Browse Prior Art Database

Method and Apparatus for log obfuscation to prevent sensitive info exposure

IP.com Disclosure Number: IPCOM000217620D
Publication Date: 2012-May-09
Document File: 7 page(s) / 205K

Publishing Venue

The IP.com Prior Art Database

Abstract

This invention provides a method and apparatus for log obfuscation to prevent sensitive info from being exposed. We provide a new Log utility to software developers to let them define and obfuscate the sensitive info in log during development phase. Instead of obfuscation after log generation by end user manually, we provide end user an option whether they want the logs to be obfuscated when generating logs.

This text was extracted from a PDF file.
This is the abbreviated version, containing approximately 33% of the total text.

Page 01 of 7

Method and Apparatus for log obfuscation to prevent sensitive info exposure

IT systems, subsystems and applications are becoming more and more complicated than ever before . Typically there are more than one application systems running on a company's environment , for example, Portal, BPM, ECM, etc may sit together in a company's system. If there is any failure you will rely on the logs/traces to debug and analyze the problem. There are many sensitive/confidential information of a company, e.g.: user name and password used to log in the system, IP and port info of the connection, etc in the log. If the logs have been exposed to some others it will bring great security risk to the company's IT system. Hacker can use this info to attack your system! So how to protect the generated logs is a big issue for most company's IT system . Besides, most companies are buying software

from 3rdparty, so if they encounter any problems they will need to contact with their software provider and provide all necessary logs/traces for problem determination. This will increase the info exposure risk as well if the logs contain any sensitive info.

1. Currently, the most common solution is to sign contract with 3rdparty to make sure they only use these logs/traces for problem determination. But this is only controlled in legal part. It will bring great cost to

find and confirm it is the 3rdparty who has exposed your system info if you have encountered such situation .

2. There are some software providers who provide log encryption for their software . Using this method, all of the log files are encrypted and it must be decrypted before it can be used . This is inconvenient because either

decrypted log or the method to decrypt the log need to be shared with 3rdparty. And after decryption all the sensitive info in the log might be exposed.

3. US 2009/028036 A1: Method and apparatus for dump and log anonymization(DALA): In this invention, Log is generated as the usual way and after it has been generated, it will be transferred to a server for anonymization. Using this solution, there is still possibility to expose sensitive information from logs to others as you still generate logs in the usual way and save logs in some place. Also the anonymization is something like 'search and replace' although you can define different 'search and replace' rules . This will bring inconvenience if your log format changes from version to version - You need to redefine your 'search and replace' rules and regenerate the anonymization version if your log format changes. Besides, to use this invention you must be very familiar with the generated logs so that you can define appropriate rules for your logs . This is something impossible as most customers will have not so much knowledge of the log format and content and in most cases the log file size will be very huge. So they may find after anonymization there is still some sensitive info in the log .

This invention provides a...