Your question is very complexly written . What exactly are you looking for ?
In a cloud computing environment, conducting digital investigations holds a challenge because of cross-cutting and multi-jurisdictions,so how can enhanced cloud forensic architectures simplify this process of investigations by allowing legal bodies, digital forensic investigators and Law enforcement agencies(LEA) to collaborate? Do we require an international law on cloud forensics. NB: Taking into account we still do not have acceptable cloud forensic standards.
My opinion is that current lack of knowledge on the complex jurisdictional issues poses major challenges to cloud forensics. What I would focus on at this stage is on a comprehensive global risk assessment guidelines for cloud services that include risks incurred when doing a forensic data acquisition. Once consensus is reached on the risks, then proper mitigation through legislation or forensic guidelines/ technology can be developed.
victor, my experience is that its hard to reconcile laws....forensic investigation standards embedded or accepted by various jurisdictions would be a much simpler approach. Only that am not aware we have a global computing professional body the same way we have in accounting.
Mr John Kingathia, Thanks for your input. What you mentioned is the problem that i was asking but you forgot something small. My focus in this is not the generic aspect of forensics. While the domain is literally enormous i am inclined towards Digital Forensics/Computer forensics. Well while i concur about what you suggest about the standards, it is worth noting that currently we do not have any acceptable digital forensic standards that can spearhead the process. I am currently working alongside a recently published ISO standard that my research group proposed and it was seconded worldwide but its focus is on the proactive side. Now the reason why professional bodies might be void in this context is because, the legal considerations again regarding "digital forensic evidence" will vary always, you cannot impose to a jurisdiction to accept what they feel is not supported by their law. Something else that i mentioned again was the aspect of the cloud, the servers that holds some objects might reside in a different jurisdiction while the crime might occur in a totally different jurisdiction. How would you provide the provenance? As Arturo Geigel quoted up there we should try and look into that important aspect per se "comprehensive global risk assessment guidelines for cloud services that include risks incurred when doing a forensic data acquisition. Once consensus is reached on the risks, then proper mitigation through legislation or forensic guidelines/ technology can be developed". How will the rule of evidence apply? What tools will be novel in this case? How will you prove evidential data is what it should be? What are the evidential requirements with respect to the cloud? How will you perform segregation? What will be different from what exist now? What is the current-state-of art? That is why i introduce the Cloud forensic architectures.
- Badges
- Science topic
- Similar topics
- Geoscience
- Asia
- India