Digital forensic readiness in the cloud

Author

Trenwith, Philip M. ; Venter, H.S.

Author_Institution

Dept. of Comput. Sci., Univ. of Pretoria, Pretoria, South Africa

fYear

2013

fDate

14-16 Aug. 2013

Firstpage

1

Lastpage

5

Abstract

The traditional digital forensic investigation process has always had a post-event driven focus. This process is perhaps too long for the cloud. This paper investigates how digital forensic readiness can be used to quicken and update the traditional digital forensic investigation process to better suit cloud computing environments. John Tans states that centralized logging is the key to efficient forensic strategies. The author proposes a model that considers centralised logging of all activities of all the participants within the cloud in preparation of an investigation. This approach will quicken the acquisition of evidential data when an investigation is required, allowing the investigator to start the analysis and examination almost immediately.

Keywords

cloud computing; digital forensics; centralized logging; cloud computing environments; digital forensic investigation process; digital forensic readiness; evidential data acquisition; Cloud computing; Computers; Cryptography; Digital forensics; Protocols; Servers; AES; Cloud Computing; Cryptographic Hash Functions; Diffie-Hellman; Digital Forensic Investigation Process; Digital Forensic Readiness; Digital Forensics; Network Time Protocol; RSA; Remote and Centralized Logging; Windows Event Logs;

fLanguage

English

Publisher

ieee

Conference_Titel

Information Security for South Africa, 2013

Conference_Location

Johannesburg

Type

conf

DOI

10.1109/ISSA.2013.6641055

Filename

6641055