Dissertation/Thesis Abstract

Critical Success Factors for Digital Forensic Investigations in Cloud Computing: An Exploratory Multiple-case Study
by Eppley, Eric, D.I.T., Capella University, 2019, 165; 27541045
Abstract (Summary)

The general problem addressed in the present study was that traditional digital forensic processes are not designed to be applied to cloud computing environments. Increased case complexity, longer investigation completion times, and increased financial expenses are compounded by the lack of specific technical solutions to resolve cloud forensic cases. No present research supports the efficacy of existing tools, techniques, and procedures, and the present study addresses this gap in the literature by interviewing digital forensic investigators with experience analyzing cloud-based data. The present study was guided by a single research question that asked: What are the specific, technical critical success factors used by investigators at private sector companies that decrease time delays when analyzing digital forensic data stored in cloud computing environments? The present study was conducted using a qualitative multiple-case study methodology to uncover possible improvements in policies, processes, and procedures by exploring the practices of investigators in the field. A combination of several types of nonprobability sampling methods, purposeful, snowball, and convenience were utilized to select 21 participants that each represented a single case. The participants selected for this study were senior forensic examiners with at least three years of practical experience and specific familiarity with cloud forensic investigations. Four distinct themes emerged during the data analysis process, and each of the four themes exposed critical success factors used by the investigators to resolve the challenges they faced working with cloud-based data. Supported by narrative quotes, the themes were further bolstered through triangulation with contemporary academic literature and artifacts provided by the participants. The present study identified several significant findings, the first of which was that cloud investigations remain challenging, even for experienced forensic investigators. Additionally, the second finding was that the volume of data stored in cloud environments is increasing. The third finding was that new features provided by cloud service providers often interfere with forensic investigations. Finally, the fourth finding was that Office 365 and webmail are prevalent cloud data sources. As a result of the participants’ responses, a digital analysis of cloud investigation factors (DACIF) model was designed to help practitioners conduct more effective investigations. The DACIF model illustrates the process for reducing the time needed to complete forensic investigations when data resides in cloud environments.

Indexing (document details)
Advisor: Dominguez, Alfredo
Commitee: Lowrey, Kimberly, Li, Susan
School: Capella University
Department: School of Business and Technology
School Location: United States -- Minnesota
Source: DAI-A 81/4(E), Dissertation Abstracts International
Subjects: Information Technology, Criminology
Keywords: Cloud, Cost-reduction, Critical Success Factors, DACIF Model, Forensics, Investigation
Publication Number: 27541045
ISBN: 9781392737699
Copyright © 2021 ProQuest LLC. All rights reserved. Terms and Conditions Privacy Policy Cookie Policy