CLOUD COMPUTING
10:45-11:15
CLOUD COMPUTING DEFINED
 General definition: Hosted services delivery over the Internet from a remote
location, either over Internet or Intranet, involving environments enabled by
virtualization.
 NIST definition: “Cloud computing is a model for enabling ubiquitous,
convenient, on-demand network access to a shared pool of configurable
computing resources (e.g., networks, servers, storage,
applications, and services) that can be rapidly
provisioned and released with minimal
management effort or service provider
interaction.“
CLOUD COMPUTING: ESSENTIAL CHARACTERISTICS
 On-demand self-service
– Customer can provision “as-needed”, without requiring human interaction
with a service provider
 Broad network access
– Accessible cloud environment from any client platform, including smart
phones, tables, computers, laptops, workstations
 Resource pooling
– Sharing of
o Storage
o Memory
o Network bandwidth
CLOUD COMPUTING: ESSENTIAL CHARACTERISTICS, CONT.
 Rapid elasticity
– Scale upwards and downwards, on demand/as needed
– Deployed in little to no time
– Appearance of seamless and unlimited
 Measured service
– Cloud systems allocate resources automatically,
depending on demand
– Everything is measured
– Resource usage is regularly/real time monitored,
controlled and reported
CLOUD COMPUTING SERVICE MODELS
 Software as a Service
– Use providers applications, that run on provider’s cloud infrastructure
– Generally accessible via web browser or program interface
– Consumer/user does not manage or control underlying infrastructure,
including network, servers, operating systems, storage or individual
application capabilities
– Examples: Outlook Webmail, Gmail, Twitter,
Facebook, Flickr, LinkedIn, Dropbox, etc.
CLOUD COMPUTING SERVICE MODELS, CONT.
 Platform as a Service
– Use consumer-created or acquired applications, that run on provider’s
cloud infrastructure
– Generally accessible via web browser or program interface
– Consumer/user does not manage or control underlying infrastructure,
including network, servers, operating systems, storage but has control over
or deployed applications and some configuration
settings for the application-hosting environment
– Examples: Salesforce1 PaaS, Google App Engine,
Microsoft Azure, OutSystems, etc.
CLOUD COMPUTING SERVICE MODELS, CONT.
 Infrastructure as a Service
– Consumer/user is able to provision processing, storage, networks and
other computing resources, where the consumer can deploy and run
arbitrary software, including operating systems and applications.
– The consumer does not manage or control underlying cloud infrastructure,
but has control over operating systems,
storage and deployed applications.
– Examples: Amazon Web Services,
CA Technologies, AT&T, Verizon, etc.
CLOUD COMPUTING CLOUD TYPES
 Private cloud
–
–
–
–
Cloud Infrastructure provisioned for exclusive use by single organization
Can comprise multiple business units of that organization
Owned/managed/operated by organization, third party or both
Can be on or off-premise
CLOUD COMPUTING CLOUD TYPES, CONT.
 Community cloud
– Cloud Infrastructure provisioned for exclusive use by a specific community
of consumers from organizations that have shared concerns
– Owned/managed/operated by one or more if the organizations, third party
or both
– Can be on or off-premise
CLOUD COMPUTING CLOUD TYPES, CONT.
 Public cloud
– Cloud Infrastructure provisioned for open use by general public
– Owned/managed/operated by business, academic or government
organization (or combination of them)
– Exists on premises of cloud provider
CLOUD COMPUTING CLOUD TYPES, CONT.
 Hybrid Cloud
– Cloud Infrastructure is a composition of two or more distinct cloud
infrastructures (private, community or public)
– Remain unique entities
– Bound together by standardized or proprietary technology that enables
data and application portability (e.g. load balancing between clouds)
CLOUD COMPUTING LEGAL ISSUES
 Who controls the data?
– Rule 34(a)(1): “A party may serve on any other party a request within the
scope of rule 26(b) to produce…the following items within the responding
party’s possession, custody or control”
– Example Facebook TOS:
o “You own all of the content and information you post on Facebook, and you can control
how it is shared…”
o But: “When you delete IP content…understand that removed
content may persist in backup copies for reasonable
period of time, unavailable to others.”
CLOUD COMPUTING LEGAL ISSUES, CONT.
 Stored Communications Act
– Designed to address privacy issues of internet communications not
covered by 4th amendment
– Creates set of 4th amendment-like privacy protections by statute,
regulating the relationship between government investigators and service
providers in possession of users’ private information
– Two main purposes:
o Limits governments rights to compel providers to
disclose customer or subscriber information
o Limits rights of Internet Service Providers (ISP’s)
to provide customer information voluntarily
CLOUD COMPUTING LEGAL ISSUES, CONT.
 Court determined Gmail, Facebook,
Myspace and Hotmail as Electronic
Communications Services (ECS) Provider and
Remote Computing Services (RCS) Provider
under Stored Communications Act
 Good read: Cloud Computing: Constitutional
and Statutory Privacy Protections
http://fas.org/sgp/crs/misc/R43015.pdf
CLOUD COMPUTING COLLECTION ISSUES
 Saas, PaaS, IaaS
– Challenges with multi-tenant hosting, sync problems and techniques for
segregating data in shared logs
– Traditional data/forensic collection involved physical collection,
preservation, validation, processing, review and production
– Cloud collections do not have physical media or physical control over
network on which data resides. Difficult to
identify specific data and segregate
in shared/cloud environment =
preservation and collection issue
CLOUD COMPUTING COLLECTION ISSUES, CONT.
 Saas, PaaS, IaaS cont’d
– Due to “elastic” capabilities of cloud (i.e. adding
or removing available storage, virtual
workstations, etc.), data can easily be “deleted”
or overwritten
– Other challenges include massive databases for
CRM systems and social platforms
– Great read: NIST Cloud Computing Forensic
Science Challenges
http://safegov.org/media/72648/nist_digital_for
ensics_draft_8006.pdf - Annex “B”
CLOUD COMPUTING COLLECTION ISSUES, CONT.
 Cloud-hosted email
– All cloud providers of email and social media sites
are likely ECA/RCS under Stored Communications
Act (SCA) precluding ability to capture email without
user authorization absent showing of probable
cause
– Collections under SCA typically done by government
in criminal proceeding
– In civil matters: will require user consent to retrieve
data from the cloud, including username and
password or given admin rights to mailbox
CLOUD COMPUTING COLLECTION ISSUES, CONT.
 Cloud-hosted email cont’d
– Some forensic data and metadata is lost when
email is “downloaded” from cloud-based
mailbox
– Only the more “common” cloud-email
providers offer eDiscovery collection abilities
from within the administrative or user
mailbox interface. Other cloud-email
providers will have to collect for you, charging
per mailbox or hourly.
– Seek other sources (e.g. communicationrecipient’s email) first
CLOUD COMPUTING COLLECTION ISSUES, CONT.
 Social Media
– Without user consent: Can only download/collect what is publicly available
(not requiring a username and password)
– With user consent: Can collect any information available and visible to
user, but will require account log-in information (i.e. username and
password)
– Exceptions are open content
social media platforms, such
as Twitter, YouTube, etc.
CLOUD COMPUTING COLLECTION ISSUES, CONT.
 Social Media cont’d
– Some social media sites do not allow you to “pick and choose” what you
want to collect (e.g. Facebook)
– True collect “all” from social media requires specialized collection
software, such as X1 Social Discovery or platform-specific, such as the
Afentis Suite of forensic software (have to purchase individual software,
per platform)
CLOUD COMPUTING COLLECTION ISSUES, CONT.
 Text messages
– While cell phone providers do not keep transmitted data, logs of when
transmissions occurred are kept for a limited time-frame (depending on
the provider)
– Result: Need to collect from physical device
 Interesting nugget: Uncle Sam is watching you, too!
– Library of Congress collected all tweets
via FOIA request
– 50 million tweets per day
NEXT TOPIC
MICROSOFT EXCHANGE