CLOUD COMPUTING10:45-11:15

CLOUD COMPUTING DEFINED

General definition: Hosted services delivery over the Internet from a remote location, either over Internet or Intranet, involving environments enabled by virtualization.

NIST definition: “Cloud computing is a model for enabling ubiquitous, convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage,applications, and services) that can be rapidlyprovisioned and released with minimalmanagement effort or service providerinteraction.“

CLOUD COMPUTING: ESSENTIAL CHARACTERISTICS

On-demand self-service– Customer can provision “as-needed”, without requiring

human interaction with a service provider Broad network access

– Accessible cloud environment from any client platform, including smart phones, tables, computers, laptops, workstations

Resource pooling– Sharing of

o Storageo Memoryo Network bandwidth

CLOUD COMPUTING: ESSENTIAL CHARACTERISTICS, CONT.

Rapid elasticity– Scale upwards and downwards, on demand/as needed– Deployed in little to no time– Appearance of seamless and unlimited

Measured service– Cloud systems allocate resources automatically,

depending on demand– Everything is measured– Resource usage is regularly/real time monitored,

controlled and reported

CLOUD COMPUTING SERVICE MODELS

Software as a Service– Use providers applications, that run on provider’s cloud

infrastructure– Generally accessible via web browser or program interface– Consumer/user does not manage or control underlying

infrastructure, including network, servers, operating systems, storage or individual application capabilities

– Examples: Outlook Webmail, Gmail, Twitter, Facebook, Flickr, LinkedIn, Dropbox, etc.

CLOUD COMPUTING SERVICE MODELS, CONT.

Platform as a Service– Use consumer-created or acquired applications, that run on

provider’s cloud infrastructure– Generally accessible via web browser or program interface– Consumer/user does not manage or control underlying

infrastructure, including network, servers, operating systems, storage but has control over or deployed applications and some configurationsettings for the application-hosting environment

– Examples: Salesforce1 PaaS, Google App Engine,Microsoft Azure, OutSystems, etc.

CLOUD COMPUTING SERVICE MODELS, CONT.

Infrastructure as a Service– Consumer/user is able to provision processing, storage,

networks and other computing resources, where the consumer can deploy and run arbitrary software, including operating systems and applications.

– The consumer does not manage or control underlying cloud infrastructure, but has control over operating systems,storage and deployed applications.

– Examples: Amazon Web Services,CA Technologies, AT&T, Verizon, etc.

CLOUD COMPUTING CLOUD TYPES

Private cloud– Cloud Infrastructure provisioned for exclusive use by single

organization– Can comprise multiple business units of that organization– Owned/managed/operated by organization, third party or

both– Can be on or off-premise

CLOUD COMPUTING CLOUD TYPES, CONT.

Community cloud– Cloud Infrastructure provisioned for exclusive use by a

specific community of consumers from organizations that have shared concerns

– Owned/managed/operated by one or more if the organizations, third party or both

– Can be on or off-premise

CLOUD COMPUTING CLOUD TYPES, CONT.

Public cloud– Cloud Infrastructure provisioned for open use by general

public– Owned/managed/operated by business, academic or

government organization (or combination of them)– Exists on premises of cloud provider

CLOUD COMPUTING CLOUD TYPES, CONT.

Hybrid Cloud– Cloud Infrastructure is a composition of two or more

distinct cloud infrastructures (private, community or public)– Remain unique entities– Bound together by standardized or proprietary technology

that enables data and application portability (e.g. load balancing between clouds)

CLOUD COMPUTING LEGAL ISSUES

Who controls the data?– Rule 34(a)(1): “A party may serve on any other party a

request within the scope of rule 26(b) to produce…the following items within the responding party’s possession, custody or control”

– Example Facebook TOS: o “You own all of the content and information you post on Facebook, and

you can control how it is shared…”o But: “When you delete IP content…understand that removed

content may persist in backup copies for reasonableperiod of time, unavailable to others.”

CLOUD COMPUTING LEGAL ISSUES, CONT.

Stored Communications Act– Designed to address privacy issues of internet

communications not covered by 4th amendment– Creates set of 4th amendment-like privacy protections by

statute, regulating the relationship between government investigators and service providers in possession of users’ private information

– Two main purposes:o Limits governments rights to compel providers to

disclose customer or subscriber informationo Limits rights of Internet Service Providers (ISP’s)

to provide customer information voluntarily

CLOUD COMPUTING LEGAL ISSUES, CONT.

Court determined Gmail, Facebook, Myspace and Hotmail as Electronic Communications Services (ECS) Provider and Remote Computing Services (RCS) Provider under Stored Communications Act

Good read: Cloud Computing: Constitutional and Statutory Privacy Protections http://fas.org/sgp/crs/misc/R43015.pdf

CLOUD COMPUTING COLLECTION ISSUES

Saas, PaaS, IaaS– Challenges with multi-tenant hosting, sync problems and

techniques for segregating data in shared logs– Traditional data/forensic collection involved physical

collection, preservation, validation, processing, review and production

– Cloud collections do not have physical media or physical control over network on which data resides. Difficult toidentify specific data and segregatein shared/cloud environment =preservation and collection issue

CLOUD COMPUTING COLLECTION ISSUES, CONT.

Saas, PaaS, IaaS cont’d– Due to “elastic” capabilities of cloud

(i.e. adding or removing available storage, virtual workstations, etc.), data can easily be “deleted” or overwritten

– Other challenges include massive databases for CRM systems and social platforms

– Great read: NIST Cloud Computing Forensic Science Challenges http://safegov.org/media/72648/nist_digital_forensics_draft_8006.pdf - Annex “B”

CLOUD COMPUTING COLLECTION ISSUES, CONT.

Cloud-hosted email– All cloud providers of email and social

media sites are likely ECA/RCS under Stored Communications Act (SCA) precluding ability to capture email without user authorization absent showing of probable cause

– Collections under SCA typically done by government in criminal proceeding

– In civil matters: will require user consent to retrieve data from the cloud, including username and password or given admin rights to mailbox

CLOUD COMPUTING COLLECTION ISSUES, CONT.

Cloud-hosted email cont’d– Some forensic data and metadata is

lost when email is “downloaded” from cloud-based mailbox

– Only the more “common” cloud-email providers offer eDiscovery collection abilities from within the administrative or user mailbox interface. Other cloud-email providers will have to collect for you, charging per mailbox or hourly.

– Seek other sources (e.g. communication-recipient’s email) first

CLOUD COMPUTING COLLECTION ISSUES, CONT.

Social Media– Without user consent: Can only download/collect what is

publicly available (not requiring a username and password)– With user consent: Can collect any information available

and visible to user, but will require account log-in information (i.e. username and password)

– Exceptions are open contentsocial media platforms, suchas Twitter, YouTube, etc.

CLOUD COMPUTING COLLECTION ISSUES, CONT.

Social Media cont’d– Some social media sites do not allow you to “pick and

choose” what you want to collect (e.g. Facebook)– True collect “all” from social media requires specialized

collection software, such as X1 Social Discovery or platform-specific, such as the Afentis Suite of forensic software (have to purchase individual software, per platform)

CLOUD COMPUTING COLLECTION ISSUES, CONT.

Text messages– While cell phone providers do not keep transmitted data,

logs of when transmissions occurred are kept for a limited time-frame (depending on the provider)

– Result: Need to collect from physical device Interesting nugget: Uncle Sam is watching you, too!

– Library of Congress collected all tweetsvia FOIA request

– 50 million tweets per day

NEXT TOPICMICROSOFT EXCHANGE