What
Currently only audit_logger signs log entries with HMAC-SHA256. Extend this integrity protection to general writers (file/console/network) so the whole logger meets ISO/IEC 27001 A.12.4 "Protection of log information" requirements by default.
- Current: HMAC-SHA256 signature applied only in
audit_logger.h
- Expected: Opt-in
integrity feature flag on every writer; CI validates verification round-trip
- Scope:
include/kcenon/logger/writers/**, include/kcenon/logger/security/**
Why
- ISO/IEC 27001 A.12.4.2/A.12.4.3 requires tamper-evident log storage
- Customers in regulated industries (medical, financial) cannot rely on audit-only integrity
- Ecosystem alignment:
pacs_system already signs audit records; logger should match
How
Technical Approach
- Add
integrity_policy abstraction (HMAC-SHA256, Ed25519, none)
- Wire into
file_writer, rotating_writer, network_writer via builder
- Add
verify-log CLI sample under samples/
- Extend docs with ISO/IEC 27001 mapping
Acceptance Criteria
What
Currently only
audit_loggersigns log entries with HMAC-SHA256. Extend this integrity protection to general writers (file/console/network) so the whole logger meets ISO/IEC 27001 A.12.4 "Protection of log information" requirements by default.audit_logger.hintegrityfeature flag on every writer; CI validates verification round-tripinclude/kcenon/logger/writers/**,include/kcenon/logger/security/**Why
pacs_systemalready signs audit records; logger should matchHow
Technical Approach
integrity_policyabstraction (HMAC-SHA256, Ed25519, none)file_writer,rotating_writer,network_writervia builderverify-logCLI sample undersamples/Acceptance Criteria
integrity_policyoption