hadoop分布式存储平台外文翻译文献.docx
- 文档编号:11956409
- 上传时间:2023-06-03
- 格式:DOCX
- 页数:47
- 大小:55.07KB
hadoop分布式存储平台外文翻译文献.docx
《hadoop分布式存储平台外文翻译文献.docx》由会员分享,可在线阅读,更多相关《hadoop分布式存储平台外文翻译文献.docx(47页珍藏版)》请在冰点文库上搜索。
hadoop分布式存储平台外文翻译文献
hadoop分布式存储平台外文翻译文献
(文档含中英文对照即英文原文和中文翻译)
原文:
TechnicalIssuesofForensicInvestigationsinCloud
ComputingEnvironments
DominikBirkRuhr-UniversityBochum
HorstGoertzInstituteforITSecurityBochum,Germany
Ruhr-UniversityBochumHorstGoertzInstituteforITSecurity
Bochum,Germany
Abstract—CloudComputingisarguablyoneofthemostdiscussedinformationtechnologiestoday.Itpresentsmanypromisingtechnologicalandeconomicalopportunities.However,manycustomersremainreluctanttomovetheirbusinessITinfrastructurecompletelytothecloud.OneoftheirmainconcernsisCloudSecurityandthethreatoftheunknown.CloudServiceProviders(CSP)encouragethisperceptionbynotlettingtheircustomersseewhatisbehindtheirvirtualcurtain.Aseldomlydiscussed,butinthisregardhighlyrelevantopenissueistheabilitytoperformdigitalinvestigations.Thiscontinuestofuelinsecurityonthesidesofbothprovidersandcustomers.CloudForensicsconstitutesanewanddisruptivechallengeforinvestigators.Duetothedecentralizednatureofdataprocessinginthecloud,traditionalapproachestoevidencecollectionandrecoveryarenolongerpractical.Thispaperfocusesonthetechnicalaspectsofdigitalforensicsindistributedcloudenvironments.Wecontributebyassessingwhetheritispossibleforthecustomerofcloudcomputingservicestoperformatraditionaldigitalinvestigationfromatechnicalpointofview.Furthermorewediscusspossiblesolutionsandpossiblenewmethodologieshelpingcustomerstoperformsuchinvestigations.
I.INTRODUCTION
Althoughthecloudmightappearattractivetosmallaswellastolargecompanies,itdoesnotcomealongwithoutitsownuniqueproblems.Outsourcingsensitivecorporatedataintothecloudraisesconcernsregardingtheprivacyandsecurityofdata.Securitypolicies,companiesmainpillarconcerningsecurity,cannotbeeasilydeployedintodistributed,virtualized
cloudenvironments.Thissituationisfurthercomplicatedbytheunknownphysicallocationofthecompanie’sassets.Normally,ifasecurityincidentoccurs,thecorporatesecurityteamwantstobeabletoperformtheirowninvestigationwithoutdependencyonthirdparties.Inthecloud,thisisnotpossibleanymore:
TheCSPobtainsallthepowerovertheenvironment
andthuscontrolsthesourcesofevidence.Inthebestcase,atrustedthirdpartyactsasatrusteeandguaranteesforthetrustworthinessoftheCSP.Furthermore,theimplementationofthetechnicalarchitectureandcircumstanceswithincloudcomputingenvironmentsbiasthewayaninvestigationmaybeprocessed.Indetail,evidencedatahastobeinterpretedbyaninvestigatorinaWewouldliketothankthereviewersforthehelpfulcommentsandDennisHeinson(CenterforAdvancedSecurityResearchDarmstadt-CASED)fortheprofounddiscussionsregardingthelegalaspectsofcloudforensics.propermannerwhichishardlybepossibleduetothelackofcircumstantialinformation.Forauditors,thissituationdoesnotchange:
Questionswhoaccessedspecificdataandinformationcannotbeansweredbythecustomers,ifnocorrespondinglogsareavailable.Withtheincreasingdemandforusingthepowerofthecloudforprocessingalsosensibleinformationanddata,enterprisesfacetheissueofDataandProcessProvenanceinthecloud[10].Digitalprovenance,meaningmeta-datathat
describestheancestryorhistoryofadigitalobject,isacrucialfeatureforforensicinvestigations.Incombinationwithasuitableauthenticationscheme,itprovidesinformationaboutwhocreatedandwhomodifiedwhatkindofdatainthecloud.Thesearecrucialaspectsfordigitalinvestigationsindistributedenvironmentssuchasthecloud.Unfortunately,theaspectsofforensicinvestigationsindistributedenvironmenthavesofarbeenmostlyneglectedbytheresearchcommunity.Currentdiscussioncentersmostlyaroundsecurity,privacyanddataprotectionissues[35],[9],[12].Theimpactofforensicinvestigationsoncloudenvironmentswaslittlenoticedalbeitmentionedbytheauthorsof[1]in2009:
”[...]toourknowledge,noresearchhasbeenpublishedonhowcloudcomputingenvironmentsaffectdigitalartifacts,
andonacquisitionlogisticsandlegalissuesrelatedtocloudcomputingenvironments.”Thisstatementisalsoconfirmedbyotherauthors[34],[36],[40]stressingthatfurtherresearchonincidenthandling,evidencetrackingandaccountabilityincloudenvironmentshastobedone.Atthesametime,massiveinvestmentsarebeingmadeincloudtechnology.Combinedwiththefactthatinformationtechnologyincreasinglytranscendentspeoples’privateandprofessionallife,thusmirroringmoreandmoreofpeoples’actions,itbecomesapparentthatevidencegatheredfromcloudenvironmentswillbeofhighsignificancetolitigationorcriminalproceedingsinthefuture.Withinthiswork,wefocusthenotionofcloudforensicsbyaddressingthetechnicalissuesofforensicsinallthreemajorcloudservicemodelsandconsidercross-disciplinaryaspects.Moreover,weaddresstheusabilityofvarioussourcesofevidenceforinvestigativepurposesandproposepotentialsolutionstotheissuesfromapracticalstandpoint.Thisworkshouldbeconsideredasasurveyingdiscussionofanalmostunexploredresearcharea.Thepaperisorganizedasfollows:
Wediscusstherelatedworkandthefundamentaltechnicalbackgroundinformationofdigitalforensics,cloudcomputingandthefaultmodelinsectionIIandIII.InsectionIV,wefocusonthetechnical
issuesofcloudforensicsanddiscussthepotentialsourcesandnatureofdigitalevidenceaswellasinvestigationsinXaaSenvironmentsincludingthecross-disciplinaryaspects.WeconcludeinsectionV.
II.RELATEDWORK
Variousworkshavebeenpublishedinthefieldofcloudsecurityandprivacy[9],[35],[30]focussingonaspectsforprotectingdatainmulti-tenant,virtualizedenvironments.Desiredsecuritycharacteristicsforcurrentcloudinfrastructuresmainlyrevolvearoundisolationofmulti-tenantplatforms[12],
securityofhypervisorsinordertoprotectvirtualizedguestsystemsandsecurenetworkinfrastructures[32].Albeitdigitalprovenance,describingtheancestryofdigitalobjects,stillremainsachallengingissueforcloudenvironments,
severalworkshavealreadybeenpublishedinthisfield[8],[10]contributingtotheissuesofcloudforensis.Withinthiscontext,cryptographicproofsforverifyingdataintegritymainlyincloudstorageoffershavebeenproposed,
yetlackingofpracticalimplementations[24],[37],[23].Traditionalcomputerforensicshasalreadywellresearchedmethodsforvariousfieldsofapplication[4],[5],[6],[11],[13].Alsotheaspectsofforensicsinvirtualsystemshavebeenaddressedbyseveralworks[2],[3],[20]includingthenotionofvirtualintrospection[25].Inaddition,theNISTalreadyaddressedWebServiceForensics[22]whichhasahugeimpactoninvestigationprocessesincloudcomputingenvironments.Incontrast,theaspectsofforensicinvestigationsincloudenvironmentshavemostlybeenneglectedbyboththeindustryandtheresearchcommunity.OneofthefirstpapersfocusingonthistopicwaspublishedbyWolthusen[40]afterBebeeetalalreadyintroducedproblemswithincloudenvironments[1].Wolthusenstressedthatthereisaninherentstrongneedforinterdisciplinaryworklinkingtherequirementsandconcepts
ofevidencearisingfromthelegalfieldtowhatcanbefeasiblyreconstructedandinferredalgorithmicallyorinanexploratorymanner.In2010,Grobaueretal[36]publishedapaperdiscussingtheissuesofincidentresponseincloud
environments-unfortunatelynospecificissuesandsolutionsofcloudforensicshavebeenproposedwhichwillbedonewithinthiswork.
III.TECHNICALBACKGROUND
A.TraditionalDigitalForensics
ThenotionofDigitalForensicsiswidelyknownasthepracticeofidentifying,extractingandconsideringevidencefromdigitalmedia.Unfortunately,digitalevidenceisbothfragileandvolatileandthereforerequirestheattentionof
specialpersonnelandmethodsinordertoensurethatevidencedatacanbeproperisolatedandevaluated.Normally,theprocessofadigitalinvestigationcanbeseparatedintothreedifferentstepseachhavingitsownspecific
purpose:
1)IntheSecuringPhase,themajorintentionisthepreservationofevidenceforanalysis.Thedatahastobecollectedinamannerthatmaximizesitsintegrity.Thisisnormallydonebyabitwisecopyoftheoriginalmedia.Ascanbeimagined,thisrepresentsahugeprobleminthefieldofcloudcomputingwhereyouneverknowexactlywhereyourdataisandadditionally
donothaveaccesstoanyphysicalhardware.However,thesnapshottechnology,discussedinsectionIV-B3,providesapowerfultooltofreezesystemstatesandthusmakesdigitalinvestigations,atleastinIaaSscenarios,
theoreticallypossible.
2)WerefertotheAnalyzingPhaseasthestageinwhichthedataissiftedandcombined.Itisinthisphasethatthedatafrommultiplesystemsorsourcesispulledtogethertocreateascompleteapictureandeventreconstructionaspossible.Especiallyindistributedsysteminfrastructures,thismeansthatbitsandpiecesofdataarepulledtogetherfordecipheringtherealstoryofwhathappenedandforprovidingadeeperlookintothedata.
3)Finally,attheendoftheexaminationandanalysisofthedata,theresultsofthepreviousphaseswillbereprocessedinthePresentationPhase.Thereport,createdinthisphase,isacompilationofallthedocumentationandevidencefromtheanalysisstage.Themainintentionofsuchareportisthatitcontainsallresults,itiscompleteandcleartounderstand.Apparently,thesucces
- 配套讲稿:
如PPT文件的首页显示word图标,表示该PPT已包含配套word讲稿。双击word图标可打开word文档。
- 特殊限制:
部分文档作品中含有的国旗、国徽等图片,仅作为作品整体效果示例展示,禁止商用。设计者仅对作品中独创性部分享有著作权。
- 关 键 词:
- hadoop 分布式 存储 平台 外文 翻译 文献