Wednesday, 11 July 2012

Cloud Forensics - What to do?

The rapidly growing sector of cloud computing services is a growing headache for the e Discovery and Digital Forensics providers sector in supporting litigation. Most of the tools developed for e Discovery and Computer Forensics are based on the acquisition of static information, with some supplementary tools that allow for the collection of live information such as memory, network connections and running applications designed to be used on discrete (physical) hardware.

The problem is further made worse by the three distinct service models that prevail amongst cloud providers: SaaS (Software as a Service), PaaS (Program as a Service) and IaaS (Infrastructure as a Service) these three models depending on the one chosen have a range from providing no information to only a limited ability to provide forensically responsive information. This creates a problem when a respondent to a discovery order has to generate supportable information that is required by a court, regulatory agency, or law enforcement.

At present there is very limited research into the development of tools for the forensic collection of cloud data and the existing tools have limited usage in such environments. How do you readers feel about this issue and has anyone come across any work that is leading the way in this part of the field?

No comments:

Post a Comment

Animated Social Gadget - Blogger And Wordpress Tips