Cloud Technology

Abstract

As computer technology evolved over the last 30 years, so did the opportunity to use computers to break the law. Out of necessity, digital forensics was birthed. Computer forensics is the practice of extracting information from the digital media in order to prosecute the individuals that carried out the crime. Forensic challenges presented by cloud computing are vast and complex. If a company becomes the target of a digital criminal investigation and they are using cloud computing, some unique challenges are faced by a digital forensics examiner. The data in the cloud only represents a "snapshot" of when it was sent to the cloud. Establishing a chain of custody for the data would become difficult or impossible if its integrity and authenticity cannot be fully determined. There are also potential forensic issues when the customer or user exits a cloud application. Items subject to forensic analysis, such as registry entries, temporary files, and other artifacts are lost, making malicious activity difficult to prove. The challenges of applying forensics to a cloud environment are tied to cloud security. This chapter discusses securing a cloud environment and how that would help with the forensic analysis.