Research Article
Determining Training Needs for Cloud Infrastructure Investigations Using I-STRIDE
@INPROCEEDINGS{10.1007/978-3-319-14289-0_15, author={Joshua James and Ahmed Shosha and Pavel Gladyhsev}, title={Determining Training Needs for Cloud Infrastructure Investigations Using I-STRIDE}, proceedings={Digital Forensics and Cyber Crime. Fifth International Conference, ICDF2C 2013, Moscow, Russia, September 26-27, 2013, Revised Selected Papers}, proceedings_a={ICDF2C}, year={2015}, month={2}, keywords={Digital forensic investigation Incident response Capability assessment Cloud forensics I-STRIDE Asset-based risk assessment Security policy}, doi={10.1007/978-3-319-14289-0_15} }- Joshua James
Ahmed Shosha
Pavel Gladyhsev
Year: 2015
Determining Training Needs for Cloud Infrastructure Investigations Using I-STRIDE
ICDF2C
Springer
DOI: 10.1007/978-3-319-14289-0_15
Abstract
As more businesses and users adopt cloud computing services, security vulnerabilities will be increasingly found and exploited. There are many technological and political challenges where investigation of potentially criminal incidents in the cloud are concerned. Security experts, however, must still be able to acquire and analyze data in a methodical, rigorous and forensically sound manner. This work applies the STRIDE asset-based risk assessment method to cloud computing infrastructure for the purpose of identifying and assessing an organization’s ability to respond to and investigate breaches in cloud computing environments. An extension to the STRIDE risk assessment model is proposed to help organizations quickly respond to incidents while ensuring acquisition and integrity of the largest amount of digital evidence possible. Further, the proposed model allows organizations to assess the needs and capacity of their incident responders before an incident occurs.