Assessing database and network threats in traditional and cloud computing

Cloud Computing is currently one of the most widely-spoken terms in IT. While it offers a range of technological and financial benefits, its wide acceptance by organizations is not yet wide spread. Security concerns are a main reason for this and this paper studies the data and network threats posed in both traditional and cloud paradigms in an effort to assert in which areas cloud computing addresses security issues and where it does introduce new ones. This evaluation is based on Microsoft’s STRIDE threat model and discusses the stakeholders, the impact and recommendations for tackling each threat

Applying a digital forensic readiness framework : three case studies

A digital forensic investigation primarily attempts to reactively respond to an information security incident. While the predominant goal of an investigation is the maintenance of digital evidence of forensic value, little academic research has been conducted on an organization's proactive forensic capability. This capability is referred to as digital forensic readiness and aims to maximize the forensic credibility of digital evidence, while minimizing its post-incident forensic investigation. In this paper, we classify forensic investigation frameworks to expose gaps in proactive forensics research and we review three prominent information security incidents with regard to proactive forensics planning. The applicability of a proactive forensic plan into each incident is then discussed and put into context

Digital forensic readiness : are we there yet?

Digital Forensic Readiness is defined as the pre-incident plan that deals with an organization’s ability to maximize digital evidence usage and anticipate litigation. The inadequacy of technical research and legislations and the ever-increasing need for evidence preservation mechanisms has brought the need for a common forensic readiness standard. This article reviews a number of key initiatives in order to point out the directions for future policy making governments and organizations and conducts an investigation of the limitations of those initiatives to reveal the gaps needed to be bridged

Digital forensic readiness : an insight into governmental and academic initiatives

Digital forensics is a discipline that primarily focuses on the post-incident side of an investigation. However, during the last decade, there is a considerable amount of research that considers proactive measures taken by an organization. Such measures comprise a digital forensic readiness plan. This paper first presents research initiatives on forensic readiness across the public sector and the academia, and then critically evaluates their motivations and objectives by pointing out gaps that need bridging. Lastly, it informally proposes steps to guide the formulation of a forensic readiness policy