Tamper Proof Logging

Any log records stored in the database can be changed by a malicious user with access. Kron PAM designed a tamper-proof mechanism to identify these changes and understand if any log records have been tampered with.

This Tamper-Proof feature prevents unauthorized access to the database and the modification of any logs. All log types are stored in the database and hashed with encrypted binary data. This hashing mechanism is used to secure any changes to the database. Kron PAM applies the SHA-256 algorithm for hashing purposes. Each record type is hashed with a hash value and encrypted with a customer key in the database (the hash value and hash date of each record type are stored), so that, in the event, the hash value or any other information is changed on the log records by a malicious user, the newly generated hash value will be different from the previous one, thanks to the encryption key. Within this algorithm, the system recognizes if any log record is original or has been tampered with.