Abstract:
Cloud computing offers users access to information from anywhere by duplicating and distributing information to multiple data centres around the globe. The distribution of information in such a manner presents a significant challenge if the need arises to locate a specific digital object. Such a need could stem from legislation put in place by governments or organizations concerned with the protection of sensitive information, such as the European Union’s Data Protection Directive, which states that sensitive information should not leave the jurisdiction of the European Union. In this article, the authors look at the requirements for securing sensitive information in the cloud and address many of the challenges associated with cloud forensics. The authors address a critical issue regarding sensitive information and the cloud, that of monitoring and controlling the flow of information across jurisdictional boundaries. The authors propose a model for controlling the access of information across jurisdictional boundaries, as well as for capturing the necessary provenance data to report on the traveling history of a digital object and storing this information in a digital forensic ready manner. Should that object ever be required in a digital forensic investigation, it can easily be located.