The National Institute of Standards and Technology (NIST) has released a draft report, NIST Cloud Computing Forensic Science Challenges, that summarized 65 cloud computing challenges that forensic investigators face.
The report divides the challenges into nine categories, including architecture, data collection, analysis, standards, training, data hiding and malware.
Since, according to a press release, forensic investigators operate in the “ever-changing, elastic, on-demand, self-provisioning cloud computing environments,” the report is aimed at building consensus about the challenges and formulating effective responses to them.
Challenges range from the technical — use of metadata, recovery of deleted data before it may be overwritten and the like — to the legal — for instance, investigators and consulting firms may have limited power to legally obtain information in their jurisdictions or unknown physical locations of data make it difficult to specify and respond to subpoenas.