|
Digital signatures work at a data group level (i.e. file level), and are usually applied after a specific time interval from the moment of the file creation. This implies that when dealing with continuously appending files such as audit trails (logs), these files are signed only after each one is completed -for example, at the end of the day-, and not in real time as each event is being added to the file. The consequence of this is that there is no guarantee that no tampering has occurred between the moment of the file creation and the moment where the digital signature is applied, leaving an unsecured time gap. Additionally, if any type of tampering occurs after the digital signature has been applied, the whole file has to be discarded, resulting in a great loss of important data (that can easily arrive to Gigabytes of audit information). The final result is that forensic and investigation processes become even more expensive and time-consuming. On the contrary, Secure Audit Vault assures data integrity down to the event/record level. Trying to achieve this level of detail using digital signatures is virtually impossible due to the enormous computational associated costs. The Secure Audit Vault applies a “digital fingerprint” in real-time, just as events are being generated and registered. This eliminates the unsecured time gap making it virtually non-existent. Furthermore, securing the file down to the event/record level means that if any tampering is detected, only the affected records should be discarded, but the remaining portion of the file can be unquestionably trusted. With digital signature usage, this would mean losing completely the information.
|
