Cloud Storage Forensics Framework

Abstract

There are various types of cloud services with each type having a potentially different use in criminal activity. The storage as a service (StaaS) is showing significant growth as users adopt the capability to store data in the cloud environment across a range of devices. Cloud storage forensics has recently emerged as a salient area of inquiry. One area of difficulty is the identification and acquisition of potential data when disparate services can be utilized by criminals. There is a need for a sound digital forensic framework relating to the forensic analysis of client devices to identify potential data holdings. In this paper the cloud storage forensic framework is proposed which based on open source cloud StaaS application (OwnCloud). In this paper, the evidences are created and collected according to the Cloud users and Service Provider actions using digital provenance scheme. The cryptographic and hash algorithms are used to be the reliable and trusted provenances at the evidence generation and verification. The aims of this paper are to help forensic examiners and to solve criminal cases in the Cloud environment.