Cloud computing, a service that offers data storage and services to businesses a

Admin/ July 13, 2022/ Forensic Science

Cloud computing, a service that offers data storage and services to businesses and individuals, presents significant challenges to the field of digital forensics.
As an option for convenient offsite storage of large volumes of data, popular cloud platforms offer services that can be attractive to organizations, including infrastructure as a service, software as a service, and platform as a service. These additional services allow organizations to expand productivity without adding costly services in house, while storing additional organizational data on the provider’s servers. As opposed to virtualized environments that offer additional resources at a fraction of the traditional cost, cloud systems are offsite, remote repositories.
The National Institute of Standards and Technology (NIST) provides numerous guidelines on the cloud. NIST defines the cloud computing as “a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” (NIST 2011b, p. 2). Providers offer services in different cloud infrastructures, including private, public, community, and hybrid (NIST, 2011a).
Cloud challenges in the field of digital forensics include ownership data/control of evidence and data location. The digital forensics steps of acquisition and preservation are both impacted by cloud storage, since data may be housed in multiple states and countries (so, governed by multiple jurisdictions), and at this point there is no way to guarantee all of the data is retrieved, even when the provider agrees to access. Further, many users interact with cloud services using mobile devices, which adds the complexity of proliferation of endpoints, as communication channels can involve multiple towers and hops.
The advantages cloud computing offers to organizations and the handling of big data are the same reasons cloud crime has escalated. Cyber criminals can use cloud ervices to conduct malicious activities and then easily leave one service to join another, erasing their digital footprint as the vacated space is quickly written over by the provider. Cybersecurity has a complicated interdependency with cloud, according to the NIST roadmap, which “presents certain unique security challenges resulting from the cloud’s very high degree of outsourcing, dependence on networks, sharing (multi-tenancy) and scale” (NIST, 2014).
The popularity of cloud computing, paired with its unique challenges, makes this technology an important issue for digital forensics. Legal challenges of the cloud involve privacy and jurisdiction, spanning the globe while inviting misuse. Adding to the challenges is a pervasive lack of proven tools for investigators and law enforcement to handle cloud storage. One promising option is forensics as a service (FaaS), whereby cloud providers would offer the forensic steps of data acquisition and preservation as a service for purchase. FaaS still needs to address encryption, as much of the information housed is protected before upload.
As part of the final deliverable for this project, you will write an analysis of how cloud computing challenges—including uses of encryption—are an issue for the field of digital forensics. You will also identify trends in combating these challenges.
References
National Institute of Standards and Technology (NIST). (2016) Special publication 500-317 (draft): Cloud computing and accessibility considerations. https://www.nist.gov/sites/default/files/documents/itl/cloud/sp500-317_v01-draft.pdf
National Institute of Standards and Technology (NIST). (2011a). Special publication 500-292: Cloud computing reference architecture. http://ws680.nist.gov/publication/get_pdf.cfm?pub_id=909505
National Institute of Standards and Technology (NIST). (2013). Special publication 500-291: Cloud computing standards roadmap, volume II. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.500-291r2.pdf
National Institute of Standards and Technology (NIST). (2011b). Special publication 800-145: Definition of cloud computing. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-145.pdf
National Institute of Standards and Technology (NIST). (2011c). Special publication 800-144: Guidelines on security and privacy in public cloud computing. http://nvlpubs.nist.gov/nistpubs/Legacy/SP/nistspecialpublication800-144.pdf
National Institute of Standards and Technology (NIST). (2014). Special publication 500-293: US government cloud computing technology toadmap, volume I. http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.500-293.pdf

Share this Post