Towards a Forensic-Based Service Oriented Architecture Framework for Auditing of Cloud Logs

Cloud computing log digital investigations relate to the investigation of a potential crime using the digital forensic evidence from a virtual machine (VM) host operating system using the hypervisor event logs. In cloud digital log forensics, work on the forensic reconstruction of evidence on VM hosts system is required, but with the heterogeneous complexity involved with an enterprise´s private cloud not to mention public cloud distributed environments, a possible Web Services-centric approach may be required for such log supported investigations. A data cloud log forensics service oriented architecture (SOA) audit framework for this type of forensic examination needs to allow for the reconstruction of transactions spanning multiple VM hosts, platforms and applications. This paper explores the requirements of a cloud log forensics SOA framework for performing effective digital investigation examinations in these abstract web services environments. This framework will be necessary in order to develop investigative and forensic auditing tools and techniques for use in cloud based log-centric SOAs.