Security, Privacy, and Digital Forensics in the Cloud

Security, Privacy, and Digital Forensics in the Cloud

by Lei Chen, Hassan Takabi, Nhien-An Le-Khac
Released April 2019
Publisher(s): Wiley
ISBN: 9781119053286

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

In a unique and systematic way, this book discusses the security and privacy aspects of the cloud, and the relevant cloud forensics.

Cloud computing is an emerging yet revolutionary technology that has been changing the way people live and work. However, with the continuous growth of cloud computing and related services, security and privacy has become a critical issue. Written by some of the top experts in the field, this book specifically discusses security and privacy of the cloud, as well as the digital forensics of cloud data, applications, and services. The first half of the book enables readers to have a comprehensive understanding and background of cloud security, which will help them through the digital investigation guidance and recommendations found in the second half of the book.

Part One of Security, Privacy and Digital Forensics in the Cloud covers cloud infrastructure security; confidentiality of data; access control in cloud IaaS; cloud security and privacy management; hacking and countermeasures; risk management and disaster recovery; auditing and compliance; and security as a service (SaaS). Part Two addresses cloud forensics – model, challenges, and approaches; cyberterrorism in the cloud; digital forensic process and model in the cloud; data acquisition; digital evidence management, presentation, and court preparation; analysis of digital evidence; and forensics as a service (FaaS).

  • Thoroughly covers both security and privacy of cloud and digital forensics
  • Contributions by top researchers from the U.S., the European and other countries, and professionals active in the field of information and network security, digital and computer forensics, and cloud and big data
  • Of interest to those focused upon security and implementation, and incident management
  • Logical, well-structured, and organized to facilitate comprehension

Security, Privacy and Digital Forensics in the Cloud is an ideal book for advanced undergraduate and master's-level students in information systems, information technology, computer and network forensics, as well as computer science. It can also serve as a good reference book for security professionals, digital forensics practitioners and cloud service providers.

Table of contents

  1. Cover
  2. List of Contributors
  3. Part I: Cloud Security and Privacy
    1. 1 Introduction to the Cloud and Fundamental Security and Privacy Issues of the Cloud
      1. 1.1 Introduction
      2. 1.2 Cloud Computing and Security Issues
      3. 1.3 Identity Security in the Cloud
      4. 1.4 Information Security in the Cloud
      5. 1.5 Cloud Security Standards
      6. 1.6 Conclusion
      7. References
    2. 2 Cloud Infrastructure Security
      1. 2.1 Introduction
      2. 2.2 Infrastructure Security in the Cloud
      3. 2.3 Infrastructure Security Analysis in Some Clouds
      4. 2.4 Protecting Cloud Infrastructure
      5. 2.5 Conclusion
      6. References
    3. 3 Confidentiality of Data in the Cloud: Conflicts Between Security and Cost
      1. 3.1 Introduction
      2. 3.2 Background
      3. 3.3 Confidentiality: Threats and Adversaries
      4. 3.4 Achieving Data Confidentiality in Cloud Storage Systems
      5. 3.5 Reducing Cloud Storage System Costs through Data‐Reduction Techniques
      6. 3.6 Reconciling Data Reduction and Confidentiality
      7. 3.7 Trusted Decrypter
      8. 3.8 Future Directions for Cloud Storage Confidentiality with Low Cost
      9. 3.9 Conclusions
      10. References
    4. 4 Access Control in Cloud IaaS
      1. 4.1 Introduction
      2. 4.2 Background
      3. 4.3 Access Control in OpenStack Cloud IaaS
      4. 4.4 Access Control in AWS Cloud IaaS
      5. 4.5 Access Control in Azure Cloud IaaS
      6. 4.6 Conclusions
      7. References
    5. 5 Cloud Security and Privacy Management
      1. 5.1 Introduction and Background
      2. 5.2 Security and Privacy Analysis
      3. 5.3 Best Security Practices and Recommendation
      4. 5.4 Use Case Example: Microsoft Office 365, SaaS Version
      5. 5.5 Current Trends and Future Direction
      6. 5.6 Related Works
      7. 5.7 Conclusion
      8. Acknowledgments
      9. References
    6. 6 Hacking and Countermeasures in the Cloud
      1. 6.1 Introduction
      2. 6.2 Background
      3. 6.3 Cloud Security Threats
      4. 6.4 Cloud Security Countermeasures
      5. 6.5 Hacking the Cloud: Reality Check
      6. 6.6 Future of Cloud Security
      7. 6.7 Conclusions
      8. References
    7. 7 Risk Management and Disaster Recovery in the Cloud
      1. 7.1 Introduction
      2. 7.2 Background
      3. 7.3 Consequence‐Centric Security Assessment
      4. 7.4 Future Directions
      5. 7.5 Conclusions
    8. 8 Cloud Auditing and Compliance
      1. 8.1 Introduction
      2. 8.2 Background
      3. 8.3 Cloud Auditing
      4. 8.4 Cloud Compliance
      5. 8.5 Future Research Directions for Cloud Auditing and Compliance
      6. 8.6 Conclusion
      7. References
      8. Further Reading
    9. 9 Security‐as‐a‐Service (SECaaS) in the Cloud
      1. 9.1 Introduction
      2. 9.2 Related Work
      3. 9.3 Security‐as‐a‐Service Framework
      4. 9.4 Conclusions
      5. References
  4. Part II: Cloud Forensics
    1. 10 Cloud Forensics: Model, Challenges, and Approaches
      1. 10.1 Introduction
      2. 10.2 Background
      3. 10.3 Process and Model of Cloud Forensics
      4. 10.4 Cloud Forensics Methods, Approaches, and Tools
      5. 10.5 Challenges in Cloud Forensics
      6. 10.6 Conclusions
      7. References
    2. 11 Cyberterrorism in the Cloud: Through a Glass Darkly
      1. 11.1 Introduction
      2. 11.2 What Is Terrorism?
      3. 11.3 Defining Cyberterrorism
      4. 11.4 Cyberterrorism vs. Terrorist Use of Cyberspace
      5. 11.5 Cyberterrorism in the Cloud
      6. 11.6 The Benefits of the Cloud to Cyberterrorists
      7. 11.7 Cyberlaw and Cyberterrorism
      8. 11.8 Conclusion: Through a Glass Darkly
      9. References
    3. 12 Digital Forensic Process and Model in the Cloud
      1. 12.1 Introduction
      2. 12.2 Digital Forensics Models
      3. 12.3 Cloud Forensics Process and Model
      4. 12.4 Toward a New Cloud Forensics Model
      5. 12.5 Evaluation and Analysis
      6. 12.6 Conclusion
      7. References
    4. 13 Data Acquisition in the Cloud
      1. 13.1 Introduction
      2. 13.2 Background
      3. 13.3 Data Center as a Source of Evidence
      4. 13.4 Cloud Service Providers: Essential Requirements, Governance, and Challenges
      5. 13.5 Cloud Storage Forensics
      6. 13.6 Case Study 1: Finding Data Centers on the Internet in Data‐Dense Environments
      7. 13.7 Case Study 2: Cloud Forensics for the Amazon Simple Storage Service
      8. 13.8 Conclusion
      9. References
    5. 14 Digital Evidence Management, Presentation, and Court Preparation in the Cloud: A Forensic Readiness Approach
      1. 14.1 Introduction
      2. 14.2 Cloud Forensics and Challenges
      3. 14.3 Digital Forensics Readiness
      4. 14.4 Cloud Forensics Readiness
      5. 14.5 Forensics Readiness in Evidence Management, Presentation, and Court Preparation
      6. 14.6 Conclusion
      7. References
    6. 15 Analysis of Cloud Digital Evidence
      1. 15.1 Introduction
      2. 15.2 Background
      3. 15.3 Current Approaches
      4. 15.4 Proposed Comprehensive Approaches
      5. 15.5 Discussion
      6. 15.6 Conclusions
      7. References
    7. 16 Forensics‐as‐a‐Service (FaaS) in the State‐of‐the‐Art Cloud
      1. 16.1 Introduction
      2. 16.2 Background and Motivation
      3. 16.3 State of the Art in Parallel and Distributed Forensic Analysis
      4. 16.4 Conclusion and Future Research Direction
      5. References
  5. Index
  6. End User License Agreement

Product information

  • Title: Security, Privacy, and Digital Forensics in the Cloud
  • Author(s): Lei Chen, Hassan Takabi, Nhien-An Le-Khac
  • Release date: April 2019
  • Publisher(s): Wiley
  • ISBN: 9781119053286