tag:blogger.com,1999:blog-6193377.post2255386831962954629..comments2012-01-09T17:07:41.330+01:00Rainer Gerhardshttps://profiles.google.com/112402185904751517878noreply@blogger.comBlogger3125tag:blogger.com,1999:blog-6193377.post-36430572417138489372011-12-20T13:07:22.204+01:002011-12-20T13:07:22.204+01:00Digitally signing the logs provides some evidence of log integrity. Many logging and SIEM vendors already include this functionality as a requirement for compliance regulations. Some logging and SIEM vendors offer encryption as well as digital signing of logs because it contains sensitive information on the transactions of services.Observer Journalhttp://www.blogger.com/profile/08566776052583059609noreply@blogger.comtag:blogger.com,1999:blog-6193377.post-19726995821466937272011-12-19T17:27:30.335+01:002011-12-19T17:27:30.335+01:00Thanks John,<br /><br />I have begun to track the feedback on the original article. I think it makes sense to not rush this before the holiday season and then look into the specific cases in January. You are right, a risk profile should be specified.Rainer Gerhardshttp://www.blogger.com/profile/12765720626924376847noreply@blogger.comtag:blogger.com,1999:blog-6193377.post-73531857745261646512011-12-18T02:12:40.636+01:002011-12-18T02:12:40.636+01:00A critical thing to do before you get started is to understand what risk you would be trying to mitigate. What risk are you solving by digitally signing the log store. <br /><br />It would seem to me that the original system creating each event is the one that will need to have signed their individual entry.<br /><br />The other big problem with digital signatures is that it is very critical to have a trusted date/time stamp.John Moehrkehttp://www.blogger.com/profile/04526719420117446030noreply@blogger.com