NOTICE: Due to a lapse in annual appropriations, most of this website is not being updated. Learn more.

Form submissions will still be accepted but will not receive responses at this time. Sections of this site for programs using non-appropriated funds (such as NVLAP) or those that are excepted from the shutdown (such as CHIPS and NVD) will continue to be updated.

U.S. flag

An official website of the United States government

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

PUBLICATIONS

NIST Cloud Computing Forensic Reference Architecture

Published

Author(s)

Martin Herman, Michaela Iorga, Ahsen Michael Salim, Robert H. Jackson, Mark R. Hurst, Ross A. Leo, Anand Kumar Mishra, Nancy M. Landreville, Yien Wang

Abstract

This document summarizes the research performed by the NIST Cloud Computing Forensic Science Working Group and presents the NIST Cloud Computing Forensic Reference Architecture (CC FRA or FRA), whose goal is to provide support for a cloud system's forensic readiness. The CC FRA helps users understand the cloud forensic challenges that might exist for an organization's cloud system. It identifies challenges that require at least partial mitigation strategies and how a forensic investigator would apply those strategies to a particular forensic investigation. The CC FRA presented here is both a methodology and an initial implementation. Users are encouraged to customize this initial implementation for their specific situations and needs.
Citation
Special Publication (NIST SP) - 800-201
Report Number
800-201
NIST Pub Series
Special Publication (NIST SP)
Pub Type
NIST Pubs

Download Paper

https://doi.org/10.6028/NIST.SP.800-201
Local Download

Keywords

civil litigation, criminal investigation, cybersecurity, digital forensics, enterprise architecture, enterprise operations, forensic readiness, incident response
Information technology and Forensic Science

Citation

Herman, M. , Iorga, M. , Salim, A. , Jackson, R. , Hurst, M. , Leo, R. , Mishra, A. , Landreville, N. and Wang, Y. (2024), NIST Cloud Computing Forensic Reference Architecture, Special Publication (NIST SP), National Institute of Standards and Technology, Gaithersburg, MD, [online], https://doi.org/10.6028/NIST.SP.800-201, https://tsapps.nist.gov/publication/get_pdf.cfm?pub_id=957962 (Accessed October 9, 2025)

Issues

If you have any questions about this publication or are having problems accessing it, please contact [email protected].

Created July 30, 2024, Updated July 31, 2024
Was this page helpful?