Reference Architecture for a Cloud Forensic Readiness System

The Digital Forensic science is participating to a brand new change represented by the management of incidents in the Cloud Computing Services. Due that the Cloud Computing architecture is uncontrollable because of some specific features, its use to commit crimes is becoming a very critical issue, too. Proactive Cloud Forensics becomes a matter of urgency, due to its capability of collecting critical data before crimes happen, thus saving time and money for the subsequent investigations. In this paper, a proposal for a Cloud Forensic Readiness System is presented. It is conceived as reference architecture, in order to be of general applicability, not technically constrained by any Cloud architecture. The principal aim of this work is to extend our initial proposed Cloud Forensic Readiness System reference architecture, by providing more details and an example of its application by exploiting the Open Stack Cloud Platform.

[1]  Alan T. Sherman,et al.  Acquiring forensic evidence from infrastructure-as-a-service cloud computing: Exploring and evaluating tools, trust, and techniques , 2012, Digit. Investig..

[2]  P. Mell,et al.  SP 800-145. The NIST Definition of Cloud Computing , 2011 .

[3]  Hein S. Venter,et al.  Digital forensic readiness in the cloud , 2013, 2013 Information Security for South Africa.

[4]  Shahrzad Zargari,et al.  Cloud Forensics: Concepts, Issues, and Challenges , 2012, 2012 Third International Conference on Emerging Intelligent Data and Web Technologies.

[5]  Joe Carthy,et al.  Cloud Computing Reference Architecture and Its Forensic Implications: A Preliminary Analysis , 2012, ICDF2C.

[6]  Hein S. Venter,et al.  The architecture of a digital forensic readiness management system , 2013, Comput. Secur..

[7]  Hein S. Venter,et al.  Towards a Digital Forensic Readiness Framework for Public Key Infrastructure systems , 2011, 2011 Information Security for South Africa.

[8]  Frank Gens,et al.  Cloud Computing Benefits, risks and recommendations for information security , 2010 .

[9]  Janice C. Sipior,et al.  The Internet Jurisdiction Risk of Cloud Computing , 2010, Inf. Syst. Manag..

[10]  Buks Louwrens,et al.  Digital Forensic Readiness as a Component of Information Security Best Practice , 2007, SEC.

[11]  Vishal R. Ambhire Digital Forensic Tools , 2012 .

[12]  M. Tahar Kechadi,et al.  Cloud forensics definitions and critical criteria for cloud forensic capability: An overview of survey results , 2013, Digit. Investig..

[13]  Christoph Wegener,et al.  Technical Issues of Forensic Investigations in Cloud Computing Environments , 2011, 2011 Sixth IEEE International Workshop on Systematic Approaches to Digital Forensic Engineering.

[14]  E. S. Pilli,et al.  Cloud Forensics: State-of-the-Art and Research Challenges , 2012, 2012 International Symposium on Cloud and Services Computing.

[15]  M. Tahar Kechadi,et al.  Cloud Forensic Readiness: Foundations , 2013, ICDF2C.

[16]  Deborah A. Frincke,et al.  A Theoretical Framework for Organizational Network Forensic Readiness , 2007, J. Comput..

[17]  Alan T. Sherman,et al.  Design and Implementation of FROST - Digital Forensic Tools for the OpenStack Cloud Computing Platform , 2016 .

[18]  B. Hepple Association of Chief Police Officers , 2015 .

[19]  Francois Mouton,et al.  A prototype for achieving digital forensic readiness on wireless sensor networks , 2011, IEEE Africon '11.

[20]  Denis Reilly,et al.  Cloud Computing: Pros and Cons for Computer Forensic Investigations , 2011 .

[21]  Barbara Endicott-Popovsky,et al.  Legal Process and Requirements for Cloud Forensic Investigations , 2012 .

[22]  Dc Washington National Institute of Justice. , 2010 .

[23]  Robert Rowlingson,et al.  A Ten Step Process for Forensic Readiness , 2004, Int. J. Digit. EVid..