Abstract: Cloud computing is a popular computing paradigm with overwhelming benefits, yet there are complex and unresolved cloud data security vulnerabilities in the usage stage of a cloud data life cycle. The purpose of this design science study was to examine cloud data security vulnerabilities during usage by developing a forensic artifact capable of determining cloud data security vulnerabilities. In line with the research question, the study was based on three propositions: 1) that unencrypted data vulnerability is detectable during usage in the cloud, 2) that detectable vulnerable data in the cloud is recoverable using forensics means, and 3) recoverable data is discernable to the extent that it provides value to the data collector. A total of 9 forensics experiments were conducted in three phases using different configurations to collect and analyze the forensic artifacts required to validate or disprove the research propositions. The findings of this design science study showed that both encrypted and unencrypted cloud datasets in memory during cloud data usage are detectable. Detectable unencrypted cloud data during usage is vulnerable, recoverable, and discernable. Encrypted cloud data during usage is also recoverable but not discernable. However, the practicality of homomorphic encryption, which allows the computation of encrypted data, remains a challenge. Therefore, security practitioners must adopt a defense-in-depth strategy that encompasses administrative, physical, and technical controls to minimize the risk of adversary access to volatile memory. Keywords: Cloud Data Security, Data Lifecycle Security, Data Usage Vulnerability, Cloud Forensics, Memory Forensics.
Download this article: JISAR - V15 N2 Page 4.pdf
Recommended Citation: Sambasivam, S., Amoah, D., (2022). Examining Cloud Data Security Vulnerabilities During Usage. Journal of Information Systems Applied Research15(2) pp 4-16. http://JISAR.org/2022-2/ ISSN : 1946 - 1836. A preliminary version appears in The Proceedings of CONISAR 2021