The vast majority of today's audit logs are mutable. This means that the information recorded can be changed or deleted by both authorized users (typically database administrators) within the system and by unauthorized users hacking into the system from inside or outside.
Specially on those well regulated environments, operating with large volumes of sensitive information, it is needed to guarantee the integrity of their data with a system that eliminates the risk of data manipulation.
In today's world, it is a fact that most administrations and private companies dealing with sensitive information lack of robust and cost efficient independent secure logs solutions. Typically, audit logs are maintained in the custody of one or more highly-privileged system user (system administrators) and these privileged users have rights to access and modify the logs: they can add, change, delete log entries. It also means that logs are also vulnerable to be tampered by a malicious party that gains administrator privileges.
The industry has been addressing these deficiencies by several means, including the use of WORMs (Write Once Read Many) devices, the use of digital signatures, redundant off-site storage managed by different people, etc., but all of them have aspects to demand a more efficient solution: WORMs are slower than any other storage device and one risk is that a drive can be replaced by another one tampered; digital signatures have a high computational cost that makes impossible to use standalone in systems with significant transaction volume and do not prevent the change of order; and duplicating the storage systems and administration have cost issues and difficult the further audit process.
The state of art is based today in the use of digital signatures (Public Key Infrastructure based) accompanied by an accurate date and time stamp to provide authenticity to the data susceptible of further audit but the following issues are not addressed:                a) In systems with significant transaction volume the performance required is not cost efficient or even it is directly not possible to implement because lack of performance of digital signatures.        b) Digital signatures and timestamps do not provide by themselves the guarantee that there have not been registers deletion without notice, which in fact means immutability is not a feature of such log registries.        
The present invention addresses both issues, providing a cost efficient method and system even with significant transaction volumes guarantying immutability. The use of both symmetric message authentication hash functions to create the links and digitally signatures for chunks of links make possible to generate immutable digital chains in a cost efficient way by using standard industry hardware and software.