Laws, Logs and Forensic Traceability: Case Study: Amazon Web Services & Cloud Watch
Independent thesis Basic level (degree of Bachelor), 10 credits / 15 HE creditsStudent thesis
This thesis presents research around various aspects concerning log files. Forensic traceability within log files and how the Swedish law regulates saving them. It is mainly a literature study focusing on what information is to be saved within log files, but also when is a forensic investigation worth doing. Log files today is very important as it is the main source to get evidence of events and incidents. Within a log file there can be a lot of information fields, but are all of the information sent to a log file relevant? Most of the time it’s not. the most important fields are IP, Time, what did happen and why did it happen. Of course all of this cannot always be within one single log file, it needs to be correlated with IDS/IPS and other IT security Software and/or Hardware. A practical part of this work is the research around Cloud history/models/services, and how a company can get secure and reliable log files. Amazon Web Services is used for the practical part with its EC2, S3, Cloud Watch and Cloud Trail services.
Place, publisher, year, edition, pages
IT-Forensic, Log File, PUL, Amazon Web Services, Traceability, Risk Analysis, IT-Policy.
IdentifiersURN: urn:nbn:se:du-21809OAI: oai:DiVA.org:du-21809DiVA: diva2:940480