A Novel Forensic Analysis Approach to Certify Provenance of Data in Cloud Leveraging Two Factor Integrity Checks

Authors- Assistant Professor Raj Kumar T, Pofessor Sobhana N

Abstract-The Cloud has emerged as the new innovative computing paradigm in both data computation and storage as it is based on flexible pay and provisioning models. Storage of Cloud played a vital role in back up desktop user data, to host all shared scientific and mathematical data, to hoard web applications information and also to serve web based pages. Cloud based systems are also useful for faster processing and retrieval of data. Private Cloud usage has now become an essential ingredient for smaller organization network due to its distinguishable characteristics from other storage methods. Vulnerabilities in Cloud based systems impose threats to cloud storage and may affect the organization data maliciously. Forensic Acquisition and analysis of preserved data and files are essential for identifying and detecting the threats. Ensuring the integrity of Data is also vital. Data Analysis and threat identification in Cloud imposes an essential ingredient namely data provenance. Provenance of data, a meta-data defining the source history of data, is crucial for the endorsement of reliability, accountability, integrity, transparency and confidentiality of digital entities in a cloud. Hash values generation and authentication by multiple ways guarantees integrity of stored data. Cloud based storage contains large amount of artefacts useful for forensic investigators for forensic examination and analysis in the event of any unauthorised access and attack on the system. But it lacks authenticity and applicability of forensic principles when artefacts are placed before court of law. This accentuates the need for a digital forensic contrivance that can be accepted in the court of law which can satisfy and strictly follow the chain of custody forensic principles. This work presents the forensic acquisition of data provenence from a private cloud system following the forensic principles of preservation, acquisition, examination & analysis. A method is proposed namely, ProveCloud which will follow the hash value authentication, application of forensic principles and generate the provenance of data from the Private Cloud which would be helpful for identifying threats from a Cloud based system.

DOI: /10.61463/ijset.vol.12.issue6.384