Digital Forensics Evidence Acquisition and Chain of Custody in Cloud Computing
The new cloud computing concept delivers an adaptable service to many users. This is due to the fact that cloud computing offers an economic solution based on pay-per use idea. At the same time, digital forensics is a relatively new discipline born out due to the growing use of computing and digital solution. Digital forensics in cloud computing brings new technical and legal challenges (e.g. the remote nature of the evidence, trust required in the integrity and authenticity, and lack of physical access.) Digital forensics difficulties in cloud computing comprise acquisition of remote data, chain of custody, distributed and elastic data, big data volumes, and ownership. In the literature, there are many schemes that deal with these issues. In 2013, Hou et al. proposed a scheme to verify data authenticity and integrity in server-aided confidential forensic investigation. The authenticity and integrity are two essential requirements for the evidence admitted in court. The aim of this paper is twofold. First, to introduce a new concept for digital artifacts acquisition in cloud computing as a consolidation between digital forensic and cloud computing. This concept guarantees safe investigation to trusted digital evidence. Secondly, to analyze Hou et al.s scheme with respect to its claimed integrity and authenticity properties. Our analysis shows that Hou et al.s scheme does not satisfy the claimed integrity and authenticity in server-aided confidential forensics investigation. To achieve the authenticity, confidentiality and integrity of evidence in cloud, we illustrate how encryption and digital signature algorithms could be used within different designs to ensure confidentiality and chain of custody for the digital forensics process in the cloud.
Keywords: Cloud Computing, Digital Forensics, Digital Evidence Acquisition, Digital Investigation, Trusted Digital Evidence, Chain of Custody, Encryption, Digital Signature.
Download Full-Text
ABOUT THE AUTHORS
Mahmoud M. Nasreldin
Mahmoud M. Nasreldin is a Ph.D. student at the Electronics and Telecommunication Department in Ain Shams University, Cairo, Egypt. He received his B.Sc. degree in Electronics and Telecommunications Engineering from the Faculty of Engineering, Cairo University, Egypt
Magdy El-Hennawy
Magdy El-Hennawy is a Computer Science & Information Technology Professor at Shorouk Academy, Cairo, Egypt. He received his B.Sc. degree from the Faculty of Engineering, Ain Shames University, Cairo, Egypt. He obtained his Master degree in Performance Evaluation of Security and Integrity Measures for Database Systems from the same Faculty, as well as, his Ph.D. degree in Cryptographic Engineering for Securing Information Exchanged over the Internet. During his professional career, he was a senior engineer, deputy manager, and the manager of an Information System Centre, that is specialized in building, rolling out, operating, supporting and maintaining distributed systems over geographically distributed locations.
Heba K. Aslan
Heba Kamal Aslan is a Professor at Electronics Research Institute, Cairo-Egypt. She received her B.Sc. degree, M.Sc. degree and Ph.D. degree in Electronics and Communications Engineering from the Faculty of Engineering, Cairo University, Egypt in 1990, 1994 and 1998 respectively. Aslan has supervised several masters and Ph.D. students in the field of computer networks security. Her research interests include: Key Distribution Protocols, Authentication Protocols, Logical Analysis of Protocols and Intrusion Detection Systems.
Adel El-Hennawy
Adel El-Hennawy is a Telecommunication and Electronics Engineering Professor at Ain Shams University, Cairo, Egypt.
Mahmoud M. Nasreldin
Mahmoud M. Nasreldin is a Ph.D. student at the Electronics and Telecommunication Department in Ain Shams University, Cairo, Egypt. He received his B.Sc. degree in Electronics and Telecommunications Engineering from the Faculty of Engineering, Cairo University, Egypt
Magdy El-Hennawy
Magdy El-Hennawy is a Computer Science & Information Technology Professor at Shorouk Academy, Cairo, Egypt. He received his B.Sc. degree from the Faculty of Engineering, Ain Shames University, Cairo, Egypt. He obtained his Master degree in Performance Evaluation of Security and Integrity Measures for Database Systems from the same Faculty, as well as, his Ph.D. degree in Cryptographic Engineering for Securing Information Exchanged over the Internet. During his professional career, he was a senior engineer, deputy manager, and the manager of an Information System Centre, that is specialized in building, rolling out, operating, supporting and maintaining distributed systems over geographically distributed locations.
Heba K. Aslan
Heba Kamal Aslan is a Professor at Electronics Research Institute, Cairo-Egypt. She received her B.Sc. degree, M.Sc. degree and Ph.D. degree in Electronics and Communications Engineering from the Faculty of Engineering, Cairo University, Egypt in 1990, 1994 and 1998 respectively. Aslan has supervised several masters and Ph.D. students in the field of computer networks security. Her research interests include: Key Distribution Protocols, Authentication Protocols, Logical Analysis of Protocols and Intrusion Detection Systems.
Adel El-Hennawy
Adel El-Hennawy is a Telecommunication and Electronics Engineering Professor at Ain Shams University, Cairo, Egypt.
