1. Technical Field
The present invention relates to data processing and, in particular, to application and data logging. Still more particularly, the present invention provides a method, apparatus, and program to post process applications encrypting sensitive objects that are logged.
2. Description of Related Art
Many applications log data. An application typically has three types of logs: audit, error, and trace. Of these three log types, sensitive data is usually associated with some log entries. Therefore, encryption may be used to protect the sensitive data.
An application typically logs objects by calling a log application and passing the objects as parameters to the log application. Either the application must encrypt sensitive objects before passing them to the log application or, alternatively, the log application must identify the sensitive objects and perform the encryption.
The current solution to this problem is to programmatically encrypt the objects that are deemed to be sensitive. This solution requires a developer to code the encryption, as well as logic to determine which objects to encrypt, directly into the application. When changes that affect which objects are deemed sensitive occur, the application code must also change. This solution does not have a high degree of flexibility because the logic identifying sensitive objects is written into the application code.