[prev in list] [next in list] [prev in thread] [next in thread] 

List:       log4j-user
Subject:    RE: Call for feedback
From:       "Roberto Blanc" <rblanc () kinamik ! com>
Date:       2009-05-04 15:50:01
Message-ID: 609A8F0430311B478DA472A81DD510931C49D9 () KIN-EXCH01 ! krbcnhq
[Download RAW message or body]

Hi Thorbjørn,

Thanks for your comment. In simple terms, what we do for making these logs \
tamper-evident is to process each line and then chain-hashing them. This means that \
any tampering in any record (even a single byte in one record) equals to an \
interruption in the hash chain, which allow us to pinpoint exactly where (e.g. in \
what event) this tampering has occurred. 

Are you thinking about any application for this type of solution?



-----Original Message-----
From: Thorbjørn Ravn Andersen [mailto:thunderaxiom@gmail.com] 
Sent: martes, 28 de abril de 2009 11:04
To: Log4J Users List
Subject: Re: Call for feedback

Roberto Blanc skrev  den 25-04-2009 19:00:
> while doing its job. It has the unique value of adding this
> tamper-evident "digital fingerprint" at the record level, which is
> impossible using other means such as digital signatures.
> 
Interesting.  Could you explain how this tamper-evident fingerprinting 
works?

-- 
  Thorbjørn Ravn Andersen  "...plus... Tubular Bells!"


---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-user-help@logging.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: log4j-user-unsubscribe@logging.apache.org
For additional commands, e-mail: log4j-user-help@logging.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]