You are viewing a plain text version of this content. The canonical link for it is here.
Posted to log4net-user@logging.apache.org by "Hart, Leo" <Le...@FMR.COM> on 2005/03/04 21:19:57 UTC
Secure Logging
OK, here's a problem I'm sure many of you have come across:
We're planning on integrating Log4Net into our web application. We'll
be using it for the normal purposes: logging user activity and creating
debugging statements in case of exceptions, both of which will include
information considered to be highly confidential. I would prefer to
output our logging information to a rolling file appender, however, our
ISO will not be happy with the fact that potentially sensitive
information like account numbers, SSNs, etc will be stored in clear text
on our application's server. Basically, on one hand we want to log this
information because it's necessary to debug any problems, but on the
other hand we don't want to log this information because not even the
system administrators are permitted to view the data (our database is
highly secured, so only a small few can view the data that way).
So I was wondering if any of you have been presented with this problem
and was wondering what steps you have taken to get around it. Three
potential solutions came up on our side:
1. Somehow make Log4Net encrypt all of its logging output prior to
writing it to the log (maybe creating a new appender that extends the
rolling file appender).
2. Creating an encrypted folder on the server and writing the file
to that location.
3. Logging to the database.
OK, so #1 sounds good, but I'm not sure where to start.
#2 should be fairly straight-forward, but I guess you have to link up a
user account to a SID and if someone removes the user account, there's
no way to access the folder.
#3 won't work as of now because we need to encrypt the username/password
in the Log4Net config file, which I don't believe is currently
supported. Also, I don't really dig the idea of logging to a database
because it just adds one more point of failure to process.
So what do you guys think? Any suggestions on what I should do? If you
think #1 is the way to go, how would I go about doing this?
Thanks,
Leo Hart