Multiple log file locations?
Is it possible to designate more than one log file path? More specifically, is it possible for different channels to use different log file paths?
Here’s what I am trying to do:
I want to store the log files on a TrueCrypt volume to satisfy the overzealous HIPAA czars out there. Most people are happy with the existing setup, but some are convinced that everything has to be encrypted all the time. The idea of encrypted logs is usually enough grease to keep these particular wheels from squeaking.
The problem with TrueCrypt is that the volume needs to be remounted when the server reboots. It is technically possible to remount the volume via a startup script on the server, but I was wondering if I could do it with a single Iguana instance.
The way I was thinking about doing this was to have a control channel set to auto-start. This control channel would mount the TrueCrypt volume, and then start the HL7 related channels. The HL7 related channels would have their log files stored on the TrueCrypt volume, and the control channel could use the default path.
Of course, any other suggestions on how to encrypt the log files are welcome.
No they need to use the same log directory.
I think for a start up script of this nature it would make best sense to do it outside of Iguana.
If you are on windows the script can mount the true crypt volume, guarantee it is running and then do:
net start iguana
Who do you work for?
Oh well…Anyway, thanks for the reply Mr. Eliot.
Who do I work for? I’ll never talk!
Kidding, of course…Teletracking (this is Will).
It sounds like you don’t need to encrypt the log files per se; it’s the PHI payload that’s the real concern.
You could potentially encrypt the payload before queueing, then decrypt on dequeueing by invoking an external application. The keys could be stored securely (managed by a key server, for example).
That’s likely a lot more more overhead than just using TrueCrypt, or implementing on a system with drives that support hardware encryption.
Alternately, you could use a product like Symantec PGP Full Disk Encryption. It requires authentication on boot, so all encrypted volumes are available before Windows loads.
Jeff Drumm ◊ VP and COO ◊ HICG, LLC. ◊ http://www.hicgrp.com
Guess the other thing you could do if you were really determined is run a couple of instances of Iguana.
Encrypting the message content has the problem that searching won’t work on the data and so on.
Though I guess you could extract out some fields, put them in a JSON object with the main payload encrypted.
For the server to really be secure you have to have the password entered by a human or picked up across a network when the server starts up – interesting from a high availability stand point…
The more I look at this, the less attractive TrueCrypt is as a solution. The main problem seems to be that once the volume is mounted, and ham-and-egger with access to the server can view the log files.
Now, I get that any one with server access would presumably have the sort of clearance to view PHI, but one thing I know is that HIPAA nuts are usually the ‘In a perfect world, no one can access anything’ types.
But I digress…
What I am really looking to do is set something up that is encrypted for everyone but Iguana, but would also allow a ‘backdoor’ in case the server got completely borked and the log files needed to be moved, intact and readable, to a different instance. I have no doubt that the translator could handle this sort of thing, but I can’t get to the translator until Iguana starts, and that can’t happen without valid log files.
I don’t want to encrypt the message content
This also needs to happen in Windows, the logs should behave the same within Iguana, and the amount of third party software needs to be kept to a minimum, in case this wasn’t already hard enough nut to crack.
I’ll keep my thinking cap on….
I’m wondering if you ever came up with a viable solution to this? The idea of encrypting PHI “data at rest” is rearing its ugly head for me as well. Using an encrypted drive does not really work to satisfy this I guess since in order for Iguana to have access to write the logs the drive must be mounted and unlocked. presumably then if some one hacks into the server they can get access to the log files.
You must be logged in to reply to this topic.