Managing forensic recovery in the cloud

George R. S. Weir, Andreas Aßmuth, Nicholas Jäger

Research output: Contribution to conferencePaper

Abstract

As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'.

Conference

ConferenceCloud Computing 2018
CountrySpain
CityBarcelona
Period18/02/1822/02/18
Internet address

Fingerprint

Recovery
Monitoring
Fires
Data storage equipment

Keywords

  • cloud security
  • forensic readiness
  • message authentication codes
  • secret sharing

Cite this

Weir, G. R. S., Aßmuth, A., & Jäger, N. (Accepted/In press). Managing forensic recovery in the cloud. Paper presented at Cloud Computing 2018, Barcelona, Spain.
Weir, George R. S. ; Aßmuth, Andreas ; Jäger, Nicholas . / Managing forensic recovery in the cloud. Paper presented at Cloud Computing 2018, Barcelona, Spain.6 p.
@conference{346c2e1bf44144d5b0bb294f4988d477,
title = "Managing forensic recovery in the cloud",
abstract = "As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'.",
keywords = "cloud security, forensic readiness, message authentication codes, secret sharing",
author = "Weir, {George R. S.} and Andreas A{\ss}muth and Nicholas J{\"a}ger",
year = "2018",
month = "1",
day = "12",
language = "English",
note = "Cloud Computing 2018 : The Ninth International Conference on Cloud Computing, GRIDs, and Virtualization ; Conference date: 18-02-2018 Through 22-02-2018",
url = "http://www.iaria.org/conferences2018/CLOUDCOMPUTING18.html",

}

Weir, GRS, Aßmuth, A & Jäger, N 2018, 'Managing forensic recovery in the cloud' Paper presented at Cloud Computing 2018, Barcelona, Spain, 18/02/18 - 22/02/18, .

Managing forensic recovery in the cloud. / Weir, George R. S.; Aßmuth, Andreas; Jäger, Nicholas .

2018. Paper presented at Cloud Computing 2018, Barcelona, Spain.

Research output: Contribution to conferencePaper

TY - CONF

T1 - Managing forensic recovery in the cloud

AU - Weir, George R. S.

AU - Aßmuth, Andreas

AU - Jäger, Nicholas

PY - 2018/1/12

Y1 - 2018/1/12

N2 - As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'.

AB - As organisations move away from locally hosted computer services toward Cloud platforms, there is a corresponding need to ensure the forensic integrity of such instances. The primary reasons for concern are (i) the locus of responsibility, and (ii) the associated risk of legal sanction and financial penalty. Building upon previously proposed techniques for intrusion monitoring, we highlight the multi-level interpretation problem, propose enhanced monitoring of Cloud-based systems at diverse operational and data storage level as a basis for review of historical change across the hosted system and afford scope to identify any data impact from hostile action or 'friendly fire'.

KW - cloud security

KW - forensic readiness

KW - message authentication codes

KW - secret sharing

UR - https://www.iaria.org/conferences2018/CLOUDCOMPUTING18.html

M3 - Paper

ER -

Weir GRS, Aßmuth A, Jäger N. Managing forensic recovery in the cloud. 2018. Paper presented at Cloud Computing 2018, Barcelona, Spain.