Customizing Dynamics 365 Implementing and Releasing Business Solutio
Gain an understanding of basic and advanced customizations in Dynamics 365 and learn how they can be effectively used to implement simple business requirements. This is a practical book for developers that explains the use of various Dynamics 365 features
- PDF / 123,987 Bytes
- 10 Pages / 612 x 792 pts (letter) Page_size
- 91 Downloads / 195 Views
Christoph Wegener
Ruhr-University Bochum Horst Goertz Institute for IT Security Bochum, Germany Email: [email protected]
Ruhr-University Bochum Horst Goertz Institute for IT Security Bochum, Germany Email: [email protected]
Abstract—Cloud Computing is arguably one of the most discussed information technologies today. It presents many promising technological and economical opportunities. However, many customers remain reluctant to move their business IT infrastructure completely to the cloud. One of their main concerns is Cloud Security and the threat of the unknown. Cloud Service Providers (CSP) encourage this perception by not letting their customers see what is behind their virtual curtain. A seldomly discussed, but in this regard highly relevant open issue is the ability to perform digital investigations. This continues to fuel insecurity on the sides of both providers and customers. Cloud Forensics constitutes a new and disruptive challenge for investigators. Due to the decentralized nature of data processing in the cloud, traditional approaches to evidence collection and recovery are no longer practical. This paper focuses on the technical aspects of digital forensics in distributed cloud environments. We contribute by assessing whether it is possible for the customer of cloud computing services to perform a traditional digital investigation from a technical point of view. Furthermore we discuss possible solutions and possible new methodologies helping customers to perform such investigations.
I. I NTRODUCTION Although the cloud might appear attractive to small as well as to large companies, it does not come along without its own unique problems. Outsourcing sensitive corporate data into the cloud raises concerns regarding the privacy and security of data. Security policies, companies main pillar concerning security, cannot be easily deployed into distributed, virtualized cloud environments. This situation is further complicated by the unknown physical location of the companie’s assets. Normally, if a security incident occurs, the corporate security team wants to be able to perform their own investigation without dependency on third parties. In the cloud, this is not possible anymore: The CSP obtains all the power over the environment and thus controls the sources of evidence. In the best case, a trusted third party acts as a trustee and guarantees for the trustworthiness of the CSP. Furthermore, the implementation of the technical architecture and circumstances within cloud computing environments bias the way an investigation may be processed. In detail, evidence data has to be interpreted by an investigator in a We would like to thank the reviewers for the helpful comments and Dennis Heinson (Center for Advanced Security Research Darmstadt - CASED) for the profound discussions regarding the legal aspects of cloud forensics.
proper manner which is hardly be possible due to the lack of circumstantial information. For auditors, this situation does not change: Questions who accessed specific data a
Data Loading...
