FAST-CFP: Finding a Solution To The Cloud Forensic Problem

Cloud computing has been a great enabler for a great many companies and individuals in the decade or so since it gained traction. The ability to access new systems rapidly without concern for forward planning, accessing corporate budgets and in particular the ability to scale up (or down) on demand has proved particularly attractive. A great many researchers have been actively involved to ensure that systems are developed in a responsible way to ensure the security and privacy of users. However, there remains a fundamental issue which is of great concern. Namely, that once an attacker successfully breaches a cloud system and becomes an intruder, usually escalating privileges the longer they are in the system, there is nothing then to prevent them from deleting or modifying the forensic trail. This presents a serious challenge, especially in the light of forthcoming regulation from the forthcoming European Union (EU) General Data Protection Regulation (GDPR), which has a regime of penalties which can rise up to the greater of e20 million or 4% of Global Turnover. The other challenging aspect of this legislation is that any security breach must be reported within 72 hours. For cloud users who are breached, particularly where the intruder deletes or modifies the forensic trail, this may become an impossible requirement to comply with, which can also lead to an increase in the fine levied. Solving this problem presents a seriously difficult challenge, but failure to solve this problem can lead to an increase in the level of fines being levied. Looking at the cyber breach reports regularly carried out each year by a number of security organisations, it is very clear that a great many companies are nowhere near being able to comply with this tight reporting requirement, let alone understand which records have been accessed, modified or deleted. Given that the regulation comes into effect on the 25th May 2018, it is clear that many companies are walking blind into a major disaster. Keywords–Cloud Forensic Problem; GDPR; Cloud Security and Privacy.