analogrithems - Slashdot User

DSS/HIPPA/SOX Unalterable Audit Logs? 381

Posted by kdawson on Wednesday August 01, 2007 @02:23AM from the write-once-keep-forever dept.

analogrithems writes "Recently I was asked by one of the suits in my company to come up with a method to comply with the new PCI DSS policy that requires companies to have write once, read many logs. In short the requirement is for a secure method to make sure that once a log is written it can never be deleted or changed. So far I've only been able to find commercial and hardware-based solutions. I would prefer to use an open source solution. I know this policy is already part of HIPPA and soon to be part of SOX. It seems like there ought to be a way to do this with cryptography and checksums to ensure authenticity. Has anyone seen or developed such a solution? Or how have you made compliance?"

Submission + - DSS/HIPPA/SOX Unalterable Audit Logs

Submitted by analogrithems on Tuesday July 31, 2007 @06:01PM

analogrithems writes: Recently I was asked by one of the suits in my company to come up with a method to comply with the new PCI DSS policy that requires companies to have WORM logs or write once, read many. In short a secure method to make sure that once a log is written it can never be deleted or changed. So far I've only been able to find commercial and hardware based solutions. I'd prefer to use an open source solution. I know this policy is already part of HIPPA and soon to be part of SOX. It seems like their should be a way to do this with cryptography and checksums to insure authenticity, has anyone seen or developed a solution? How have other Slashdot users made compliance?

Comment I disagree (Score 1) 238

by analogrithems on Friday June 09, 2006 @10:02PM (#15507182) Attached to: Implants for Sensing Magnetic Fields

If you look into they guy who wrote that article further you'll find that he is actually the guy who runs bmezine.com, and the so called body-hacker that did the procedure has done over 1000 implants (Including mine last year). He also has very good medical skills, he designs the tools that plastic surgeons use to separate the sub dermal layers of the skin. He is considered the best of the best in the body mod community. If you wanna say he's a body-hacker just because he learned on his own and doesn't have a surgical license fine, but don't call him stupid. It's been my experience that hackers (the kids how trained them selves) generally have as good if not far better skills. Realize what this body-moder did has experimental at worst, but so where breast implants at one point. One last thing, he doesn't just do this on some desk, he has is own fully sterile operating room.

Slashdot Top Deals