The present invention relates generally to digital signature generation, and more specifically, to optimization of digital signature generation for records that may be selectively removed in groups from storage at a later time.
The demand for long-term, secure storage of electronic records, including, but not limited to computing logs, such as event logs, continues to grow, for example, due to increased regulations and auditing requirements. The need for such storage to be provided in a performance-sensitive manner also has become increasingly important, for example, as result of the potentially high throughput of logging that may be performed. This need is particularly acute among organizations that do large amounts of logging.
Digital signatures have been implemented in some existing log management systems to provide security for electronic records. For example, in some existing systems, a digital signature may be used for each event log entry rather than implementing a standard secure protocol. In existing systems, each event log has been provided with an individual digital signature, which may be subsequently used to validate the record, or ensure the individual log entry has not been tampered with during an intervening time period. In existing systems, groups of signed events may later be removed from storage, transferred in bulk, and then individually validated.
However, the computing time required to generate digital signatures for large numbers of records in some cases may become burdensome. For example, the generation of large numbers of digital signatures for stored records may effectively limit the throughput of logging that may be performed, or even negatively affect overall computer performance.