As mentioned in Part 1 of this article, one of my functions is to research
current and up and coming solutions within the technology realm, particularly
that of distributed computing and cloud computing.
It is a strong possibility that malicious users will eventually identify and
exploit potential flaws within the cloud computing model. CSPs, in their
pursuit to secure market share may have underestimated the possibilities of
attack and misuse of their cloud resources by a malicious user or users.
The likelihood that the creation, storage, processing and distribution of
illicit material will present major legal issues, is also a grave reality 
Digital Forensic Examiners also know that any effective forensic system has
to have an effective means of monitoring and collecting a wide range of data
as; there is no directive which states what may be pertinent to any one ... (more)
Cloud Computing offers a sense of "vastness" in terms of storage and remote
processing. According to Simpson Garfinkil, a major challenge to any digital
forensics investigator investigating data within the cloud; can be an
inability to locate or identify data or code that is lost when single data
structures are split into elements.
This in effect directly impacts forensic visibility.
Within this ecosystem a major concern can be access to and the preservation
of data within an on-going digital forensic investigation. Of consideration
as mentioned in Part 1 - is that in a live and ... (more)
Digital Forensics is not an elephant, it is a process and not just one
process, but a group of tasks and processes in investigation. Examiners now
perform targeted examinations using forensic tools and databases of known
files, selecting specific files and data types for review while ignoring
files of irrelevant type and content. Despite the application of
sophisticated tools, the forensic process still relies on the examiner's
knowledge of the technical aspects of the specimen and understanding of the
case and the law - Mark Pollitt.
As has been established from articles by var... (more)
Over the last few weeks I've been hearing a lot of discussion around HIPAA.
When we speak about HIPAA, invariably the two components of data security and
data privacy arises.
In the traditional data centers, database managers and data owners know where
their data resides and implement the necessary processes to preserve privacy
and audit access.
However, when we move to the cloud, the cloud being all about data, we are
looking at servers, network, and storage that are abstracted. This raises
concern that data owners may not necessarily know where their data sets
physically resi... (more)
What is SOA? One can say that the synthesis of Enterprise Application
Integration (EAI) platforms with middleware tools and concepts evolved into
what we know today as Service Oriented Architecture.
SOA then represents a standards based architectural blueprint with an
emphasis on business centric services and transactions rather than that of
technology oriented objectives: In other words an architectural style which
businesses can use to execute and align services with their business model to
achieve their business strategy, goals and objectives.
For instance, an end-user reques... (more)