RFC – Digital Forensics within IaaS Environments

Request for comments – I would be interested in knowing your thoughts and opinions on the topic of “Digital Forensics within Infrastructure-as-a-Service (IaaS) Environments.

For my sins I have chosen this as the subject for my dissertation and although I could happily write thousands upon thousands of words (Plenty of practice writing forensic reports…) of my own opinion and citing quotes from the many articles, journals and papers I am reading I would like to offer some enrichment to the reader (My poor lecturer) and provide some knowledgeable and experienced primary and secondary sources from those who have gone beyond the text book.

So, I would be very grateful if you do have any thoughts (ideally experience) on this subject to get in touch. I will of course cite all contributions to the individual(s) and/or organisations (Opportunity for free publicity) however, likewise should you or your organisations wish to remain anonymous, this too can be arranged.

I’d be happy to arrange a face to face interview or (What is likely to be easier for everyone) for you to contact me via email at info@forhacsec.com and we can hopefully engage in conversation on the subject.

Current trains of thought on the subject include –

  • Is IaaS forensics more Incident Response and readiness than actual methodology at the moment?
  • How are Cloud Service Customers prepared for forensics within the cloud?
  • Are appropriate SLA’s and Contracts in place between service providers and customers?
  • Are Cloud Service Providers in any position to offer or even comply with digital forensic investigations?
  • What do you think of Cloud Service Providers having Cloud Service Providers and cross jurisdiction investigations?
  • Where do you think ‘Cloud Forensics’ will go in X amount of time?
  • Are the industry suppliers of forensic acquisition and investigatory tools ready for investigations in ‘Cloud’ environments?
  • Is legislation in the UK up to scratch to aide law enforcement in carrying out such investigations and agreements in place with other countries to assist in working together?

I could go on….

A survey is now available in relation to this research project, I know many of us have a dislike for such things, however it is a requirement of the project. I would be very grateful if you could spare a moment to complete it. You contribution will be extremely valuable to the project – Click here to complete the survey.

Thank you for taking the time to read this.

 

This entry was written by Zac , posted on Wednesday December 26 2012at 06:12 pm , filed under Digital Forensics, Education & Training, Industry, Law Enforcement, Legal/Court, Research and Studies and tagged , , , . Bookmark the permalink . Post a comment below or leave a trackback: Trackback URL.

4 Responses to “RFC – Digital Forensics within IaaS Environments”

  • Adam says:

    Thank you Brian. Greatly appreciated!

    It’s amazing how closed the industry can be at times. I am lucky enough to already have been working in the industry prior to studying for my degree. I really feel for those are just trying to enter the profession.

    All the best for 2013!

  • Stephen Townsley says:

    You dont seem to have the three basic cloud models in t he outline;

    private
    public
    hybrid

    I would suggest the security for each type a different security model is appropriate.

    Steve

  • Adam says:

    Thanks for that Steve. I do have them covered under the research project as well as community environments, meaning multiple private clouds between known private parties.

    I am also looking at multi-tenancy and multi-jurisdiction issues too.

    The security for each is indeed different as are the considerations. However I am aiming in the direction of companies choosing to outsource to a Cloud Service Provider and the considerations with that. They may be very similar for each, providing the correct contracts/SLA’s are developed. However the response from the Cloud Service Provider (CSP) in each scenario, depending upon what agreements (if any) have been made, may be very different.

    Adam

Leave a Reply

You must be logged in to post a comment.