Cloud Deployment Models and Forensic Investigations

Cloud computing offers its services through various models. Software as a Service (SaaS) allows the user to operate their provider’s applications while running on a cloud; these applications are accessible through numerous client devices, such as a web browser on a computer. The provider controls and manages the cloud infrastructure, which includes servers, operating systems, and storage. Software as a Service is often referred to as on-demand software.

Platform as a Service (PaaS) uses programming languages, services, and libraries provided by the provider to deploy into the cloud infrastructure consumer applications. The user only has control over the deployed applications; this model offers a development environment using a toolkit and channels for payment and distribution.

Infrastructure as a Service (IaaS) is the most basic cloud-service model. It offers computing infrastructure such as virtual machines to its subscribers; data centers provide these resources. For larger-area connectivity, customers can use the Internet or carrier clouds. The cloud user maintains the operating system as well as the application software.

Security as a Service (SECaaS) is a business model where a large provider combines its security services into a corporate infrastructure based on a subscription basis. It is more cost-effective than most other options. Security is delivered as a service via the Cloud. Some of the various security services offered are anti-virus, anti-malware, and intrusion detection.

Mobile Backend as a Service (MBaaS) developers are given a way to link their applications to the Cloud with application programming interfaces (APIs); these services include push notifications, user management, and social network integration.

There are also various deployment models of cloud computing such as private, where the cloud infrastructure operates for a single organization, public, where services are available for the public, community, where information is shared between a specific community, and hybrid, where the Cloud is a blend of two or more of the previously mentioned Cloud deployment models.

Cloud computing can seem complicated and intimidating to many; however, by understanding how each model and deployment method operates, one can gain a better understanding of how Cloud computing works. When it comes to performing data forensics on the Cloud, each Cloud model has significant impacts on the investigative process, including what information is available, where and how it is stored, and the steps one needs to take to capture and analyze it effectively. For example, with multinational clouds, legal counsel can assist in the investigation to ensure no violations of another country’s privacy laws occur (Nelson, Phillips, Steuart, 2019). Furthermore, depending on the Cloud model, there may be issues separating customer data to case-specific information.


Nelson, B., Phillips, A., & Steuart, C. (2019). Guide to Computer Forensics and Investigations. Boston, MA: Cengage Learning.

Categories: Security

Leave a Reply

Please log in using one of these methods to post your comment: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s