OK, here's a
problem I'm sure many of you have come across:
We're planning on
integrating Log4Net into our web application. We'll be using it for the
normal purposes: logging user activity and creating debugging statements in case
of exceptions, both of which will include information considered to be highly
confidential. I would prefer to output our logging information to a
rolling file appender, however, our ISO will not be happy with the fact that
potentially sensitive information like account numbers, SSNs, etc will be stored
in clear text on our application's server. Basically, on one hand we want
to log this information because it's necessary to debug any problems, but on the
other hand we don't want to log this information because not even the system
administrators are permitted to view the data (our database is highly
secured, so only a small few can view the data that way).
So I was wondering
if any of you have been presented with this problem and was wondering what steps
you have taken to get around it. Three potential solutions came up on our
side:
- Somehow make Log4Net encrypt all of its logging output prior to writing it to the log (maybe creating a new appender that extends the rolling file appender).
- Creating an encrypted folder on the server and writing the file to that location.
- Logging to the database.
OK, so #1 sounds
good, but I'm not sure where to start.
#2 should be
fairly straight-forward, but I guess you have to link up a user account to a SID
and if someone removes the user account, there's no way to access the
folder.
#3 won't work as
of now because we need to encrypt the username/password in the Log4Net config
file, which I don't believe is currently supported. Also, I don't really
dig the idea of logging to a database because it just adds one more point of
failure to process.
So what do you
guys think? Any suggestions on what I should do? If you think #1 is
the way to go, how would I go about doing this?
Thanks,
Leo
Hart
