft Corporation (2005)
WSE 3.0 and WS-ReliableMessaging. Microsoft White Paper, June 2005. Available at http://msdn2.microsoft.com/en-us/library/ms996942(d=printer).aspx
SearchSecurity, Security Resources, computer forensics (cyber forensics). http://searchsecurity.techtarget.com/definition/computer-forensics
Remarks-Debra Chrapaty, Corporate Vice President, Global Foundation Services, Microsoft Mgt Summit, Las Vegas, May 2008. http://www.microsoft.com/Presspass/exec/debrac/mms2008.mspx
Bobbie Johnson, technology correspondent, guardian.co.uk, Cloud computing is a trap, warns GNU founder Richard Stallman, 29 Sept 2008. http://www.guardian.co.uk/technology/2008/sep/29/cloud.computing.richard.stallman
Andy Plesser, Executive Producer, Beet.tv, Cloud Computing is Hyped and Overblown, Forrester's Frank Gillett.....Big Tech Companies Have “Cloud Envy” http://www.beet.tv/2008/09/cloud-computing.html, 26 Sept 2008. Accessed 19 Feb 2011
Simpson, W.R., Coimbatore Chandersekaran: The 2nd International Multi-Conference on Engineering and Technological Innovation: IMETI2009, vol. I, pp. 300–305. Information Sharing and Federation, Orlando, July 2009
Simpson, W.R., Coimbatore Chandersekaran: International Journal of Computer Technology and Application (IJCTA). An Agent-Based Web-Services Monitoring System, vol. 2, no. 9, pp. 675–685, Sept 2011
Coimbatore Chandersekaran, Simpson, W.R.: Claims-based enterprise-wide access control. Lecture Notes in Engineering and Computer Science: Proceedings World Congress on Engineering 2012, pp. 524–529, London, 4–6 July 2012
Coimbatore Chandersekaran, Simpson, W.R.: Assured content delivery in the enterprise. Lecture Notes in Engineering and Computer Science: Proceedings World Congress on Engineering 2012, pp. 555–560, London, 4–6 July 2012
Simpson, W.R., and Coimbatore Chandersekaran: Claims-based authentication for a web-based enterprise. Lecture Notes in Engineering and Computer Science: Proceedings World Congress on Engineering 2013, pp. pp. 1204–1209, London, 3–5 July 2012
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer Science+Business Media Dordrecht
About this paper
Cite this paper
Simpson, W.R. (2015). Forensics Issues in Cloud Usage. In: Yang, GC., Ao, SI., Gelman, L. (eds) Transactions on Engineering Technologies. Springer, Dordrecht. https://doi.org/10.1007/978-94-017-9804-4_44
Download citation
DOI: https://doi.org/10.1007/978-94-017-9804-4_44
Publisher Name: Springer, Dordrecht
Print ISBN: 978-94-017-9803-7
Online ISBN: 978-94-017-9804-4
eBook Packages: EngineeringEngineering (R0)