Site Loader

Abstract- Cloud computing is going to be popular among organizations
of Bangladesh keep in touch with the virtualization technologies. It is a new computing paradigm, involving data computation outsourcing with
Infinite and elastic resource scalability, On demand “just-in-time”
provisioning, No upfront cost means pay-as-you-go are some of the attractions of the cloud computing. That is, use as much or as less you need, use only when you want,
and pay only what you uses. Cloud
computing uses increasing rapidly in the world for that cloud forensics is essential
because security risks are surrounding the new technologies. Cloud
computing and digital forensics are both together called Cloud forensics which
is developing and understanding of the main aspects of both cloud computing and
digital forensics. In cloud
computing it is necessary to identify its impact on current digital forensics
guidelines and procedures and understand its characteristics and the different
services and deployment models but also to survey the solid foundation of cloud
computing such as virtualization. Papers discussing the concept, issues,
challenges, problem, possibilities and future of cloud computing and digital
forensics in relation to cloud forensics, in this paper, I will discuss the
foundation of cloud forensics elements which are required to provide forensics friendly
cloud services. Furthermore, I suggest a set of questions that will aid in the
process of cloud forensics analysis.

 

CLOUD
FORENSICS

Cloud
forensics is the combination of digital forensics and cloud computing. The
cloud computing benefits are the reasons that are making forensic community
concerned. The scalability of the cloud means at one point, data from different
sources can occupy the same sectors within the storage media which creates a
dilemma during ediscovery, while a company is being investigated; the
investigator unknowingly acquires residual data from another company 20. The
growth of storage capacity in cloud computing is a disadvantage for digital
forensics since there would be more forensic data and more time consumption to
analyse the data, of course, if nothing goes wrong. There are other
insufficiencies and incompatibles of the traditional digital forensics methods
(e.g. encryption, multi-jurisdiction, & proliferation of endpoints) in
cloud computing therefore it is necessary to adopt digital forensics knowledge
and tools in cloud computing in order to establish a forensic capability toward
reducing cloud security risks 23. Cloud computing is a new model and digital
forensics community is still exploring what difficulties this new technology is
carrying for them. There have been many published papers
stating the potential encountered difficulties in the process of maintaining
the chain of custody. Even leading private or public organizations like SANS,
ISACA or NIST have not yet presented a set of recommendations or best practices
to follow when there is a security incident inside of the cloud or guidelines on
how to implement the cloud in organizations 6. In some cases, cloud computing
could be able to assist network forensics in their online investigations for
cybercrimes. Criminals may abuse professional anonymous communications systems
such as Tor and Anamymizer which were originally designed for protecting
network users form identity theft and profiling. Therefore, law enforcement may
purchase tens of Amazon EC2 VMs, joining the Tor network as sentinels which can
act as entry & exit nodes for Tor circuits and would be able to determine
the attack sources within appropriate trace back techniques 11. Amazon web
services (AWS) is another good example which can automatically provide a MD5 of
every file that is on the system so when a bit by bit copy is being processed,
everything is carried over with it including the Metadata files in Microsoft
Office, email stores and exact backups 10.

 

Introduction

Cloud
computing Has the potential To become one of the most transformative
developments in the history of computing, following the footsteps of
mainframes, minicomputers, PCs (Personal Computers), smart phones, and so on
(Perry et al.,2009). It is radically changing how information technology
services are created, delivered, accessed and managed. Gartner estimates by 2015,
20% of non–?IT
Global 500 companies will be cloud service providers (Gartner,2010). However, the
rapid growth and an of cloud computing as an on?standard system (Beebe, 2009), is bringing
digital forensics deeper into the crisis it is facing (Garfinkel, 2010). Encryption,
prolife ration of endpoints, multi-?jurisdiction,
loss of data control, to name a few, are all challenges exacerbated in cloud
environments for forensic investigations due to a general lack of tools and expertise.
Cloud organizations, including CSPs (Cloud Service Provider) and cloud customers,
have to establish a cloud forensic capability; otherwise, they will face tremendous
difficulties in carrying out investigations on critical incidents in cloud architecture
such as criminal intrusions and major policy violations in order to restore operations,
data and services. They will also face difficulties when collaborating with law
enforcement in cases of resource confiscation, etc., due to lack of forensic knowledge
and preparation. Ruanetal. (2011) first gave an overview of cloud forensics, introduced
the cloud forensics three?dimensional
model, and analyzed some of the major challenges and opportunities of cloud forensics.
In order to validate the key areas covered in Ruanetal. (2011) and to study the
critical criteria for cloud forensic capability here searchers carried out this
survey towards digital forensic experts and practitioners around the world on some
key questions of cloud forensics, such as the definition of cloud forensics, the
most significant challenges and opportunities of cloud forensics, the most valuable
research direction for cloud forensics, etc. The survey was opened on13th Feb 2011and
was widely circulated.

Post Author: admin