Time synchronization: pivotal element in cloud forensics

Cloud computing (CC) is the new trend in computing and resource management. This architectural shift toward thin clients and the centralized on‐demand provision of computing resources aspires to offer significant economical benefits to its users. However, the adaption of the CC model has forced many...

Full description

Saved in:
Bibliographic Details
Published in:Security and communication networks 2016-04, Vol.9 (6), p.571-582
Main Authors: Marangos, Nikolaos, Rizomiliotis, Panagiotis, Mitrou, Lilian
Format: Article
Language:English
Subjects:
Cloud computing
Clouds
Computer information security
digital forensics
Forensic computing
Forensic engineering
Guidelines
Lists
Time synchronization
timekeeping
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Cloud computing (CC) is the new trend in computing and resource management. This architectural shift toward thin clients and the centralized on‐demand provision of computing resources aspires to offer significant economical benefits to its users. However, the adaption of the CC model has forced many times the IT industry and the academia to revisit most of the traditional tools and technologies. The last few years, it has been identified that one of the computer branches that has been most affected by the CC model is Digital Forensics, one of the main law enforcement tools in the cyberspace. In this context, a new security area was born, the so‐called cloud forensics (CF). In this paper, we investigate the impact that the CC model has on the trustworthiness of one of the main CF sources of information, the log‐files. More precisely, we bring forth a crucial but rather underestimated problem, the problem of accurate log‐records timestamping. The synchronization of time (stamps) is of major importance for the investigation logs to be used as source of evidence. We show that this requirement is not easy in the cloud context. We demonstrate that the main features of CC render existing time synchronization techniques inadequate, and we provide a list of guidelines toward a CF aware timekeeping system. Copyright © 2014 John Wiley & Sons, Ltd. This paper highlights the importance of time synchronization in Cloud log files from the perspective of a forensics investigator. We evaluate the existing time synchronization techniques for cloud computing (CC) and provide a list of guidelines toward the design of cloud forensics aware timekeeping techniques for CC.
ISSN:1939-0114
1939-0122
DOI:10.1002/sec.1056