Figure 1 - uploaded by Ahmed Alenezi
Content may be subject to copyright.
the framework development process. 

the framework development process. 

Source publication
Conference Paper
Full-text available
Many have argued that cloud computing is one of the fastest growing and most transformative technologies in the history of computing. It has radically changed the way in which information technologies can manage, access, deliver and create services. It has also brought numerous benefits to end-users and organizations. However, this rapid growth in...

Similar publications

Conference Paper
Full-text available
The Internet has become an integral part of people's lives, more and more daily activities are being digitized and automated. So far, the Internet has been proposed for interaction between people. Internet of things (IoT) goes a step further and includes things to the Internet. The first section describes the historical development of IoT and expla...
Article
Full-text available
Digital agriculture, with the incorporation of Internet-of-Things (IoT)-devices, presents the ability to control a system at multiple levels and generate tools for improved decision making. Recent advances in IoT hardware and software make it possible to collect data and efficiently process data from diverse sources in a connected farm. By intercon...
Conference Paper
Full-text available
Collaborative robots along with skilled manpower offer flexible and intelligent services by combining the cognitive power of humans with robot’s flexibility in small-batch production. To realize this, collaborative robots are required to collaborate with humans in close range sharing the same workspace. In such a case, ensuring safe Human-Robot Col...
Article
Full-text available
As the Network of Things has grown exponentially, the Internet of Things devices generate tremendous data. IoT provides virtualization with or without the presence of being with the services. Managing this vast volume of data becomes a very tedious task. So in diverse sectors, including such as healthcare, education, agriculture, smart cities, ther...

Citations

... For organizations to be completely forensic ready, they must ensure readiness in operational and infrastructural aspects [22,23]. Operational readiness focuses on the individuals involved in forensics, while infrastructural readiness entails the processes of ensuring that organizational data are properly stored [24,25]. The same analogies are also highlighted by Ariffin and Ahmad (2021), who mention that elements of planning, policing, preparation, and control are necessary for the improvement of organizational forensic readiness in the era of Industry 4.0. ...
Article
Full-text available
As organizations strive to be compliant in a digitally evolving world, they need to ensure that they are forensically ready. Digital forensic readiness ensures compliance in legal, regulatory, functional, and operational structures. A literature review revealed a gap in detailed and comprehensive guidance on how such readiness ought to be accomplished. This is as a result of unfamiliar concepts and terms that revolve around digital forensic readiness. This research paper highlights and elaborates on a framework that can be achieved from research within focus groups. The insights drawn from the focus groups are used to critically assess the issues affecting practitioners in achieving complete digital forensic readiness.
... Beberapa penelitian sebelumnya telah mengembangkan berbagai jenis framework untuk kebutuhan investigasi dalam bidang Digital Forensic di lingkungan komputasi awan. Penelitian tersebut antara lain seperti Conceptual Forensic Readiness Framework for Infrastructure as a Service Consumers [16]dan Forensic Readiness in Organizations [17]. Tahapan-tahapan yang terdapat dalam CFR terintegrasi yang baru ini mampu menjebatani kebutuhan legalitas dengan kesiapan forensic digital di linkungan awan namun juga memberikan tahapan detail yang diperlukan dalam sebuah pembangungan sistem kesiapan dalam sebuah organisasi. ...
Article
Full-text available
Dalam pendekatan Forensic Readiness, kesiap-siagaan insiden menjadi tujuan perusahaan ataupun organisasi dalam menghadapi insiden yang swaktu-waktu terjad. Forensic Readiness dapat terdiri dari tindakan atau langkah, teknis dan non- teknis, yang memaksimalkan kemampuan organisasi untuk menggunakan bukti digital. Sebuah Cloud Forensic Readiness Framework yang terangkai dengan baik dapat membantu mempercepat dan mempermudah dalam pengambilan keputusan yang berkenaan dengan sebuah insiden terjadi dalam lingkungan komputasi awan. Hal ini memunculkan kesempatan baru dalam kolaborasi bidang digital forensic dan komputasi awan atau cloud computing, sehingga dapat ditelaah dan diteliti solusinya dengan menganalisis berbagai sumber literature pada framework kesiapan forensik komputasi awan dan membangun framework cloud forensic readiness yang terintegrasi dalam skala institutional menggunakan metode composite logic. Dengan kelengkapan tahapan framework kesiapan yang dirancang diharapkan dapat memudahkan para stakeholder organisasi untuk mengambil keputusan saat terjadi insiden.
... The need for a new approach to carrying out the forensic investigation of data in Cloud because of its peculiar challenges is established in literature [27]. This study proposes a framework that can be used to mitigate digital forensic investigation problems in Cloud storage and ensure proactive collection of forensically sound potential digital evidence. ...
Chapter
A conceptual intelligent framework for securing Cloud Forensic Readiness framework for a proactive collection of potential digital evidence from the Cloud and enhancing trust in chain-of-custody is presented in this paper. The complexities of Cloud technology including multitenancy and inter-jurisdictional spanning are making forensic investigation on Cloud storage difficult. The immensity of the Cloud data makes it difficult to be thoroughly searched as required for forensic investigation. Securing the integrity of digital evidence in the hands of its custodians is also important. These problems and other challenges peculiar to the Cloud call for effective solutions. Forensic readiness is used to maximize the ability to collect digital evidence and minimize the cost of forensic during an incident response investigation. Researchers have proposed different solutions to improve forensic readiness systems and make them suitable for their purposes. Preventing digital evidence in a forensic readiness system from being corrupted by its custodians is found to be open to research. A blockchain solution with crypto hash security for collaborative mutual authentication of the proactively collected data is proposed in this work. It uses the elliptic curve cryptography algorithms for verification of the custodians of data and authentication of the digital evidence integrity. The solution will adequately mitigate sharp practices from the digital evidence custodian who may want to compromise it, and also enhance the admissibility of the digital evidence in court by ensuring an acceptable standard for its collection. KeywordsCloud forensic readinessPotential digital evidenceChain of custody
... Step Description The processes for constructing the DFR model are divided into the politic and Technical (T) factor, and the politic factor consists of two factors: Legal (L) factor as outside the organization environment and Organizational (O) factor within the organization guideline [92]. Consequently, Each description for K-FFRaaS is classified by three factors: Technical (T), Legal (L), and Organizational (O) factors [93,94]. ...
Article
Full-text available
While Korean financial companies are currently providing electronic financial services by establishing the high-level information technology and security system in accordance with the Electronic Financial Supervision Regulations (EFSR), they are rarely equipped with digital forensic readiness (DFR) to maximize the capability to collect critical digital evidence (DE). So, there is a limit to identifying the root cause of financial incidents and securing admissible DE. In this paper, there, the authors present Financial Forensic Readiness as a Service in Korea (K-FFRaaS), as DFR of financial companies to secure the admissible DE. Based on ISO/IEC 27043:2015 international standard, K-FFRaaS consists of 3 processes groups, namely: Planning processes group, Implementation processes group, and Assessment processes group. Planning processes group is the processes group to prepare the organization to be forensically ready before potential incidents happen. Implementation processes group is the stage to carry out the processes defined in the planning group. Assessment processes group consists of activities that evaluate whether the result of the implementation process group is consistent with the objective of K-FFRaaS. The contribution of this research is to present that the financial company can adopt the systematic management procedure for mitigating the causes of incidents, store admissible DE, and present scientific evidence to a court of law through K-FFRaaS.
... The foundations of digital forensic readiness on cloud computing technologies has been necessitated by increased usage of cloud computing resources and the rapid rise of potential security incidents . 17,18 The technical factors like cloud infrastructure, cloud architecture, forensic technology affect how cloud forensic readiness aspects should be conducted. There still exist other researches that have depicted how services can be formalized in a cloud forensic readiness approach, for example, leveraging SLAs formalization based on cloud forensic reference architecture, 19 forensic readiness in the cloud through forensics log collection, 20 decision making approaches using cloud forensic readiness approaches. ...
Article
Full-text available
The importance of demonstrating the correctness of forensic analysis tools and automated incident management tools reinforces the need for a finite state machine (FSM) engine that can generate automated forensic processes. Hence, in this paper, we present an event-based FSM representation for Cloud Forensic Readiness as a Service (CFRaaS), where we also show how the FSM's predetermined states and transitions could be used to formulate an automated forensic process and generate a hypothesis for litigation purposes. Specifically, this proposition comprises a two-step level CFRaaS-FSM with possible transitions and states. This representation is useful because it can alert digital forensic investigators on how to deduce current and next state of attacks based on transitions and current states. K E Y W O R D S
... Various types of storage such as hard disks, solid state drives, cloud storage and virtual hard drives cause many problems in handling the digital evidence to be encountered in the proving process. For instance, in hard disk handling, there are some difficulties in recovering deleted data, because hard disks have a complex set of components, so criminals can hide evidence of their crimes [3]. ...
... In 2017, Alenezi et al. (2017) proposed a framework for cloud forensic readiness in organizations which included technical, legal, and organizational factors that affect digital forensic readiness. They also underpin the importance of proactively collecting data before the occurrence of the incident to save time, money, and effort. ...
Article
Full-text available
Vehicles nowadays are equipped with a vast amount of sensors that collect data for the vehicle and its environment. This, combined with the acceleration of the automotive industry towards interconnected and autonomous cars, suggests that security and specifically the ability to detect compromised nodes, collect and preserve evidence of an attack or malicious activities emerge as a priority in successfully deploying the Internet of Vehicle ecosystem. Until today Digital Forensics attempts are concerned with in vehicle forensics. In this paper we present the challenges of integrating digital forensics in an IoV ecosystem and we introduce the Attack Attribution and Forensics Readiness Tool of the nIoVe system, an integrated holistic cybersecurity solution for IoV.
... The main purpose of the proposed alignment is the identification of the degree of the forensic readiness of a specific cloud service against a forensic investigation. A number of researchers introduced various definitions for cloud forensic readiness [22][23][24]. In [25] cloud forensic readiness has been defined as "The organization's preparations to minimize the impact of an incident in a cloud forensic investigation, while identifying and acquiring the maximum amount of digital evidence". ...
Chapter
Full-text available
The design and implementation of cloud services, without taking under consideration the forensic requirements and the investigation process, makes the acquisition and examination of data, complex and demanding. The evidence gathered from the cloud may not become acceptable and admissible in the court. A literature gap in supporting software engineers so as to elicit and model forensic-related requirements exists. In order to fill the gap, software engineers should develop cloud services in a forensically sound manner. In this paper, a brief description of the cloud forensic-enabled framework is presented (adding some new elements) so as to understand the role of the design of forensic-enabled cloud services in a cloud forensic investigation. A validation of the forensic requirements is also produced by aligning the stages of cloud forensic investigation process with the framework’s forensic requirements. In this way, on one hand, a strong relationship is built between these two elements and emphasis is given to the role of the forensic requirements and their necessity in supporting the investigation process. On the other hand, the alignment assists towards the identification of the degree of the forensic readiness of a cloud service against a forensic investigation.
... Cloud computing has become one of the fastestgrowing and transformative technologies [2], according to its type there are four types of cloud computing namely infrastructure as a service, platform as a service, software as a service and storage as a service. Of the four types of cloud computing services, the main reason for using cloud computing, including cloud storage, is because of its convenience and can be accessed anywhere, anytime [3] besides that according to Shariati also saves the budget if using infrastructure on a large scale [4]. ...
... There is clear evidence showing that cloud forensic readiness can give rise to many benefits for cloud environments, including an enhanced security level. Marco et al. [4], Pangalos and Katos [14], and Alenezi et al. [15] agree that forensic readiness helps organizations improve their security strategies, be prepared for any attack, and reduce the number of security incidents. ...
... To date, however, no other studies have gathered all of the influencing factors and introduced a verified framework that helps organizations that utilize an IaaS model be forensically ready. The following framework is proposed based on the literature review; the proposed framework was further elaborated in a previous research paper [15]. The framework consists of three dimensions, as depicted in Fig. 2: The proposed cloud forensic readiness framework [15].: ...
... The following framework is proposed based on the literature review; the proposed framework was further elaborated in a previous research paper [15]. The framework consists of three dimensions, as depicted in Fig. 2: The proposed cloud forensic readiness framework [15].: ...
Article
Full-text available
Cloud computing has drastically altered the ways in which it is possible to deliver information technologies (ITs) to consumers as a service. In addition, the concept has given rise to multiple benefits for consumers and organizations. However, such a fast surge in the adoption of cloud computing has led to the emergence of the cloud as a new cybercrime environment, thus giving rise to fresh legal, technical and organizational challenges. In addition to the vast number of attacks that have had an impact on cloud computing and the fact that cloud-based data processing is carried out in a decentralized manner, many other concerns have been noted. Among these concerns are how to conduct a thorough digital investigation in cloud environments and how to be prepared to gather data ahead of time before the occurrence of an incident; indeed, this kind of preparation would reduce the amount of money, time and effort that is expended. As a number of cloud forensics challenges have not received enough attention, this study is motivated by a particular gap in research on the technical, legal and organizational factors that facilitate forensic readiness in organizations that utilize an Infrastructure as a Service (IaaS) model. This paper presents a framework with which to investigate the factors that facilitate the forensic readiness of organizations. This framework was identified by critically reviewing previous studies in the literature and by performing an in-depth examination of the relevant industrial standards. The factors were comprehensively studied and extracted from the literature; then, the factors were analysed, duplicates were removed, and the factors were categorized and synthesized to produce the framework. To obtain reliable results, the research method involved two steps: a literature review, followed by expert reviews. These techniques help us paint a comprehensive picture of the research topic and validate and confirm the results.