Abstract
As more businesses and users adopt cloud computing services, security vulnerabilities will be increasingly found and exploited. There are many technological and political challenges where investigation of potentially criminal incidents in the cloud are concerned. Security experts, however, must still be able to acquire and analyze data in a methodical, rigorous and forensically sound manner. This work applies the STRIDE asset-based risk assessment method to cloud computing infrastructure for the purpose of identifying and assessing an organization’s ability to respond to and investigate breaches in cloud computing environments. An extension to the STRIDE risk assessment model is proposed to help organizations quickly respond to incidents while ensuring acquisition and integrity of the largest amount of digital evidence possible. Further, the proposed model allows organizations to assess the needs and capacity of their incident responders before an incident occurs.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Allen, M.W.: Creating Successful E-Learning: A Rapid System for Getting it Right the First Time, Every Time. Pfeiffer & Co, San Francisco (2006)
Anderson, L.W., Krathwohl, D.R., Bloom, B.S.: A Taxonomy for Learning, Teaching, and Assessing. Longman, New York (2005)
Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Patterson, D.A., Rabkin, A., Stoica, I., Zaharia, M.: Above the clouds: a Berkeley view of cloud computing. Science 53(UCB/EECS-2009-28), 07–013 (2009)
Balduzzi, M., Zaddach, J., Balzarotti, D., Kirda, E., Loureiro, S.: A security analysis of amazon’s elastic compute cloud service (2012)
Carrier, B.D., Spafford, E.H.: Getting physical with the digital investigation process. Int. J. Digital Evid. 2(2), 1–20 (2003)
CRA and Computing Research Association. Four grand challenges in trustworthy computing. Technical report (2003)
Dykstra, J., Sherman, A.T.: Acquiring forensic evidence from infrastructure-as-a-service cloud computing: exploring and evaluating tools, trust, and techniques. Digital Invest. 9, S90–S98 (2012)
Eucalyptus. Eucalyptus: The Open Source Cloud Platform (2013)
EY and EYGM Limited. Into the cloud, out of the fog: Ernst & Young’s 2011 global information security survey. Technical report (2011)
Gartner. Forecast: public cloud services, Worldwide, 2010–2016, 2Q12 Update. Technical report (2012)
James, J.I., Shosha, A.F., Gladyshev, P.: Digital forensic investigation and cloud computing. In: Ruan, K. (ed.) Cybercrime and Cloud Forensics: Applications for Investigation Processes, pp. 1–41. IGI Global, Hershey (2013)
Jansen, W.A.: Cloud Hooks: Security and Privacy Issues in Cloud Computing, pp. 1–10. IEEE, Washington, DC (2011)
Kent, K., Chaevalier, S., Grance, T., Dang, H.: Guide to integrating forensic techniques into incident response. Technical report SP800-86 (2006)
Kerrigan, M.: A capability maturity model for digital investigations. Digital Invest. 10(1), 19–33 (2013)
Kui, R., Cong, W., Qian, W.: Security challenges for the public cloud. IEEE Internet Comput. 16(1), 69–73 (2012)
MITRE. OpenStack Security Vulnerabilities
MSDN. The STRIDE Threat Model (2005)
NIST. Common Vulnerability Scoring System
Ponemon and L L C Ponemon Institute. The security of cloud infrastructure: survey of U.S. IT and compliance practitioners. Technical report (2011)
Pooe, A., Labuschagne, L.: A conceptual model for digital forensic readiness. In: 2012 Information Security for South Africa, pp. 1–8. IEEE, August 2012
Ruan, K., Carthy, J., Kechadi, T., Baggili, I.: Cloud forensics definitions and critical criteria for cloud forensic capability: an overview of survey results. Digital Invest. 10(1), 34–43 (2013)
Saripalli, P., Walters, B.: QUIRC: A Quantitative impact and risk assessment framework for cloud security, pp. 280–288. IEEE (2010)
Skok, M.J.: Future of Cloud Computing 2012 (2012)
Sodiya, A.S., Onashoga, S.A., Oladunjoye, B.: Threat modeling using fuzzy logic paradigm. J. Issues Inf. Sci. Technol. 4(1), 53–61 (2007)
Stephenson, P.: Modeling of post-incident root cause analysis. Int. J. Digital Evid. 2(2), 1–16 (2003)
Swiderski, F., Snyder, W.: Threat Modeling. Microsoft Press, Redmond (2004)
Vouk, M.A.: Cloud computing-Issues, research and implementations, pp. 31–40. IEEE (2008)
Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28(3), 583–592 (2012)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Institute for Computer Sciences, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
James, J.I., Shosha, A.F., Gladyhsev, P. (2014). Determining Training Needs for Cloud Infrastructure Investigations Using I-STRIDE. In: Gladyshev, P., Marrington, A., Baggili, I. (eds) Digital Forensics and Cyber Crime. ICDF2C 2013. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 132. Springer, Cham. https://doi.org/10.1007/978-3-319-14289-0_15
Download citation
DOI: https://doi.org/10.1007/978-3-319-14289-0_15
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-14288-3
Online ISBN: 978-3-319-14289-0
eBook Packages: Computer ScienceComputer Science (R0)