dc.description.abstract | The rapid growth of cloud computing and the ever increasing demand for computing resources is
gradually driving the migration from the traditional on-premise ICT infrastructure to the Cloud
Computing Space. As the trend continues, adoption of cloud solutions by public sector
institutions will continue to gain traction as well. It is therefore paramount that mechanisms are
put in place to ensure safety and security of both enterprise Systems and data that significantly
falls under the control of cloud service providers and could easily be exposed to the risks of
cyber crime and Fraud.
Traditional digital forensics techniques are often challenged by the nature and environments
presented by cloud architectures where, infrastructure is largely distributed, computing resources
are shared among subscribers especially in multi-tenancy arrangements and location of
provisioning systems is often unreachable.
This study focuses on the Infrastructure as a Service model and identifies the required needs of
overcoming the challenges mentioned. Further, the study proposes the persistent cloud forensics
framework to aid in the carrying out of digital forensics for public sector institutions where
involvement of cloud service providers is avoided in carrying out cloud forensics.
This study advances a framework where cloud resources can autonomously transmit evidentiary
logs of system and user transactions that are securely stored in a remote repository and are made
available to investigative agencies mandated to prosecute crimes perpetrated through the cloud
resources. The proposed framework provides a form of autonomous log aggregation that is
devoid of any intervention from service providers and cloud users, while providing a solution on
investigative issues such as collusion, chain of custody, privacy where cloud infrastructure is
shared, conflicting laws where hardware and systems provisioning cloud services are distributed
and the admissibility of acquired evidence. | en_US |