Browse Prior Art Database

Rule-based log information protection mechanism

IP.com Disclosure Number: IPCOM000179584D
Original Publication Date: 2009-Feb-18
Included in the Prior Art Database: 2009-Feb-18
Document File: 5 page(s) / 85K

Publishing Venue

IBM

Abstract

The invention provides a uniform logging interface for the developer of the middleware provider and a rule-based logging protection configuration way for the security manager of the middleware provider. The developer can use the uniform logging interface to logging the middleware code at anywhere and anytime without considering the security issues. Before the code is built to be a product, the security principle of the middleware provider can configure the rules for the logging protection. At runtime, the high protection level loggings will be encrypted and saved in separate file, (Say logging file A). While the low protection level loggings will be saved as usually, (say in logging file B). The middleware consumer can use the logging file B to troubleshooting their code and the middleware provider who owns the key can decrypt file A and combine A and B using timestamps to recover the whole loggings to troubleshooting the middleware code.

This text was extracted from a PDF file.
At least one non-text object (such as an image or picture) has been suppressed.
This is the abbreviated version, containing approximately 47% of the total text.

Page 1 of 5

Rule-

Main Idea

1

1.

. Background : What is the problem solved by your invention ? Describe known solutions to this problem (

(if any

                                                                             if any). What are the drawbacks of such known solutions , or why is an additional solution required ? Cite any relevant technical documents or references .

Log (trace) information of application middleware (such as IBM WebShpere Commerce) is useful for both the middleware customer and the middleware provider. The customer can use the log to help them troubleshooting their customized program which is based on the middleware, and the provider can use the log to troubleshooting the middleware program and provide support services to the customer.

The bi-functional characteristic of application middleware log poses a dilemma to the middleware provider. On one hand, they expect enough middleware information is logged for their troubleshooting use; on the other hand, they do not expect too much middleware information is logged. This is because detailed log may reflect the program (business) logic, which is essential to the middleware provider and should notbe exposed to the customer for security concern.

The problem here is both software customer and provider have the requirements to control the visibility of log information under specific situations. Further more, log information protection/isolation should be configurable and transparent for developer. Although prior logging mechanisms e.g. log4

                                  
[1] and IBM RAS Logging [2] can provide relatively powerful logging method, but none of them provides log protection/isolation mechanism to solve above problem. So this disclosure proposes a rule- based logging information protection mechanism to account for the problem.

Reference:
[1] http://logging.apache.org/log4

j

[2]http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/topic/com.ibm.websphere.

ras/RASLogger.html

-based log information protection mechanism

based log information protection mechanism

j/1.2/index.html

javadoc.doc/public

_html/api/com/ibm/

1

Page 2 of 5

2

2.

. Summary of Invention : Briefly describe the core idea of your invention (

(saving the details for questions

saving the details for questions #

#3

3 below). Describe the

advantage (

(s

ss)) of using your invention instead of the known solutions described above .

Invention description

The invention provides a uniform logging interface for the developer of the middleware provider and a rule-based logging protection configuration way for the security manager of the middleware provider. The developer can use the uniform logging interface to logging the middleware code atanywhere and anytime without considering the security issues. Before the code is built to be a product, the security principle of the middleware provider can configure the rules for the logging protection.

At runtime, the high protection level loggings willbe en...