However, it still poses usability issues in terms of having to present biometric credentials each time a file needs to be encrypted/decrypted. Biometric key generation can produce robust keys replacing the need to recall them. Although today’s use of third-party cryptographic applications can independently encrypt data, it is arguably cumbersome to manually cipher/decipher each file and administer many keys. Given weak passwords, malicious attacks have been happened across a variety of well-known storage services (e.g. The security issues, nevertheless, have been the intense debate within the cloud community. With the capability of storing huge volumes of data over the Internet, cloud storage has become a popular and desirable service for individuals and enterprises. The implementation provides both command-line and web user interfaces, and can be readily incorporated into established forensic processes. To demonstrate the utility of this approach, we present a proof-of-concept acquisition tool, kumodd, which can acquire evidence from four major cloud drive providers: Google Drive, Microsoft OneDrive, Dropbox, and Box. In this work, we introduce the concept of API-based evidence acquisition for cloud services, which addresses these concerns by utilizing the officially supported API of the service. Specifically, it makes the incorrect assumption that all storage content for an account is fully replicated on the client further, there are no means to acquire historical data in the form of document revisions, nor is there a way to acquire cloud-native artifacts, such as Google Docs. This approach requires labor-intensive reverse engineering efforts, and ultimately results in an acquisition that is inherently incomplete. Currently, evidence acquisition for such services still follows the traditional method of collecting artifacts on a client device. This paper presents TwinCloud and compares it to other cloud storage systems.Ĭloud computing and cloud storage services, in particular, pose a new challenge to digital forensic investigations. A usability study for TwinCloud is also included in the paper. Serving as a gateway, TwinCloud uses two or more separate cloud providers and symmetric key encryption to store the encryption keys and encrypted files in separate clouds which ease the sharing process without conceding security. It uses a simple and practical approach to store and share files by hiding all the cryptographic and key-distribution operations from cloud users. TwinCloud achieves this by solving the complex key exchange problem in sharing. TwinCloud is an innovative cloud storage solution which goal is to provide a secure cloud system to users without compromising any of the advantages the clouds have to offer. In this paper, we propose a novel solution, TwinCloud. Although, there are several third-party solutions to provide security in clouds, they are not used extensively because of usability issues. However, both security conscious personal and cooperate users are reluctant to trust cloud service providers. Cloud service providers try to convince users to trust their services and encourage them to store personal files or corporate documents on their servers. With the advent of cloud technologies, there is a growing number of easy-to-use services to store files and share them with other cloud users.
0 Comments
Leave a Reply. |