CFaaS: bilaterally agreed evidence collection
A common cloud forensic model proposed by researchers is ‘Cloud-Forensic-as-a-Service’ where consumers have to access it as a service to collect forensic data from cloud environments. The ‘Cloud-Forensic-as-a-Service’ model raises the question of how it collects digital evidence pertaining to an inc...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Springer Verlag
2018
|
| Subjects: | |
| Online Access: | http://eprints.utm.my/id/eprint/79635/1/NorafidaIthnin2018_CFaaSBilaterallyAgreedEvidence.pdf http://eprints.utm.my/id/eprint/79635/ https://dx.doi.org/10.1186/s13677-017-0102-3 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | A common cloud forensic model proposed by researchers is ‘Cloud-Forensic-as-a-Service’ where consumers have to access it as a service to collect forensic data from cloud environments. The ‘Cloud-Forensic-as-a-Service’ model raises the question of how it collects digital evidence pertaining to an incident which occurred in the cloud. Currently, types of ‘Cloud-Forensic-as-a-Service’ systems in the literature show that the system is controlled and implemented by the cloud provider, where they unilaterally define the type of evidence that can be collected by the system. A serious limitation of this approach is that it does not offer the consumer sufficient means of performing reasonableness checks to verify that the provider is not accidentally or maliciously contaminating the evidence. To address the problem, the paper proposes a conceptual bilateral Cloud-Forensic-as-a-Service model where both consumers and providers can independently collect, verify the equity of the forensic analysis process and try to resolve potential disputes emerging from the independently collected results. The authors have developed a cloud forensic process model to lead common and significant aspects of a bilateral Cloud-Forensics-as-a-Service model. The paper explicitly discusses the concept of a bilateral Cloud-Forensic-as-a-Service model. |
|---|