Cloud Challenges for Forensics

Wednesday, July 16, 2014 @ 10:07 AM gHale


There are 65 challenges cloud computing poses to forensics investigators who uncover, gather, examine and interpret digital evidence to help solve crimes, according to a report from the National Institute of Standards and Technology (NIST).

The report, NIST Cloud Computing Forensic Science Challenges, came from the organization’s Cloud Computing Forensic Science Working Group, an international body of cloud and digital forensic experts from industry, government and academia.

RELATED STORIES
Cloud Data Does the ‘Shuffle’
Cloud Used for Hacking Services
Cloud Breach: Cost 3 Times Higher
Attacks Closes Cloud Services Firm

Through the report, the working group aims to initiate a dialogue on forensic science concerns in cloud computing ecosystems.

“The long-term goal of this effort,” said NIST’s Martin Herman, co-chair of the working group, “is to build a deeper understanding of, and consensus on, the high-priority challenges so that the public and private sectors can collaborate on effective responses.”

The ultimate in distributed computing, cloud computing is revolutionizing how digital data ends up stored, processed and transmitted. It enables convenient, on-demand network access to a shared pool of configurable computing resources, including servers, storage and applications.

Benefits include cost savings, convenience and greater flexibility in how businesses and other consumers employ information technology.

There are, however, issues. There are challenges for forensic investigators who must track down evidence in the ever-changing, elastic, on-demand, self-provisioning cloud computing environments. Even if they seize a tablet or laptop computer at a crime scene, digital crime fighters could come up empty handed if these devices link to pooled resources in the cloud.

Technical challenges are all over, but almost all intersect with legal and organizational issues. The 65 challenges the working group identified fall within nine categories. These include architecture, data collection, analysis, standards, training and “anti-forensics” such as data hiding and malware.

These technical challenges “need to be understood in order to develop technology and standards-based mitigation approaches,” the draft report says.

The NIST Cloud Computing Forensic Science Working Group is requesting comments from the public by July 21, on the draft of NIST Cloud Computing Forensic Science Challenges.

Click here to view a copy of the draft.



Leave a Reply

You must be logged in to post a comment.