TY - GEN
T1 - Using Unikernels to Address the Cloud Forensic Problem and help Achieve EU GDPR Compliance
AU - Duncan, Bob
AU - Happe, Andreas
AU - Bratterud, Alfred
PY - 2018/2/20
Y1 - 2018/2/20
N2 - IT security and privacy is a challenging problem to address, and when cloud is used, there is an exponential increase in the challenge. A particular challenge is the cloud forensic problem, which arises when an attacker succeeds in breaching a cloud system, because one of the first aims is to delete the forensic trail, and there is little to prevent this from happening in cloud. Quite apart from the obvious difficulties this will present to finding out who has breached the system and how they got in, there will now be a far more pressing problem to be dealt with, namely, the forthcoming European Union General Data Protection Regulation. Once a breach has been identified, it is also necessary for the company to report the impact of the breach, to include which records were accessed, modified, deleted, or exfiltrated, on pain of punitive levels of fine. Where the forensic trail has been compromised, this might prove to be a huge challenge to comply with. We propose addressing this problem through the use of Unikernel based monitoring systems which can ensure both full forensic and audit trails can be maintained.
AB - IT security and privacy is a challenging problem to address, and when cloud is used, there is an exponential increase in the challenge. A particular challenge is the cloud forensic problem, which arises when an attacker succeeds in breaching a cloud system, because one of the first aims is to delete the forensic trail, and there is little to prevent this from happening in cloud. Quite apart from the obvious difficulties this will present to finding out who has breached the system and how they got in, there will now be a far more pressing problem to be dealt with, namely, the forthcoming European Union General Data Protection Regulation. Once a breach has been identified, it is also necessary for the company to report the impact of the breach, to include which records were accessed, modified, deleted, or exfiltrated, on pain of punitive levels of fine. Where the forensic trail has been compromised, this might prove to be a huge challenge to comply with. We propose addressing this problem through the use of Unikernel based monitoring systems which can ensure both full forensic and audit trails can be maintained.
KW - Cloud forensic problem
KW - unikernels
KW - EU GDPR
KW - compliance
M3 - Published conference contribution
SN - 978-1-61208-607-1
T3 - Cloud Computing 2018
SP - 71
EP - 76
BT - The Ninth International Conference on Cloud Computing, GRIDs, and Virtualization
A2 - Duncan, Bob
PB - IARIA
T2 - The Ninth International Conference on Cloud Computing, GRIDs, and Virtualization
Y2 - 18 February 2018 through 22 February 2018
ER -