Abstract:
IT security and privacy is a challenging problem to address, and when cloud is used, there is an exponential increase in the challenge. A particular challenge is the cloud forensic problem, which arises when an attacker succeeds in breaching a cloud system, because one of the first aims is to delete the forensic trail, and there is little to prevent this from happening in cloud. Quite apart from the obvious difficulties this will present to finding out who has breached the system and how they got in, there will now be a far more pressing problem to be dealt with, namely, the forthcoming European Union General Data Protection Regulation. Once a breach has been identified, it is also necessary for the company to report the impact of the breach, to include which records were accessed, modified, deleted, or ex- filtrated, on pain of punitive levels of fine. Where the forensic trail has been compromised, this might prove to be a huge challenge to comply with. We propose addressing this problem through the use of Unikernel based monitoring systems which can ensure both full forensic and audit trails can be maintained.