Security, Privacy, and Digital Forensics in the Cloud

LEI CHEN, PHD, is tenured Associate Professor with the Department of Information Technology at Georgia Southern University, Statesboro, Georgia, USA. HASSAN TAKABI, PHD, is tenure-track Assistant Professor with the Department of Computer Science and Engineering, University of North Texas, Denton, Texas, USA. NHIEN-AN LE-KHAC, PHD, is Lecturer with the School of Computer Science at University College Dublin, Ireland.

List of Contributors xv

Part I Cloud Security and Privacy 1

1 Introduction to the Cloud and Fundamental Security and Privacy Issues of the Cloud 3
Hassan Takabi and Mohammad GhasemiGol

1.1 Introduction 3

1.2 Cloud Computing and Security Issues 4

1.3 Identity Security in the Cloud 9

1.4 Information Security in the Cloud 9

1.5 Cloud Security Standards 16

1.6 Conclusion 20

References 20

2 Cloud Infrastructure Security 23
Mohammad GhasemiGol

2.1 Introduction 23

2.2 Infrastructure Security in the Cloud 24

2.3 Infrastructure Security Analysis in Some Clouds 31

2.4 Protecting Cloud Infrastructure 45

2.5 Conclusion 49

References 49

3 Confidentiality of Data in the Cloud: Conflicts Between Security and Cost 51
Nathalie Baracaldo and Joseph Glider

3.1 Introduction 51

3.2 Background 51

3.3 Confidentiality: Threats and Adversaries 54

3.4 Achieving Data Confidentiality in Cloud Storage Systems 55

3.5 Reducing Cloud Storage System Costs through Data‐Reduction Techniques 57

3.6 Reconciling Data Reduction and Confidentiality 59

3.7 Trusted Decrypter 62

3.8 Future Directions for Cloud Storage Confidentiality with Low Cost 74

3.9 Conclusions 76

References 77

4 Access Control in Cloud IaaS 81
Yun Zhang, Ram Krishnan, Farhan Patwa, and Ravi Sandhu

4.1 Introduction 81

4.2 Background 82

4.3 Access Control in OpenStack Cloud IaaS 83

4.4 Access Control in AWS Cloud IaaS 90

4.5 Access Control in Azure Cloud IaaS 99

4.6 Conclusions 107

References 107

5 Cloud Security and Privacy Management 109
Patrick Kamongi

5.1 Introduction and Background 109

5.2 Security and Privacy Analysis 111

5.3 Best Security Practices and Recommendation 117

5.4 Use Case Example: Microsoft Office 365, SaaS Version 118

5.5 Current Trends and Future Direction 125

5.6 Related Works 125

5.7 Conclusion 126

Acknowledgments 126

References 126

6 Hacking and Countermeasures in the Cloud 129
Farzaneh Abazari, Hassan Takabi, and Morteza Analoui

6.1 Introduction 129

6.2 Background 130

6.3 Cloud Security Threats 130

6.4 Cloud Security Countermeasures 134

6.5 Hacking the Cloud: Reality Check 136

6.6 Future of Cloud Security 137

6.6.1 Cloud Security for the IoT 138

6.7 Conclusions 139

References 139

7 Risk Management and Disaster Recovery in the Cloud 143
Saman Zonouz

7.1 Introduction 143

7.2 Background 143

7.3 Consequence‐ Centric Security Assessment 145

7.4 Future Directions 154

7.5 Conclusions 155

8 Cloud Auditing and Compliance 157
Paolina Centonze

8.1 Introduction 157

8.2 Background 157

8.3 Cloud Auditing 162

8.4 Cloud Compliance 170

8.5 Future Research Directions for Cloud Auditing and Compliance 183

8.6 Conclusion 184

References 185

Further Reading 187

9 Security‐as‐a‐Service (SECaaS) in the Cloud 189
Saman Taghavi Zargar, Hassan Takabi, and Jay Iyer

9.1 Introduction 189

9.2 Related Work 192

9.3 Security‐ as‐a‐Service Framework 194

9.4 Conclusions 199

References 199

Part II Cloud Forensics 201

10 Cloud Forensics: Model, Challenges, and Approaches 203
Lei Chen, Nhien‐An Le‐Khac, Sebastian Schlepphorst, and Lanchuan Xu

10.1 Introduction 203

10.2 Background 204

10.3 Process and Model of Cloud Forensics 207

10.4 Cloud Forensics Methods, Approaches, and Tools 211

10.5 Challenges in Cloud Forensics 213

10.6 Conclusions 214

References 214

11 Cyberterrorism in the Cloud: Through a Glass Darkly 217
Barry Cartwright, George R. S. Weir, and Richard Frank

11.1 Introduction 217

11.2 What is Terrorism? 218

11.3 Defining Cyberterrorism 220

11.4 Cyberterrorism vs. Terrorist Use of Cyberspace 221

11.5 Cyberterrorism in the Cloud 222

11.6 The Benefits of the Cloud to Cyberterrorists 225

11.7 Cyberlaw and Cyberterrorism 227

11.8 Conclusion: Through a Glass Darkly 230

References 232

12 Digital Forensic Process and Model in the Cloud 239
Nhien‐An Le‐Khac, James Plunkett, M‐Tahar Kechadi, and Lei Chen

12.1 Introduction 239

12.2 Digital Forensics Models 240

12.3 Cloud Forensics Process and Model 243

12.4 Toward a New Cloud Forensics Model 246

12.5 Evaluation and Analysis 251

12.6 Conclusion 253

References 253

13 Data Acquisition in the Cloud 257
Nhien‐An Le‐Khac, Michel Mollema, Robert Craig, Steven Ryder, and Lei Chen

13.1 Introduction 257

13.2 Background 258

13.3 Data Center as a Source of Evidence 259

13.4 Cloud Service Providers: Essential Requirements, Governance, and Challenges 260

13.4.1 Business Model 261

13.5 Cloud Storage Forensics 264

13.6 Case Study 1: Finding Data Centers on the Internet in Data‐Dense Environments 265

13.7 Case Study 2: Cloud Forensics for the Amazon Simple Storage Service 274

13.8 Conclusion 281

References 281

14 Digital Evidence Management, Presentation, and Court Preparation in the Cloud: A Forensic Readiness Approach 283
Lucia De Marco, Nhien‐An Le‐Khac, and M‐Tahar Kechadi

14.1 Introduction 283

14.2 Cloud Forensics and Challenges 284

14.3 Digital Forensics Readiness 285

14.4 Cloud Forensics Readiness 287

14.5 Forensics Readiness in Evidence Management, Presentation, and Court Preparation 291

14.6 Conclusion 295

References 296

15 Analysis of Cloud Digital Evidence 301
Irfan Ahmed and Vassil Roussev

15.1 Introduction 301

15.2 Background 305

15.3 Current Approaches 307

15.4 Proposed Comprehensive Approaches 312

15.5 Discussion 317

15.6 Conclusions 317

References 318

16 Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud 321
Avinash Srinivasan and Frank Ferrese

16.1 Introduction 321

16.2 Background and Motivation 323

16.3 State of the Art in Parallel and Distributed Forensic Analysis 325

16.4 Conclusion and Future Research Direction 334

References 335

Index 339