International Business Machines Corporation
Using multiple signatures on a signed log

Abstract:

Embodiments include method, systems and computer program products for validating an event record. The method includes securing, by a processor, a log of one or more events being performed a computer by adding tamper detection to the log. Securing includes generating, by the processor, a first event record in response to an event being performed by the computer and generating, by the processor, a second event record in response to the first event record being generated. The second event record includes a first signature and a second signature corresponding to the first event record. The processor, in response to a request to detect tampering of the first event record, validates the first event record based on the first signature and the second signature in the second event record.