jump to navigation

Interesting article about logging. June 28, 2006

Posted by J.P. in Monkey thought.
trackback

Logging, a seemingly trivial part of a software system, turns out to have a lot more into it.

Logging on with KV: “I am amazed at the number of people who go to great lengths to encrypt data but then just chuck it all, unceremoniously, in plain form, into the logs.”

Key ideas:
1. Know what data need to be blinded, what need to be encrypted, what can just be left open.
2. Make sure the log itself isn’t tampered, including signing both the entries and the log itself.

Advertisements

Comments»

No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: