In a unique and systematic way, this book discusses the security and privacy aspects of the cloud, and the relevant cloud forensics.
Cloud computing is an emerging yet revolutionary technology that has been changing the way people live and work. However, with the continuous growth of cloud computing and related services, security and privacy has become a critical issue. Written by some of the top experts in the field, this book specifically discusses security and privacy of the cloud, as well as the digital forensics of cloud data, applications, and services. The first half of the book enables readers to have a comprehensive understanding and background of cloud security, which will help them through the digital investigation guidance and recommendations found in the second half of the book.
Part One of Security, Privacy and Digital Forensics in the Cloud covers cloud infrastructure security; confidentiality of data; access control in cloud IaaS; cloud security and privacy management; hacking and countermeasures; risk management and disaster recovery; auditing and compliance; and security as a service (SaaS). Part Two addresses cloud forensics - model, challenges, and approaches; cyberterrorism in the cloud; digital forensic process and model in the cloud; data acquisition; digital evidence management, presentation, and court preparation; analysis of digital evidence; and forensics as a service (FaaS).
* Thoroughly covers both security and privacy of cloud and digital forensics
* Contributions by top researchers from the U.S., the European and other countries, and professionals active in the field of information and network security, digital and computer forensics, and cloud and big data
* Of interest to those focused upon security and implementation, and incident management
* Logical, well-structured, and organized to facilitate comprehension
Security, Privacy and Digital Forensics in the Cloud is an ideal book for advanced undergraduate and master's-level students in information systems, information technology, computer and network forensics, as well as computer science. It can also serve as a good reference book for security professionals, digital forensics practitioners and cloud service providers.
Sprache
Verlagsort
Dateigröße
ISBN-13
978-1-119-05340-8 (9781119053408)
Schweitzer Klassifikation
1 - Title Page [Seite 5]
2 - Copyright Page [Seite 6]
3 - Contents [Seite 7]
4 - List of Contributors [Seite 17]
5 - Part I Cloud Security and Privacy [Seite 19]
5.1 - Chapter 1 Introduction to the Cloud and Fundamental Security and Privacy Issues of the Cloud [Seite 21]
5.1.1 - 1.1 Introduction [Seite 21]
5.1.2 - 1.2 Cloud Computing and Security Issues [Seite 22]
5.1.3 - 1.3 Identity Security in the Cloud [Seite 27]
5.1.4 - 1.4 Information Security in the Cloud [Seite 27]
5.1.4.1 - 1.4.1 Confidentiality [Seite 28]
5.1.4.2 - 1.4.2 Integrity [Seite 29]
5.1.4.3 - 1.4.3 Availability [Seite 30]
5.1.4.4 - 1.4.4 Accountability [Seite 30]
5.1.4.5 - 1.4.5 Nonrepudiation [Seite 31]
5.1.4.6 - 1.4.6 Key Considerations in Information Security [Seite 32]
5.1.4.7 - 1.4.7 Information Security Analysis in Some Clouds [Seite 32]
5.1.5 - 1.5 Cloud Security Standards [Seite 34]
5.1.6 - 1.6 Conclusion [Seite 38]
5.1.7 - References [Seite 38]
5.2 - Chapter 2 Cloud Infrastructure Security [Seite 41]
5.2.1 - 2.1 Introduction [Seite 41]
5.2.2 - 2.2 Infrastructure Security in the Cloud [Seite 42]
5.2.2.1 - 2.2.1 Infrastructure Security: The Network Level [Seite 43]
5.2.2.1.1 - 2.2.1.1 Network-Level Mitigation [Seite 44]
5.2.2.2 - 2.2.2 Infrastructure Security: The Host Level [Seite 44]
5.2.2.2.1 - 2.2.2.1 SaaS and PaaS Host Security [Seite 45]
5.2.2.2.2 - 2.2.2.2 IaaS Host Security [Seite 45]
5.2.2.3 - 2.2.3 Infrastructure Security: The Application Level [Seite 46]
5.2.2.4 - 2.2.4 Hypervisor Security in the Cloud [Seite 46]
5.2.3 - 2.3 Infrastructure Security Analysis in Some Clouds [Seite 49]
5.2.3.1 - 2.3.1 Force.com [Seite 49]
5.2.3.2 - 2.3.2 Amazon AWS [Seite 52]
5.2.3.3 - 2.3.3 Google App Engine [Seite 58]
5.2.3.4 - 2.3.4 Microsoft Azure [Seite 60]
5.2.4 - 2.4 Protecting Cloud Infrastructure [Seite 63]
5.2.4.1 - 2.4.1 Software Maintenance and Patching Vulnerabilities [Seite 63]
5.2.4.2 - 2.4.2 The Technology Stack [Seite 64]
5.2.4.3 - 2.4.3 Disaster Recovery [Seite 64]
5.2.4.4 - 2.4.4 Monitoring and Defending Infrastructure [Seite 65]
5.2.4.5 - 2.4.5 Incident Response Team [Seite 65]
5.2.4.6 - 2.4.6 Malicious Insiders [Seite 66]
5.2.5 - 2.5 Conclusion [Seite 67]
5.2.6 - References [Seite 67]
5.3 - Chapter 3 Confidentiality of Data in the Cloud: Conflicts Between Security and Cost [Seite 69]
5.3.1 - 3.1 Introduction [Seite 69]
5.3.2 - 3.2 Background [Seite 69]
5.3.3 - 3.3 Confidentiality: Threats and Adversaries [Seite 72]
5.3.4 - 3.4 Achieving Data Confidentiality in Cloud Storage Systems [Seite 73]
5.3.4.1 - 3.4.1 Cryptographic Solutions [Seite 73]
5.3.4.1.1 - 3.4.1.1 Stage Encryption [Seite 73]
5.3.4.1.2 - 3.4.1.2 End-to-End Encryption [Seite 74]
5.3.5 - 3.5 Reducing Cloud Storage System Costs through Data-Reduction Techniques [Seite 75]
5.3.6 - 3.6 Reconciling Data Reduction and Confidentiality [Seite 77]
5.3.6.1 - 3.6.1 Existing Techniques [Seite 78]
5.3.7 - 3.7 Trusted Decrypter [Seite 80]
5.3.7.1 - 3.7.1 Overview [Seite 80]
5.3.7.2 - 3.7.2 Secure Data-Reduction Operations [Seite 82]
5.3.7.2.1 - 3.7.2.1 Preliminaries [Seite 82]
5.3.7.2.2 - 3.7.2.2 Detailed Secure Data-Reduction Operations [Seite 83]
5.3.7.2.3 - 3.7.2.3 Write Requests [Seite 84]
5.3.7.2.4 - 3.7.2.4 Read Requests [Seite 85]
5.3.7.2.5 - 3.7.2.5 Rekeying Requests [Seite 85]
5.3.7.2.6 - 3.7.2.6 File Deletion [Seite 86]
5.3.7.2.7 - 3.7.2.7 Offboarding Requests [Seite 86]
5.3.7.2.8 - 3.7.2.8 Secure Data Deletion [Seite 86]
5.3.7.3 - 3.7.3 Securing the Critical Module [Seite 86]
5.3.7.4 - 3.7.4 Security Analysis [Seite 88]
5.3.7.4.1 - 3.7.4.1 Data Confidentiality [Seite 88]
5.3.7.4.2 - 3.7.4.2 Data Confidentiality in the Presence of Deduplication [Seite 89]
5.3.7.4.3 - 3.7.4.3 Security Impact of Different Technologies [Seite 89]
5.3.7.5 - 3.7.5 TD Overhead and Performance Implications [Seite 90]
5.3.8 - 3.8 Future Directions for Cloud Storage Confidentiality with Low Cost [Seite 92]
5.3.8.1 - 3.8.1 Hardware Trends [Seite 92]
5.3.8.2 - 3.8.2 New Cryptographic Techniques [Seite 92]
5.3.8.3 - 3.8.3 Usability of Cryptographic Key Management [Seite 93]
5.3.8.4 - 3.8.4 Trusted Execution Environments [Seite 93]
5.3.8.5 - 3.8.5 Privacy and Side?Channel Attacks [Seite 94]
5.3.9 - 3.9 Conclusions [Seite 94]
5.3.10 - References [Seite 95]
5.4 - Chapter 4 Access Control in Cloud IaaS [Seite 99]
5.4.1 - 4.1 Introduction [Seite 99]
5.4.2 - 4.2 Background [Seite 100]
5.4.3 - 4.3 Access Control in OpenStack Cloud IaaS [Seite 101]
5.4.3.1 - 4.3.1 OpenStack Access-Control Model [Seite 101]
5.4.3.2 - 4.3.2 Secure Information and Resource-Sharing Model in OpenStack [Seite 104]
5.4.3.2.1 - 4.3.2.1 Administrative OSAC-HMT-SID Model [Seite 106]
5.4.4 - 4.4 Access Control in AWS Cloud IaaS [Seite 108]
5.4.4.1 - 4.4.1 AWS Access-Control Model [Seite 109]
5.4.4.2 - 4.4.2 Secure Information and Resource-Sharing Model in AWS [Seite 111]
5.4.4.2.1 - 4.4.2.1 Administrative AWS-AC-SID Model [Seite 114]
5.4.5 - 4.5 Access Control in Azure Cloud IaaS [Seite 117]
5.4.5.1 - 4.5.1 Azure Access-Control Model [Seite 117]
5.4.5.2 - 4.5.2 Secure Information and Resource-Sharing Model in Azure [Seite 120]
5.4.5.2.1 - 4.5.2.1 Administrative Azure-AC-SID Model [Seite 123]
5.4.6 - 4.6 Conclusions [Seite 125]
5.4.7 - References [Seite 125]
5.5 - Chapter 5 Cloud Security and Privacy Management [Seite 127]
5.5.1 - 5.1 Introduction and Background [Seite 127]
5.5.2 - 5.2 Security and Privacy Analysis [Seite 129]
5.5.2.1 - 5.2.1 Vulnerability Assessment [Seite 129]
5.5.2.2 - 5.2.2 Risk Exposure Assessment and Management [Seite 130]
5.5.2.3 - 5.2.3 Privacy Assessment Aspect [Seite 134]
5.5.3 - 5.3 Best Security Practices and Recommendation [Seite 135]
5.5.4 - 5.4 Use Case Example: Microsoft Office 365, SaaS Version [Seite 136]
5.5.5 - 5.5 Current Trends and Future Direction [Seite 143]
5.5.6 - 5.6 Related Works [Seite 143]
5.5.7 - 5.7 Conclusion [Seite 144]
5.5.8 - Acknowledgments [Seite 144]
5.5.9 - References [Seite 144]
5.6 - Chapter 6 Hacking and Countermeasures in the Cloud [Seite 147]
5.6.1 - 6.1 Introduction [Seite 147]
5.6.2 - 6.2 Background [Seite 148]
5.6.3 - 6.3 Cloud Security Threats [Seite 148]
5.6.3.1 - 6.3.1 Resource Exhaustion Attacks (DoS Attacks) [Seite 149]
5.6.3.2 - 6.3.2 Attacks on the Cloud Interface [Seite 149]
5.6.3.3 - 6.3.3 Attacks on Cloud Infrastructure [Seite 149]
5.6.3.4 - 6.3.4 Malware Propagation [Seite 150]
5.6.3.5 - 6.3.5 Malicious Insiders [Seite 150]
5.6.3.6 - 6.3.6 Data Breaches and Losses [Seite 150]
5.6.3.7 - 6.3.7 Abuse of Cloud Resources [Seite 150]
5.6.3.8 - 6.3.8 Attacks on Virtualization [Seite 151]
5.6.4 - 6.4 Cloud Security Countermeasures [Seite 152]
5.6.5 - 6.5 Hacking the Cloud: Reality Check [Seite 154]
5.6.6 - 6.6 Future of Cloud Security [Seite 155]
5.6.6.1 - 6.6.1 Cloud Security for the IoT [Seite 156]
5.6.7 - 6.7 Conclusions [Seite 157]
5.6.8 - References [Seite 157]
5.7 - Chapter 7 Risk Management and Disaster Recovery in the Cloud [Seite 161]
5.7.1 - 7.1 Introduction [Seite 161]
5.7.2 - 7.2 Background [Seite 161]
5.7.3 - 7.3 Consequence-Centric Security Assessment [Seite 163]
5.7.3.1 - 7.3.1 High-Level Overview of Cloud Risk Assessment and Disaster Recovery [Seite 164]
5.7.3.2 - 7.3.2 Cloud Security Consequence Tree [Seite 166]
5.7.3.3 - 7.3.3 Cloud-Based Dependency Graph [Seite 168]
5.7.3.4 - 7.3.4 Cloud Security Evaluation [Seite 171]
5.7.4 - 7.4 Future Directions [Seite 172]
5.7.5 - 7.5 Conclusions [Seite 173]
5.8 - Chapter 8 Cloud Auditing and Compliance [Seite 175]
5.8.1 - 8.1 Introduction [Seite 175]
5.8.2 - 8.2 Background [Seite 175]
5.8.3 - 8.3 Cloud Auditing [Seite 180]
5.8.3.1 - 8.3.1 Amplified Cloud Security Problems [Seite 181]
5.8.3.2 - 8.3.2 Cloud-Specific Security Problems [Seite 183]
5.8.3.3 - 8.3.3 Correlation of Cloud Security Issues and Research Efforts [Seite 185]
5.8.4 - 8.4 Cloud Compliance [Seite 188]
5.8.4.1 - 8.4.1 Data Integrity [Seite 194]
5.8.4.2 - 8.4.2 Data Confidentiality [Seite 195]
5.8.4.3 - 8.4.3 Data Availability [Seite 196]
5.8.4.4 - 8.4.4 Data Privacy [Seite 197]
5.8.4.5 - 8.4.5 Dataflows [Seite 198]
5.8.4.6 - 8.4.6 The Need for Compliance [Seite 199]
5.8.5 - 8.5 Future Research Directions for Cloud Auditing and Compliance [Seite 201]
5.8.6 - 8.6 Conclusion [Seite 202]
5.8.7 - References [Seite 203]
5.8.8 - Further Reading [Seite 205]
5.9 - Chapter 9 Security-as-a-Service (SECaaS) in the Cloud [Seite 207]
5.9.1 - 9.1 Introduction [Seite 207]
5.9.2 - 9.2 Related Work [Seite 210]
5.9.3 - 9.3 Security-as-a-Service Framework [Seite 212]
5.9.4 - 9.4 Conclusions [Seite 217]
5.9.5 - References [Seite 217]
6 - Part II Cloud Forensics [Seite 219]
6.1 - Chapter 10 Cloud Forensics: Model, Challenges, and Approaches [Seite 221]
6.1.1 - 10.1 Introduction [Seite 221]
6.1.2 - 10.2 Background [Seite 222]
6.1.2.1 - 10.2.1 Cloud Computing [Seite 222]
6.1.2.2 - 10.2.2 Digital Forensics [Seite 224]
6.1.3 - 10.3 Process and Model of Cloud Forensics [Seite 225]
6.1.3.1 - 10.3.1 Forensics Moving into the Cloud [Seite 226]
6.1.3.2 - 10.3.2 Cloud Forensics Process [Seite 226]
6.1.3.2.1 - 10.3.2.1 Digital Evidence Collection and Extraction [Seite 226]
6.1.3.2.2 - 10.3.2.2 Evidence Analysis and Fixation [Seite 228]
6.1.3.3 - 10.3.3 Dynamic Cloud Forensics Model [Seite 228]
6.1.4 - 10.4 Cloud Forensics Methods, Approaches, and Tools [Seite 229]
6.1.4.1 - 10.4.1 Methods and Approaches [Seite 229]
6.1.4.2 - 10.4.2 Tools [Seite 231]
6.1.5 - 10.5 Challenges in Cloud Forensics [Seite 231]
6.1.6 - 10.6 Conclusions [Seite 232]
6.1.7 - References [Seite 232]
6.2 - Chapter 11 Cyberterrorism in the Cloud: Through a Glass Darkly [Seite 235]
6.2.1 - 11.1 Introduction [Seite 235]
6.2.2 - 11.2 What Is Terrorism? [Seite 236]
6.2.3 - 11.3 Defining Cyberterrorism [Seite 238]
6.2.4 - 11.4 Cyberterrorism vs. Terrorist Use of Cyberspace [Seite 239]
6.2.5 - 11.5 Cyberterrorism in the Cloud [Seite 240]
6.2.5.1 - 11.5.1 The Cloud Context [Seite 240]
6.2.5.2 - 11.5.2 How Terrorists Might Use the Cloud [Seite 241]
6.2.6 - 11.6 The Benefits of the Cloud to Cyberterrorists [Seite 243]
6.2.6.1 - 11.6.1 The Challenges of the Cloud for Cyberterrorists [Seite 244]
6.2.7 - 11.7 Cyberlaw and Cyberterrorism [Seite 245]
6.2.8 - 11.8 Conclusion: Through a Glass Darkly [Seite 248]
6.2.9 - References [Seite 250]
6.3 - Chapter 12 Digital Forensic Process and Model in the Cloud [Seite 257]
6.3.1 - 12.1 Introduction [Seite 257]
6.3.2 - 12.2 Digital Forensics Models [Seite 258]
6.3.2.1 - 12.2.1 Digital Forensic Framework Model Development [Seite 258]
6.3.2.2 - 12.2.2 Digital Forensic Research Workshop (DFRWS) Investigative Model (2001) [Seite 259]
6.3.2.3 - 12.2.3 Abstract Digital Forensic Model (ADFM) (2002) [Seite 260]
6.3.2.4 - 12.2.4 Integrated Digital Investigation Process (IDIP) (2003) [Seite 260]
6.3.2.5 - 12.2.5 Enhanced Integrated Digital Investigation Process (EIDIP) (2004) [Seite 260]
6.3.2.6 - 12.2.6 Discussion [Seite 261]
6.3.3 - 12.3 Cloud Forensics Process and Model [Seite 261]
6.3.4 - 12.4 Toward a New Cloud Forensics Model [Seite 264]
6.3.4.1 - 12.4.1 Model [Seite 264]
6.3.4.2 - 12.4.2 Pre-Search [Seite 266]
6.3.4.3 - 12.4.3 Search Stage [Seite 266]
6.3.4.4 - 12.4.4 Post-Search Investigation Stage [Seite 268]
6.3.5 - 12.5 Evaluation and Analysis [Seite 269]
6.3.5.1 - 12.5.1 Search Stage [Seite 269]
6.3.5.1.1 - 12.5.1.1 Secure the Scene/Onsite Infrastructural Questionnaire [Seite 269]
6.3.5.1.2 - 12.5.1.2 Acquisition of the Gmail Account [Seite 270]
6.3.5.1.3 - 12.5.1.3 Acquisition of Pertinent Network Data [Seite 270]
6.3.5.1.4 - 12.5.1.4 Seizure of Devices [Seite 270]
6.3.5.2 - 12.5.2 Results/Report [Seite 270]
6.3.6 - 12.6 Conclusion [Seite 271]
6.3.7 - References [Seite 271]
6.4 - Chapter 13 Data Acquisition in the Cloud [Seite 275]
6.4.1 - 13.1 Introduction [Seite 275]
6.4.2 - 13.2 Background [Seite 276]
6.4.2.1 - 13.2.1 Inside the Internet [Seite 276]
6.4.2.2 - 13.2.2 Law Enforcement Interventions in Cybercrime [Seite 277]
6.4.3 - 13.3 Data Center as a Source of Evidence [Seite 277]
6.4.4 - 13.4 Cloud Service Providers: Essential Requirements, Governance, and Challenges [Seite 278]
6.4.4.1 - 13.4.1 Business Model [Seite 279]
6.4.4.2 - 13.4.2 Legal Environment of Operations [Seite 279]
6.4.4.2.1 - 13.4.2.1 Jurisdictional Issues [Seite 279]
6.4.4.2.2 - 13.4.2.2 Permissibility of Encryption and Expectation of Privacy [Seite 281]
6.4.4.2.3 - 13.4.2.3 Summary [Seite 281]
6.4.5 - 13.5 Cloud Storage Forensics [Seite 282]
6.4.6 - 13.6 Case Study 1: Finding Data Centers on the Internet in Data?Dense Environments [Seite 283]
6.4.6.1 - 13.6.1 Traditional Techniques [Seite 284]
6.4.6.1.1 - 13.6.1.1 Traceroute [Seite 284]
6.4.6.1.2 - 13.6.1.2 WHOIS Analysis [Seite 284]
6.4.6.1.3 - 13.6.1.3 Open Source Intelligence [Seite 285]
6.4.6.1.4 - 13.6.1.4 Routing Analysis [Seite 285]
6.4.6.1.5 - 13.6.1.5 Hop Analysis [Seite 285]
6.4.6.1.6 - 13.6.1.6 Previous Data Reported [Seite 285]
6.4.6.2 - 13.6.2 Three-Phase Approach [Seite 285]
6.4.6.2.1 - 13.6.2.1 Phase One: Data Gathering [Seite 285]
6.4.6.2.2 - 13.6.2.2 Phase Two: Answering Questions Based on the Gathered Results [Seite 286]
6.4.6.2.3 - 13.6.2.3 Phase Three: Making Choices About What to Do Next [Seite 286]
6.4.6.3 - 13.6.3 Experiments [Seite 288]
6.4.6.3.1 - 13.6.3.1 Platform [Seite 288]
6.4.6.3.2 - 13.6.3.2 Findings and Analysis [Seite 289]
6.4.7 - 13.7 Case Study 2: Cloud Forensics for the Amazon Simple Storage Service [Seite 292]
6.4.7.1 - 13.7.1 Approach and Experiments [Seite 293]
6.4.7.2 - 13.7.2 Findings and Analysis [Seite 294]
6.4.7.2.1 - 13.7.2.1 Collecting Evidence via Internet [Seite 297]
6.4.7.3 - 13.7.3 Discussion [Seite 297]
6.4.8 - 13.8 Conclusion [Seite 299]
6.4.9 - References [Seite 299]
6.5 - Chapter 14 Digital Evidence Management, Presentation, and Court Preparation in the Cloud: A Forensic Readiness Approach [Seite 301]
6.5.1 - 14.1 Introduction [Seite 301]
6.5.2 - 14.2 Cloud Forensics and Challenges [Seite 302]
6.5.2.1 - 14.2.1 Technical [Seite 302]
6.5.2.2 - 14.2.2 Organizational [Seite 302]
6.5.2.3 - 14.2.3 Legal [Seite 302]
6.5.3 - 14.3 Digital Forensics Readiness [Seite 303]
6.5.4 - 14.4 Cloud Forensics Readiness [Seite 305]
6.5.4.1 - 14.4.1 Reference Architecture for a Cloud Forensics Readiness System: An Attempt [Seite 306]
6.5.4.2 - 14.4.2 Operations in a CFRS [Seite 307]
6.5.4.3 - 14.4.3 Forensics Readiness System Constraints [Seite 308]
6.5.4.4 - 14.4.4 CFRS Advantages [Seite 308]
6.5.5 - 14.5 Forensics Readiness in Evidence Management, Presentation, and Court Preparation [Seite 309]
6.5.5.1 - 14.5.1 SLA in Cloud Forensics Readiness [Seite 309]
6.5.5.1.1 - 14.5.1.1 Service Level Agreements [Seite 309]
6.5.5.1.2 - 14.5.1.2 Service Level Agreement Interaction [Seite 310]
6.5.5.1.3 - 14.5.1.3 Contractual Constraints [Seite 310]
6.5.5.1.4 - 14.5.1.4 SLO Selection [Seite 311]
6.5.5.1.5 - 14.5.1.5 SLO and Security Threats [Seite 311]
6.5.5.1.6 - 14.5.1.6 Court Presentation [Seite 312]
6.5.5.2 - 14.5.2 Formal Model [Seite 312]
6.5.6 - 14.6 Conclusion [Seite 313]
6.5.7 - References [Seite 314]
6.6 - Chapter 15 Analysis of Cloud Digital Evidence [Seite 319]
6.6.1 - 15.1 Introduction [Seite 319]
6.6.1.1 - 15.1.1 Cloud Forensics as a Reactive Technology [Seite 319]
6.6.1.2 - 15.1.2 The New Forensics Landscape [Seite 320]
6.6.1.3 - 15.1.3 Adapting to the New Landscape [Seite 322]
6.6.1.4 - 15.1.4 Summary [Seite 323]
6.6.2 - 15.2 Background [Seite 323]
6.6.2.1 - 15.2.1 Software-as-a-Service (SaaS) [Seite 324]
6.6.2.2 - 15.2.2 Platform-as-a-Service (PaaS) [Seite 325]
6.6.2.3 - 15.2.3 Infrastructure-as-a-Service (IaaS) [Seite 325]
6.6.3 - 15.3 Current Approaches [Seite 325]
6.6.3.1 - 15.3.1 SaaS Forensics [Seite 326]
6.6.3.1.1 - 15.3.1.1 Cloud-Native Application Forensics [Seite 326]
6.6.3.1.2 - 15.3.1.2 Cloud Drive Forensics [Seite 328]
6.6.3.1.3 - 15.3.1.3 Building New Tools for SaaS Forensics [Seite 329]
6.6.3.2 - 15.3.2 PaaS/IaaS Forensics [Seite 330]
6.6.4 - 15.4 Proposed Comprehensive Approaches [Seite 330]
6.6.4.1 - 15.4.1 Procedural Expansion of Existing Forensic Practices [Seite 331]
6.6.4.2 - 15.4.2 API-Centric Acquisition and Processing [Seite 332]
6.6.4.3 - 15.4.3 Audit-Centric Forensic Services [Seite 333]
6.6.5 - 15.5 Discussion [Seite 335]
6.6.6 - 15.6 Conclusions [Seite 335]
6.6.7 - References [Seite 336]
6.7 - Chapter 16 Forensics-as-a-Service (FaaS) in the State-of-the-Art Cloud [Seite 339]
6.7.1 - 16.1 Introduction [Seite 339]
6.7.1.1 - 16.1.1 Current State of Cloud Computing [Seite 340]
6.7.1.2 - 16.1.2 What Is This Chapter About? [Seite 340]
6.7.1.3 - 16.1.3 Chapter Road Map [Seite 341]
6.7.2 - 16.2 Background and Motivation [Seite 341]
6.7.2.1 - 16.2.1 Limitations of Traditional Computer Forensics - Now and Forever [Seite 341]
6.7.2.2 - 16.2.2 Potential of Looking Up to the Cloud - Forensics?as?a?Service [Seite 342]
6.7.3 - 16.3 State of the Art in Parallel and Distributed Forensic Analysis [Seite 343]
6.7.3.1 - 16.3.1 GPU-Based Distributed Forensic Analysis [Seite 343]
6.7.3.1.1 - 16.3.1.1 XML Information Retrieval Approach to Digital Forensics (XIRAF) [Seite 344]
6.7.3.1.2 - 16.3.1.2 Hansken: Digital Forensics as a Service (DFaaS) Successor to XIRAF [Seite 345]
6.7.3.1.3 - 16.3.1.3 MPI MapReduce (MMR) [Seite 346]
6.7.3.1.4 - 16.3.1.4 GRR Rapid Response Framework [Seite 346]
6.7.3.1.5 - 16.3.1.5 A Scalable File-Based Data Store for Forensic Analysis [Seite 347]
6.7.3.1.6 - 16.3.1.6 Forensics-as-a-Service [Seite 348]
6.7.3.1.7 - 16.3.1.7 Data Deduplication Driven Acceleration of Forensic Analysis [Seite 348]
6.7.3.2 - 16.3.2 Limitations in State-of-the-Art Research and Tools [Seite 349]
6.7.3.3 - 16.3.3 Cloud-Based Forensics-as-a-Service (FaaS) [Seite 350]
6.7.3.3.1 - 16.3.3.1 Security and Privacy Requirements [Seite 350]
6.7.3.3.2 - 16.3.3.2 Regulatory and Legal Requirements [Seite 351]
6.7.3.3.3 - 16.3.3.3 Design Requirements [Seite 351]
6.7.3.3.4 - 16.3.3.4 Benefits of Provisioning Cloud?Based Forensics?as?a?Service [Seite 352]
6.7.4 - 16.4 Conclusion and Future Research Direction [Seite 352]
6.7.5 - References [Seite 353]
7 - Index [Seite 357]
8 - EULA [Seite 370]
