Information om udbud
Status
Dato for indgivelse
10/07/2019
Svardato
15/07/2019
Sprog
Status
Besvaret
Information om spørgsmål
Emne
Reference to chapter 5.4.4 - (251) Log Management
Spørgsmål
With reference to chapter 5.4.4 - (251) of cellar_9a2fe08f-4580-11e9-a8ed-01aa75ed71a1.0005.02_DOC_4.pdf - The log management system. Is it possible to activate data hashing using different algorithms? The hash algorithm used can be of the type "Message Digest Hash Algorithm" or "Secure Hash Algorithm (SHA) Hash Algorithm"? with the possibility of verifying the unalterability of the data collected using a special tool? The solution can guarantee that, when hashing is enabled, any log event creates a hash file. These hash files are used to verify that the events have not been modified. Hash files are generated in memory before the files are written to disk, so the logs cannot be tampered with before the hash files are generated.
Svar
15/07/2019
Yes, it is possible to use data hashing but this shall be of type SHA256 for RCA, EA or AA because of requirement (251) where the signing is based on key material from HSM and the possibility to reuse the algorithms defined in 6.1.4.1 Table 4.