Hard Clues in Soft Environments: The Cloud's Influence on Digital Forensics

Hard Clues in Soft Environments: The Cloud's Influence on Digital Forensics

Andrea Atzeni, Paolo Smiraglia, Andrea Siringo
Copyright: © 2015 |Pages: 27
DOI: 10.4018/978-1-4666-8387-7.ch012
(Individual Chapters)
No Current Special Offers


Cloud forensics is an open and important area of research due to the growing interest in cloud technology. The increasing frequency of digital investigations brings with it the need for studying specific scenarios in the area of forensics, both when evidence are inside the cloud and when the cloud can be used as platform to perform the investigations. In this chapter we highlight the problems digital forensics must deal with in the Cloud. We introduce historical roots of digital forensics, as well as an overall background about the Cloud and we provide possible meanings of cloud forensics, based on available definitions. Since the cloud introduces different architectural paradigm that affects all the phases of a forensics investigation, in this survey we detail many security issues digital forensics have to face in a cloud environment. We describe when and what available solutions exist and, on the contrary, the still open problems, and we discuss possible future directions in this field.
Chapter Preview


This section will introduce the key concepts necessary to understand the rest of this chapter. Digital forensic science and the Cloud computing model will be defined. Using these two definitions cloud forensics, a recently emerged branch of digital forensics science, will be presented.

Key Terms in this Chapter

Chain of Custody: The data source containing all the information related to the evidence handling occurred during the investigation. The evidence handling addresses both the physical devices and the data contained therein.

Presentation Phase: The phase of the digital forensics for preparing evidences collected during investigation to be presented to the judge. It comprises the development of a report about techniques and methods adopted during the forensics activity.

Securing Phase: The first part of the digital forensics process. This phase must ensure that all the investigation relevant material does not suffer changes during the investigative process.

Forensics: The set of scientific methods for examining and gathering information about the past in order to support investigations.

Digital forensics: A branch of forensics that focuses on the identification and acquisition of digital evidence from electronic devices like laptops and smartphones.

Cloud Computing: A computing model that facilitates easy access to remote resources (e.g. computation power and storage) provided by a third party (Cloud Service Provider or CSP) adopting the pay-on-demand paradigm.

Analysis phase: The part of the digital forensics process in which all the collected data are analysed and tracked.

Complete Chapter List

Search this Book: