SlideShare ist ein Scribd-Unternehmen logo

The Cloud: Privacy and Forensics

I
Info_Studies_Aberystwyth
Bildung
1 von 26
Cloud Forensics and Privacy Keyun Ruan keyun.ruan@ucd.ie Center for Cybersecurity and Cyber Crime Investigation University College Dublin National Library of Wales, Aberystwyth Sep 6 2012
Cloud Forensics: an Overview • Cloud computing - Essential characteristics - Service models - Deployment models - Cloud actors - Service Level Agreement • Digital Forensics • Multiple Dimensions - Technical - Legal - Organizational
Cloud Investigations • Internal Investigations - Security incidents - Policy violations - Regulatory compliance - Event management • External Investgations - Criminal case - Civil case
Forensic Implications of Cloud Reference Architecture Figure 1. NIST Cloud Conceptual Reference Model (Liu et al. 2011)
Service Models and the Split of Control Figure 2. Split of Control between Provider and Consumer
Forensic Artifacts in Cloud Environments • Service Layer - SaaS (Application Layer) - PaaS (Middleware Layer) - IaaS (OS Layer) • Resource Abstraction and Control Layer • Physical Resource Layer Figure 3. Cloud System Environment (Liu et al. 2011)
Cloud Provider Figure 4. Cloud Provider Usage Scenario (Liu et al. 2011)
Cloud Consumer Figure 5. Cloud Consumer Usage Scenario (Liu et al. 2011)
Cloud Broker Figure 6. Cloud Broker Usage Scenario (Liu et al. 2011)
Cloud Carrier Figure 7. Cloud Carrier Usage Scenario (Liu et al. 2011)
Cloud Auditor Figure 8. Cloud Auditor Usage Scenario (Liu et al. 2011)
Cloud Actors Interaction Scenario 1 Figure 9. Cloud Actors Interaction Scenario 1
Cloud Actors Interaction Scenario 2 Figure 10. Cloud Actors Interaction Scenario 2
Cloud Actors Interaction Scenario 3 Figure 11. Cloud Actors Interaction Scenario 3
Public Cloud Forensic Case 1: Cloud Consumers Forensic Case 2: Cloud Consumers accessing the Cloud over a network Accessing the Cloud from within the enterprise network Figure 12. Public Cloud Deployment (Liu et al. 2011)
Private Cloud Forensic Case 1: On‐site Forensic Case 2: Private Cloud Out‐sourced Private Cloud Figure 13. Private Cloud Deployment (Liu et al. 2011)
Community Cloud Forensic Case 1: On‐site Forensic Case 2: Outsourced Community Cloud Community Cloud Figure 14. Community Cloud Deployment (Liu et al. 2011)
Hybrid Cloud Figure 15. Hybrid Cloud Deployment (Liu et al. 2011)
Cloud Forensics: Challenges • Forensic acquisition • Identity and anonymity • Evidence segregation management • Virtualized environment • Data recovery • Data location • Proliferation of endpoints • Forensic staffing • Time synchronization • External dependency • Log management chains • Encryption and key • Service Level Agreement management • Multiple jurisdiction, multiple tenancy, multiple ownership
Cloud Forensics: Opportunities • Cost effectiveness • Data abundance • Overall robustness • Scalability and flexibility • Policies and standards • Forensic‐as‐a‐Service (FaaS)
Survey on Cloud Forensics and Critical Criteria for Cloud Forensic Capability • 257 respondents Figure 16. Impact of Cloud Computing on Forensics
Top Challenges •  Jurisdiction (89.43% significant or very significant, 59.62% very significant) •  Lack of international collaboration and legislative mechanism in cross - nation data access and exchange (84.77% significant or very significant) •  Investigating external chain of dependencies of the cloud provider (e.g., a cloud provider can use the service from another provider) (80.96% significant or very significant) •  Decreased access to and control over forensic data at all levels from customer side (78.3% significant or very significant) •  Lack of law/regulation and law advisory (76.19% significant or very significant)
Key Terms for the Service Level Agreement • Cloud offering • Technical dimension • Organizational dimension • Legal dimension • Auditing
ISO Series Source: Marshall A.M. (2011) Standards, regulation & quality in digital investigations: The state we are in, Digital Investigation 8 p141-‐‐144
“The first requisite of civilization is that of justice” Sigmund Freud
THANK YOU! @ruankeyun keyun.ruan@ucd.ie

Empfohlen

Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science
David Sweigert
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and Forensics
Govind Maheswaran
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
Ensuring data storage security in cloud computing
Ensuring data storage security in cloud computingEnsuring data storage security in cloud computing
Ensuring data storage security in cloud computing
Uday Wankar
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the Clouds
Nexgen Technology
 
Cloud Forensics
Cloud ForensicsCloud Forensics
Cloud Forensics
sdavis532
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
Hoang Nguyen
 
Smart cloud - single to multi cloud
Smart cloud - single to multi cloud Smart cloud - single to multi cloud
Smart cloud - single to multi cloud
Abdul Rasheed Feroz Khan
 

Empfohlen

Cloud Computing Forensic Science
Cloud Computing Forensic Science Cloud Computing Forensic Science
Cloud Computing Forensic Science
David Sweigert
 
Cloud Computing : Security and Forensics
Cloud Computing : Security and ForensicsCloud Computing : Security and Forensics
Cloud Computing : Security and Forensics
Govind Maheswaran
 
Cloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit PlanningCloud Breach - Forensics Audit Planning
Cloud Breach - Forensics Audit Planning
Valdez Ladd MBA, CISSP, CISA,
 
Ensuring data storage security in cloud computing
Ensuring data storage security in cloud computingEnsuring data storage security in cloud computing
Ensuring data storage security in cloud computing
Uday Wankar
 
SecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the CloudsSecRBAC: Secure data in the Clouds
SecRBAC: Secure data in the Clouds
Nexgen Technology
 
Cloud Forensics
Cloud ForensicsCloud Forensics
Cloud Forensics
sdavis532
 
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTINGSOME SECURITY CHALLENGES IN CLOUD COMPUTING
SOME SECURITY CHALLENGES IN CLOUD COMPUTING
Hoang Nguyen
 
Smart cloud - single to multi cloud
Smart cloud - single to multi cloud Smart cloud - single to multi cloud
Smart cloud - single to multi cloud
Abdul Rasheed Feroz Khan
 
Ensuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha TukeEnsuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha Tuke
Anusha Chavan
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
Sonali Jain
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computing
prachupanchal
 
Data Integrity proofs in cloud storage
Data Integrity proofs in cloud storageData Integrity proofs in cloud storage
Data Integrity proofs in cloud storage
Sameer Mohd
 
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Pushpa
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
Falgun Rathod
 
Security issues in cloud database
Security issues in cloud database Security issues in cloud database
Security issues in cloud database
أحلام انصارى
 
Cloud complete
Cloud completeCloud complete
Cloud complete
Muhammad Rehan
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)
ClubHack
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud Computing
Jyotika Pandey
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
Kiran Kumar
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
Discover Cloud Computing
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
Jyoti Srivastava
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
Stelios Krasadakis
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
ijfcstjournal
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud Computing
Ankit Singh
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computing
sashi799
 
Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013
javagroup2006
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
Nexgen Technology
 
Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security
Bahtiyar Bircan
 
Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
anupriti
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readiness
Victor Kebande
 

Weitere ähnliche Inhalte

Was ist angesagt?

Data Integrity proofs in cloud storage
Data Integrity proofs in cloud storageData Integrity proofs in cloud storage
Data Integrity proofs in cloud storage
Sameer Mohd
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)
ClubHack
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud Computing
Ankit Singh
 

Was ist angesagt? (20)

Ensuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha TukeEnsuring data security in cloud computing. - Anusha Tuke
Ensuring data security in cloud computing. - Anusha Tuke
 
Data storage security in cloud computing
Data storage security in cloud computingData storage security in cloud computing
Data storage security in cloud computing
 
security Issues of cloud computing
security Issues of cloud computingsecurity Issues of cloud computing
security Issues of cloud computing
 
Data Integrity proofs in cloud storage
Data Integrity proofs in cloud storageData Integrity proofs in cloud storage
Data Integrity proofs in cloud storage
 
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
Presentation on cloud computing security issues using HADOOP and HDFS ARCHITE...
 
Security Issues of Cloud Computing
Security Issues of Cloud ComputingSecurity Issues of Cloud Computing
Security Issues of Cloud Computing
 
Security issues in cloud database
Security issues in cloud database Security issues in cloud database
Security issues in cloud database
 
Cloud complete
Cloud completeCloud complete
Cloud complete
 
Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)Cloud computing security & forensics (manu)
Cloud computing security & forensics (manu)
 
Security Issues in Cloud Computing
Security Issues in Cloud ComputingSecurity Issues in Cloud Computing
Security Issues in Cloud Computing
 
Cloud computing security from single to multiple
Cloud computing security from single to multipleCloud computing security from single to multiple
Cloud computing security from single to multiple
 
Cloud Computing Security Issues
Cloud Computing Security Issues Cloud Computing Security Issues
Cloud Computing Security Issues
 
Cloud computing and its security issues
Cloud computing and its security issuesCloud computing and its security issues
Cloud computing and its security issues
 
Cloud Computing Security Issues
Cloud Computing Security IssuesCloud Computing Security Issues
Cloud Computing Security Issues
 
Evaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing EnvironmentsEvaluation Of The Data Security Methods In Cloud Computing Environments
Evaluation Of The Data Security Methods In Cloud Computing Environments
 
The Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud ComputingThe Security and Privacy Threats to Cloud Computing
The Security and Privacy Threats to Cloud Computing
 
On technical security issues in cloud computing
On technical security issues in cloud computingOn technical security issues in cloud computing
On technical security issues in cloud computing
 
Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013Data Security Essentials for Cloud Computing - JavaOne 2013
Data Security Essentials for Cloud Computing - JavaOne 2013
 
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEMTWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
TWO-FACTOR DATA SECURITY PROTECTION MECHANISM FOR CLOUD STORAGE SYSTEM
 
Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security Cloud Computing v.s. Cyber Security
Cloud Computing v.s. Cyber Security
 

Andere mochten auch

5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack
RedZone Technologies
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
Great Bay Software
 
Trying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingTrying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computing
Brent Muir
 
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics
Revolution Analytics
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Positive Hack Days
 

Andere mochten auch (20)

Cloud-forensics
Cloud-forensicsCloud-forensics
Cloud-forensics
 
Adding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readinessAdding event reconstruction to a cloud forensic readiness
Adding event reconstruction to a cloud forensic readiness
 
Computer Forensic
Computer ForensicComputer Forensic
Computer Forensic
 
5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack5 Ways To Fight A DDoS Attack
5 Ways To Fight A DDoS Attack
 
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
Cloud Computing – Opportunities, Definitions, Options, and Risks (Part-1)
 
IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed IoT DDoS Attacks: the stakes have changed
IoT DDoS Attacks: the stakes have changed
 
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
Security on cloud storage and IaaS (NSC: Taiwan - JST: Japan workshop)
 
Cloud Computing Security Challenges
Cloud Computing Security ChallengesCloud Computing Security Challenges
Cloud Computing Security Challenges
 
The security of SAAS and private cloud
The security of SAAS and private cloudThe security of SAAS and private cloud
The security of SAAS and private cloud
 
Trying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computingTrying to bottle the cloud forensic challenges with cloud computing
Trying to bottle the cloud forensic challenges with cloud computing
 
2017 03-01-forensics 1488330715
2017 03-01-forensics 14883307152017 03-01-forensics 1488330715
2017 03-01-forensics 1488330715
 
(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox(130928) #fitalk cloud storage forensics - dropbox
(130928) #fitalk cloud storage forensics - dropbox
 
IoT Security: Cases and Methods
IoT Security: Cases and MethodsIoT Security: Cases and Methods
IoT Security: Cases and Methods
 
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics
12Nov13 Webinar: Big Data Analysis with Teradata and Revolution Analytics
 
How IoT Is Breaking The Internet
How IoT Is Breaking The InternetHow IoT Is Breaking The Internet
How IoT Is Breaking The Internet
 
Assessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS SolutionsAssessing the Security of Cloud SaaS Solutions
Assessing the Security of Cloud SaaS Solutions
 
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
Privacy and Security in the Internet of Things / Конфиденциальность и безопас...
 
IBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaSIBM Security SaaS IaaS and PaaS
IBM Security SaaS IaaS and PaaS
 
IoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat LandscapeIoT - the Next Wave of DDoS Threat Landscape
IoT - the Next Wave of DDoS Threat Landscape
 
Practice and challenges from building IaaS
Practice and challenges from building IaaSPractice and challenges from building IaaS
Practice and challenges from building IaaS
 

Ähnlich wie The Cloud: Privacy and Forensics

Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMCloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Hector Del Castillo, CPM, CPMM
 
Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)
Zuhair Haroon khan
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
TT L
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Bill Annibell
 
cloud-20deployments-20model-131226165813-phpapp01.pptx
cloud-20deployments-20model-131226165813-phpapp01.pptxcloud-20deployments-20model-131226165813-phpapp01.pptx
cloud-20deployments-20model-131226165813-phpapp01.pptx
20DC11NOUFALN
 
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docxResearch ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
audeleypearl
 
Cloud computing pros and cons for computer forensic investigations
Cloud computing pros and cons for computer forensic investigationsCloud computing pros and cons for computer forensic investigations
Cloud computing pros and cons for computer forensic investigations
poojagupta010
 
A Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the CloudA Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the Cloud
Editor IJCATR
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityThe Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the Singularity
Tech and Law Center
 
Firewall and vpn investigation on cloud computing performance
Firewall and vpn investigation on cloud computing performanceFirewall and vpn investigation on cloud computing performance
Firewall and vpn investigation on cloud computing performance
IJCSES Journal
 
Cloud computing security from single to multi clouds
Cloud computing security from single to multi cloudsCloud computing security from single to multi clouds
Cloud computing security from single to multi clouds
Cholavaram Sai
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
nooralmousa
 

Ähnlich wie The Cloud: Privacy and Forensics (20)

Cloud Service Life-cycle Management
Cloud Service Life-cycle ManagementCloud Service Life-cycle Management
Cloud Service Life-cycle Management
 
Cloud service lifecycle management
Cloud service lifecycle managementCloud service lifecycle management
Cloud service lifecycle management
 
Challenges in Cloud Forensics
Challenges in Cloud ForensicsChallenges in Cloud Forensics
Challenges in Cloud Forensics
 
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMMCloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
Cloud01: Best Practices for Virtual Cloud Security - H. Del Castillo, AIPMM
 
Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02Cloudcomputingoct2009 100301142544-phpapp02
Cloudcomputingoct2009 100301142544-phpapp02
 
Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)Cloud Computing- Proposal (Autosaved)
Cloud Computing- Proposal (Autosaved)
 
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
Presentation On Effectively And Securely Using The Cloud Computing Paradigm V26
 
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
Presentation on Effectively and Securely Using the Cloud Computing Paradigm v26
 
cloud-20deployments-20model-131226165813-phpapp01.pptx
cloud-20deployments-20model-131226165813-phpapp01.pptxcloud-20deployments-20model-131226165813-phpapp01.pptx
cloud-20deployments-20model-131226165813-phpapp01.pptx
 
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docxResearch ArticleSecuring Cloud Hypervisors A Survey of the .docx
Research ArticleSecuring Cloud Hypervisors A Survey of the .docx
 
Cloud computing pros and cons for computer forensic investigations
Cloud computing pros and cons for computer forensic investigationsCloud computing pros and cons for computer forensic investigations
Cloud computing pros and cons for computer forensic investigations
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
Presd1 10
Presd1 10Presd1 10
Presd1 10
 
Fundamental Concepts-and-Models Cloud Computing
Fundamental Concepts-and-Models Cloud ComputingFundamental Concepts-and-Models Cloud Computing
Fundamental Concepts-and-Models Cloud Computing
 
A Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the CloudA Security Model for Virtual Infrastructure in the Cloud
A Security Model for Virtual Infrastructure in the Cloud
 
Cloud Computing
Cloud ComputingCloud Computing
Cloud Computing
 
The Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the SingularityThe Death Of Computer Forensics: Digital Forensics After the Singularity
The Death Of Computer Forensics: Digital Forensics After the Singularity
 
Firewall and vpn investigation on cloud computing performance
Firewall and vpn investigation on cloud computing performanceFirewall and vpn investigation on cloud computing performance
Firewall and vpn investigation on cloud computing performance
 
Cloud computing security from single to multi clouds
Cloud computing security from single to multi cloudsCloud computing security from single to multi clouds
Cloud computing security from single to multi clouds
 
Taiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloudTaiye Lambo - Auditing the cloud
Taiye Lambo - Auditing the cloud
 

Kürzlich hochgeladen

Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment
Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment
Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment
saipooja36
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
中 央社
 
SURVEY I created for uni project research
SURVEY I created for uni project researchSURVEY I created for uni project research
SURVEY I created for uni project research
CaitlinCummins3
 
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sean M. Fox
 
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
MysoreMuleSoftMeetup
 
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
中 央社
 

Kürzlich hochgeladen (20)

How to Manage Closest Location in Odoo 17 Inventory
How to Manage Closest Location in Odoo 17 InventoryHow to Manage Closest Location in Odoo 17 Inventory
How to Manage Closest Location in Odoo 17 Inventory
 
male presentation...pdf.................
male presentation...pdf.................male presentation...pdf.................
male presentation...pdf.................
 
The Story of Village Palampur Class 9 Free Study Material PDF
The Story of Village Palampur Class 9 Free Study Material PDFThe Story of Village Palampur Class 9 Free Study Material PDF
The Story of Village Palampur Class 9 Free Study Material PDF
 
Graduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptxGraduate Outcomes Presentation Slides - English (v3).pptx
Graduate Outcomes Presentation Slides - English (v3).pptx
 
Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment
Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment
Envelope of Discrepancy in Orthodontics: Enhancing Precision in Treatment
 
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
TỔNG HỢP HƠN 100 ĐỀ THI THỬ TỐT NGHIỆP THPT TOÁN 2024 - TỪ CÁC TRƯỜNG, TRƯỜNG...
 
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
Mattingly "AI and Prompt Design: LLMs with Text Classification and Open Source"
 
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽會考英聽
 
SURVEY I created for uni project research
SURVEY I created for uni project researchSURVEY I created for uni project research
SURVEY I created for uni project research
 
MOOD STABLIZERS DRUGS.pptx
MOOD STABLIZERS DRUGS.pptxMOOD STABLIZERS DRUGS.pptx
MOOD STABLIZERS DRUGS.pptx
 
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading RoomSternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
Sternal Fractures & Dislocations - EMGuidewire Radiology Reading Room
 
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
Exploring Gemini AI and Integration with MuleSoft | MuleSoft Mysore Meetup #45
 
Major project report on Tata Motors and its marketing strategies
Major project report on Tata Motors and its marketing strategiesMajor project report on Tata Motors and its marketing strategies
Major project report on Tata Motors and its marketing strategies
 
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
ĐỀ THAM KHẢO KÌ THI TUYỂN SINH VÀO LỚP 10 MÔN TIẾNG ANH FORM 50 CÂU TRẮC NGHI...
 
Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).Dementia (Alzheimer & vasular dementia).
Dementia (Alzheimer & vasular dementia).
 
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文會考英文
 
How To Create Editable Tree View in Odoo 17
How To Create Editable Tree View in Odoo 17How To Create Editable Tree View in Odoo 17
How To Create Editable Tree View in Odoo 17
 
The Liver & Gallbladder (Anatomy & Physiology).pptx
The Liver & Gallbladder (Anatomy & Physiology).pptxThe Liver & Gallbladder (Anatomy & Physiology).pptx
The Liver & Gallbladder (Anatomy & Physiology).pptx
 
Stl Algorithms in C++ jjjjjjjjjjjjjjjjjj
Stl Algorithms in C++ jjjjjjjjjjjjjjjjjjStl Algorithms in C++ jjjjjjjjjjjjjjjjjj
Stl Algorithms in C++ jjjjjjjjjjjjjjjjjj
 
IPL Online Quiz by Pragya; Question Set.
IPL Online Quiz by Pragya; Question Set.IPL Online Quiz by Pragya; Question Set.
IPL Online Quiz by Pragya; Question Set.
 

The Cloud: Privacy and Forensics

  • 1. Cloud Forensics and Privacy Keyun Ruan keyun.ruan@ucd.ie Center for Cybersecurity and Cyber Crime Investigation University College Dublin National Library of Wales, Aberystwyth Sep 6 2012
  • 2. Cloud Forensics: an Overview • Cloud computing - Essential characteristics - Service models - Deployment models - Cloud actors - Service Level Agreement • Digital Forensics • Multiple Dimensions - Technical - Legal - Organizational
  • 3. Cloud Investigations • Internal Investigations - Security incidents - Policy violations - Regulatory compliance - Event management • External Investgations - Criminal case - Civil case
  • 4. Forensic Implications of Cloud Reference Architecture Figure 1. NIST Cloud Conceptual Reference Model (Liu et al. 2011)
  • 5. Service Models and the Split of Control Figure 2. Split of Control between Provider and Consumer
  • 6. Forensic Artifacts in Cloud Environments • Service Layer - SaaS (Application Layer) - PaaS (Middleware Layer) - IaaS (OS Layer) • Resource Abstraction and Control Layer • Physical Resource Layer Figure 3. Cloud System Environment (Liu et al. 2011)
  • 7. Cloud Provider Figure 4. Cloud Provider Usage Scenario (Liu et al. 2011)
  • 8. Cloud Consumer Figure 5. Cloud Consumer Usage Scenario (Liu et al. 2011)
  • 9. Cloud Broker Figure 6. Cloud Broker Usage Scenario (Liu et al. 2011)
  • 10. Cloud Carrier Figure 7. Cloud Carrier Usage Scenario (Liu et al. 2011)
  • 11. Cloud Auditor Figure 8. Cloud Auditor Usage Scenario (Liu et al. 2011)
  • 12. Cloud Actors Interaction Scenario 1 Figure 9. Cloud Actors Interaction Scenario 1
  • 13. Cloud Actors Interaction Scenario 2 Figure 10. Cloud Actors Interaction Scenario 2
  • 14. Cloud Actors Interaction Scenario 3 Figure 11. Cloud Actors Interaction Scenario 3
  • 15. Public Cloud Forensic Case 1: Cloud Consumers Forensic Case 2: Cloud Consumers accessing the Cloud over a network Accessing the Cloud from within the enterprise network Figure 12. Public Cloud Deployment (Liu et al. 2011)
  • 16. Private Cloud Forensic Case 1: On‐site Forensic Case 2: Private Cloud Out‐sourced Private Cloud Figure 13. Private Cloud Deployment (Liu et al. 2011)
  • 17. Community Cloud Forensic Case 1: On‐site Forensic Case 2: Outsourced Community Cloud Community Cloud Figure 14. Community Cloud Deployment (Liu et al. 2011)
  • 18. Hybrid Cloud Figure 15. Hybrid Cloud Deployment (Liu et al. 2011)
  • 19. Cloud Forensics: Challenges • Forensic acquisition • Identity and anonymity • Evidence segregation management • Virtualized environment • Data recovery • Data location • Proliferation of endpoints • Forensic staffing • Time synchronization • External dependency • Log management chains • Encryption and key • Service Level Agreement management • Multiple jurisdiction, multiple tenancy, multiple ownership
  • 20. Cloud Forensics: Opportunities • Cost effectiveness • Data abundance • Overall robustness • Scalability and flexibility • Policies and standards • Forensic‐as‐a‐Service (FaaS)
  • 21. Survey on Cloud Forensics and Critical Criteria for Cloud Forensic Capability • 257 respondents Figure 16. Impact of Cloud Computing on Forensics
  • 22. Top Challenges •  Jurisdiction (89.43% significant or very significant, 59.62% very significant) •  Lack of international collaboration and legislative mechanism in cross - nation data access and exchange (84.77% significant or very significant) •  Investigating external chain of dependencies of the cloud provider (e.g., a cloud provider can use the service from another provider) (80.96% significant or very significant) •  Decreased access to and control over forensic data at all levels from customer side (78.3% significant or very significant) •  Lack of law/regulation and law advisory (76.19% significant or very significant)
  • 23. Key Terms for the Service Level Agreement • Cloud offering • Technical dimension • Organizational dimension • Legal dimension • Auditing
  • 24. ISO Series Source: Marshall A.M. (2011) Standards, regulation & quality in digital investigations: The state we are in, Digital Investigation 8 p141-‐‐144
  • 25. “The first requisite of civilization is that of justice” Sigmund Freud