Re: Secure logging (was: King COunty)

From: Ed Kennedy <ekennedyx_at_yahoo_dot_com>
Date: Tue Nov 09 2004 - 22:36:11 CST

Hello Fred and Charlie:

Just in case you weren't aware of this, there is a Searchable correspondance
archive . If OVC has
previously discussed a subject like this, that is where you will find it.
BTW, I don't understand the issue. Could you please clarity it for this
simple minded civil engineer?

Thanks, Ed Kennedy

Fred McLain wrote:
> A safe, inexpensive and well tested mechanism exists for logging, cash
> register printers. It's not as techie, but they work! Integration of
> one of these with the tally software we have shouldn't be overly
> difficult. What might be more interesting is making them physically
> secure as they are in cash registers.
> -Fred-
> On Tue, 2004-11-09 at 16:56, charlie strauss wrote:
>> In response to Jim March's pointing out that the paper log
>> generation events dont show up in the computer logs. I am wondering
>> what technical means can not only make audit log changes detectable
>> but also make them very difficult.
>> If the systems were on line one could use a remote, crytographic
>> time-stamped-hash server, but I dont think we want them on-line.
>> Is it technically feasible for a conventional CD-R in normal CD
>> iso-data format to write short records without buffering them in
>> large batches (that would delay their commitment to the CD)? I've
>> used multi-session CD-Rs but the sessions tend to be large so
>> perhaps the iso format limits the number of these events??
>> If so one could use serial number stamped CDs for the loggers and
>> not drive up the price with special logger hardware.
>> Or has OVC already dealt with this another way.
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
Received on Tue Nov 30 23:17:22 2004

This archive was generated by hypermail 2.1.8 : Tue Nov 30 2004 - 23:17:44 CST