Forensics Final Project

Abstract

Cloud forensics is on the verge of becoming one of the most transformative computer technologies used for computing purposes. The optimum capabilities of cloud forensics are still under study to establish how they can be applied in different fields to support activities like criminal investigations among others. This paper looks at cloud forensics from different aspects and perspectives. It touches on challenges, opportunities and various ways in which cloud forensics has been used.

Introduction

Cloud computing is capable of becoming one of the greatest transformative computer technologies.

It is expected to follow in the footsteps of mainframes, personal computers, minicomputers among others. Cloud computing is deeply influencing the manner in which information technology activities are carried out. It has changed the creation, delivery, access and management of Information technology services. Cloud computing is used to produce around a third of the net growth in the information technology sector. According to Ruan et al., (2011), the global cloud service market is expected to increase rapidly in the near future.

With the growing cloud services market, digital forensic cases are also increasing at a 35% rate every year (Ruan et al.,2011). This means that the volume of forensic data being processed has become too much it surpasses the capacity to process it timely. The growth of cloud computing expounds the issue of gauge for digital forensic activities. Additionally, it forms a new fa?ade for cybercrime investigations together with the tasks mentioned above. Digital forensic practitioners have to spread skills and equipment to fit in cloud computing environments.

Get quality help now

Marrie pro writer

Verified

Proficient in: Cloud Computing

5 (204)

“ She followed all my directions. It was really easy to contact her and respond very fast as well. ”

+84 relevant experts are online

Hire writer

Cloud Forensics

Cloud forensics refers to a joint collection of organizable networked resources such as applications, servers, or network that can be reorganized hurriedly without much struggle. Digital forensics can be defined as the use of computer ideologies to retrieve automated evidence for purposes of court presentation. Cloud forensics is a subgroup of computer networks that involves forensic enquiries of systems (Ruan et al., 2011). It is normally centred on the access of extensive networks. Thus, cloud forensics is based on segments of network forensics consisting of tailored methods to fit in cloud computing environments.

Cloud computing is a developing concept that is comprised of complex aspects. The main features of cloud computing have drastically cut IT costs, a factor that has led to widespread adoption of cloud computing services in the business world as well as the government. To ensure that services are available and to maintain the cost-effective feature, Cloud service providers (CPS) retain data centres in different parts of the globe (Ruan et al., 2011). Data kept in one area is simulated in other locations to ensure that there is abundant data and also to reduce the risk of failure. Depending on the models being used, the segregation of duties and responsibilities between the CPS and the customers differ accordingly. Similarly, the relations between various tenants who share the same cloud resources vary depending on the utilization model being used.

Some of the evasion settings in cloud forensics that generate more legal challenges are the aspects of numerous authorities and multi-tenancy settings. Complex interactions between CPS, customers and collaborations with global law execution groups are a necessity in the cloud forensic investigations. Cloud forensics is a multidimensional issue that can be approached from a technical dimension, organizational or legal dimensions (Ruan et al., 2011).

Technical Dimension

This aspect incorporates the measures and tools that are required to execute the forensic activity in the cloud computing environment. Some of these procedures are; collecting data, segregating evidence practical measures and live forensics. Data collection involves the identification, recording and the acquirement of forensic data. The techniques and instruments used to collect the forensic data vary in accordance with the specific model of data being used (Ruan et al., 2011). During the data collection process, there should be a clear separation of duties between the service providers and the client. The process should also adhere to laws and regulations in the jurisdiction areas of data collection. Furthermore, there should be no compromise of discretion of the various tenants who share cloud resources. For instance, public provider side artefacts need to segregate tenants whereas this may not be the case in private clouds.

One fundamental trait of cloud computing is the swift flexibility that enables cloud resources to be adjusted on demand. Due to this fact, cloud forensic tools also have to be flexible. Mostly, this includes live forensic kits for acquiring data, recovering data, examining and analyzing data. Another vital feature of cloud computing is the aspect of resource merging (Ruan et al., 2011). Through multi-tenant environments, cloud computing is able to reduce IT costs. However, this aspect of multi-tenant requires evidence to be segregated through compartmentalization. Therefore, the tools and processes developed must be able to separate forensic data between the numerous tenants using different cloud distribution paradigms. Virtualization is a vital technology in cloud implementation services.

Organizational Dimension

Forensic investigations are carried out between cloud service providers and customers. However, the interactions might expand if the CSP decides to give some of their activities to be performed by a third party. There are some cloud applications which depend on other CSPs as well. The dependencies of the applications may be very dynamic resulting in chains of CSPs and customers (Ruan et al., 2011). The cloud forensic investigations may involve all the links of the chains that have been created through dependencies.This is to mean that any kind of irregularities like corruption found in particular chains may result in serious problems. Organizational policies are important because they help to facilitate communication during forensic activities. The chains of CSPs are also required to liaise with other parties and academia. The third parties aid in assessing whereas the academia offers technical skills that help to improve efficiency and effectiveness in the way that investigations are carried out (Ruan et al., 2011).

Legal Dimension

Under this approach, there are legal requirements that state that regulations and agreements have to be developed to warrant that forensic undertakings do not violate laws and regulations in the dominions of the data location. It is also necessary for the privacy of tenants who share cloud resources to be upheld and reserved. Service level agreements (SLAs) define terms and conditions that govern the interactions between cloud service providers and customers to protect both parties (Ruan et al., 2011). Service level agreements should include the trust boundaries that should exist between cloud forensic parties, the specific functions and duties of CSP and customers concerning forensic investigations.Lastly, the manner of managing investigations should be done without breaking the applicable laws, regulations and secrecy policies.

Conclusion

To conclude everything, Cloud forensics is the future in the IT Sector. Years ahead, all companies will soon turn into using it since it is less time consuming & cost effective. We are talking about billions of data used to solve corruption, thefts & data breaches in a blink of an eye. With all the dimensions mentioned above, with progress, it will become the fastest, most secure & reliable way used in the Digital Forensics Sector.

Reference

1. Ruan, K., Carthy, J., Kechadi, T., & Crosbie, M. (2011, January). Cloud forensics. In IFIP International Conference on Digital Forensics (pp. 35-46). Springer, Berlin, Heidelberg.