Beruflich Dokumente
Kultur Dokumente
AHEAD
Anupam Tiwari
CEH, CCCSP, Chartered Engineer,
GFSU Certified Cyber Security Professional, B.E, M-Tech
(Computer Science), PGERP, PGDIS, PGDBM
Min of Defense
anupam.tiwari@nic.in
ABSTRACT
Cloud Computing is emerging amongst all the bombilate words of acclivitous technologies as
the most prodigious maturations in the chronicles of computing. As it still takes time to settle,
a new egressing challenge as felt whilst its implementation across has been a relatively more
newfangled field known as Cloud Forensics. Today as Cloud still needs time to mature and
offer its full exploitation, the even newer subfield Cloud Forensics is a carking cause to
negate immediate acceptance of cloud computing with open arms. The research in this field
is still in parturient stages to say from perspective of the way cases and incidents are being
handled on ground today.
To bring out few key pertinent issues that immediately come to the fore include Distributed
storage instead of the traditional Local storage which was easy to confiscate by the forensic
team or we take the issue of shared storage in a multi user environment that may be hired on
a time bound deal by the user from the CSP[1] or even if a particular user associated with
data location is identified, secerning it from other users is never going to be easy owing to
confidentiality and privacy issues!!!
In this paper we discuss and build upon the challenges as available today to the forensics
industry focused on growing Clouds.
I.
INTRODUCTION
Collection
Media
Examination
Data
Reporting
Analysis
Information
Evidence
On Site
Infrastructure
Platform
Software
Application
Application
Application
Application
You Manage
Data
Data
Data
Data
Vendor
Runtime
Runtime
Runtime
Runtime
Middleware
Middleware
Middleware
Middleware
O/S
O/S
O/S
O/S
Virtualization
Virtualization
Virtualization
Virtualization
Server
Server
Server
Server
Storage
Storage
Storage
Storage
Networking
Networking
Networking
Networking
II. STORAGE
The Cloud Storage is not local, it can range
panning across continents. So in a typical
case as above where does the forensic
expert look for extracting remnants of logs
V. EVIDENCE
COORDINATION
In any typical forensic process, the forensic
team is always interested to know and
correlate all the events that happened around
the incident reported. How will correlation
of all activities be done in a cloud environ
wherein not one but multiple CSPs may be
involved. Different CSPs will offer
miscellanea of architectures and platforms
leading to interoperability issues.
VI. VIRTUAL
CHECKPOINTS
MACHINE
VII. TIME
SYNCHRONEITY
STAMP
IX. INTEROPERABILITY IN
CSPs
Interoperability means the ability for
multiple cloud platforms to work together
and interoperate that desires existence of
abstraction betwixt application data logic
and system interfaces. Though standards
today are setting in but still a long way to go
before we come out of the proprietary
architecture challenges of various CSPs.
X. NO SINGLE POINT OF
FAILURE FOR CRIMINALS
The current lack of standards and policies in
cloud forensics is a win-win situation for
any criminal to commit crime. There is no
single point of failure in the typical setup of
cloud services letting criminals to be
convicted in a square mode. No single
PC/terminal can be held as an evidence for
the forensic team as required in schema of
things in digital forensics. No one computer
in a group that holds all of the data
necessary for the forensic investigator to
reconstruct the information about the crime.
A vicious organization can opt one CSP for
a storage solution, another CSP for hosting
services and route everything through
another CSP.
XIV. MULTIPLE
DEPENDENCIES
XVII. TRAINED
PERSONNELS[14]
Availability of trained personnels and
investigators remains a serious cause of
concern owing to lack of training materials
ACKNOWLEDGEMENT
I am very grateful to the Col. (Retd.)
Mahesh Khera, President, Broadband India
Forum and the world of open source which
has enabled me to understand and put my
thoughts on this very critical but still un
attended subject. Special thanks to Dr. Anup
Girdhar, CEO - Founder, Sedulity Solutions
& Technologies who gave me an
opportunity to present this paper and has
been my guide over my various interactions
with him in courses I have pursued over a
period of time.
REFERENCES
[1] Webopedia, Cloud Service Provider Available
at<http://www.webopedia.com/TERM/C/cloud_
provider.html>, [Accessed 12th Jan 2015]
[2] Wikipedia , Cloud Computing Available at
<http://en.wikipedia.org/wiki/Cloud_computing
>, [Accessed 12th Jan 2015].