Home/ Questions/Q 587551
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-13T15:13:27+00:00

Folks, We have an intriguing technical challenge. How to write a secure audit file

  • 0

Folks,

We have an intriguing technical challenge. How to write a secure audit file that tracks usage of a software so license fees can be based on usage thereby making it more affordable to those who use it less.

Specifically, TickZoom sells a alpha generation trading platform for hedge funds which presently costs $2,000/month to license including support (will increase soon to more than double). That’s fine for institutions but too expensive for individuals. Individuals often ask for a lower price in exchange for a % of the profits made using the software until they can afford to pay the fixed fees.

We like that proposal. But we need a reliable way to audit the profit actually generated on the platform and a way to prevent users from “gaming” it by deleting or overwriting the audit file thereby reporting lower earnings than actual.

This application is written in C# and this portion of the system is obfuscated at least making it difficult to decipher the code.

The other requirement is write to the file for every trade that occurs so as to allow for more in depth auditing in the event that the user feels there is some discrepancy in the total fee. That way, individual trade profits can be compared with broker statements.

It is, of course, assumed that the file will be encrypted.

But any ideas on how to make it “tamper proof”? Especially against a simple delete attempt?

My first guess is to make the software always require a preexisting audit file or it will refuse to run.

Then when we deliver the software it gets packaged with an “empty” audit file but which, in fact, has some kind of tamper-proof verification.

The next obvious technique users might try to “tamper” with the file would be for someone to simply backup that original “empty” file and later use it to overwrite the audit file later thereby fooling the system into thinking that it was a fresh start.

Perhaps that can be resolved by included some kind of “last update timestamp” and an expiration time.

Also, totally different solution ideas are welcome. We might be forced in this case to add a “phone home” ability so that trades get logged to our central server. But that seems disadvantageous and potentially adds another failure point in a mission critical application. Generally they greatly dislike “phone home” features with obvious good reasons.

Sincerely,
Waynek

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    Here is a thought – whenever the user exits a session with the software, generate a hash based on the audit log. Encrypt the hash, then write it out to another file, perhaps hidden amongst your binaries, or to the registry.

    When the user opens the application next, read the log file, re-generate the hash and see if it matches the recorded value. If it doesn’t, shut down the application with a “Audit file tampered with” error message.

    Not totally fool proof, but would be pretty solid.

    Also, check out this question

    • 0