This topic contains 6 replies, has 4 voices, and was last updated by  qray2014 7 years, 6 months ago.

Multiple log file locations?

  • prion86 March 13, 2014 at 1:13 pm

    Is it possible to designate more than one log file path? More specifically, is it possible for different channels to use different log file paths?

    Here’s what I am trying to do:

    I want to store the log files on a TrueCrypt volume to satisfy the overzealous HIPAA czars out there. Most people are happy with the existing setup, but some are convinced that everything has to be encrypted all the time. The idea of encrypted logs is usually enough grease to keep these particular wheels from squeaking.

    The problem with TrueCrypt is that the volume needs to be remounted when the server reboots. It is technically possible to remount the volume via a startup script on the server, but I was wondering if I could do it with a single Iguana instance.

    The way I was thinking about doing this was to have a control channel set to auto-start. This control channel would mount the TrueCrypt volume, and then start the HL7 related channels. The HL7 related channels would have their log files stored on the TrueCrypt volume, and the control channel could use the default path.

    Of course, any other suggestions on how to encrypt the log files are welcome.

    Eliot Muir March 13, 2014 at 1:58 pm

    No they need to use the same log directory.

    I think for a start up script of this nature it would make best sense to do it outside of Iguana.

    If you are on windows the script can mount the true crypt volume, guarantee it is running and then do:

    net start iguana

    etc.

    Who do you work for?

    prion86 March 13, 2014 at 3:31 pm

    Oh well…Anyway, thanks for the reply Mr. Eliot.

    Who do I work for? I’ll never talk!

    Kidding, of course…Teletracking (this is Will).

    Jeff Drumm March 14, 2014 at 8:53 am

    It sounds like you don’t need to encrypt the log files per se; it’s the PHI payload that’s the real concern.

    You could potentially encrypt the payload before queueing, then decrypt on dequeueing by invoking an external application. The keys could be stored securely (managed by a key server, for example).

    That’s likely a lot more more overhead than just using TrueCrypt, or implementing on a system with drives that support hardware encryption.

    Alternately, you could use a product like Symantec PGP Full Disk Encryption. It requires authentication on boot, so all encrypted volumes are available before Windows loads.

    Jeff Drumm ◊ VP and COO ◊ HICG, LLC. ◊ http://www.hicgrp.com

    Eliot Muir March 14, 2014 at 9:36 am

    Hi Will,

    Guess the other thing you could do if you were really determined is run a couple of instances of Iguana.

    Encrypting the message content has the problem that searching won’t work on the data and so on.

    Though I guess you could extract out some fields, put them in a JSON object with the main payload encrypted.

    For the server to really be secure you have to have the password entered by a human or picked up across a network when the server starts up – interesting from a high availability stand point…

    prion86 March 14, 2014 at 1:06 pm

    The more I look at this, the less attractive TrueCrypt is as a solution. The main problem seems to be that once the volume is mounted, and ham-and-egger with access to the server can view the log files.

    Now, I get that any one with server access would presumably have the sort of clearance to view PHI, but one thing I know is that HIPAA nuts are usually the ‘In a perfect world, no one can access anything’ types.

    But I digress…

    What I am really looking to do is set something up that is encrypted for everyone but Iguana, but would also allow a ‘backdoor’ in case the server got completely borked and the log files needed to be moved, intact and readable, to a different instance. I have no doubt that the translator could handle this sort of thing, but I can’t get to the translator until Iguana starts, and that can’t happen without valid log files.

    I don’t want to encrypt the message content

    This also needs to happen in Windows, the logs should behave the same within Iguana, and the amount of third party software needs to be kept to a minimum, in case this wasn’t already hard enough nut to crack.

    I’ll keep my thinking cap on….

    qray2014 September 24, 2015 at 11:57 am

    Prion86
    I’m wondering if you ever came up with a viable solution to this? The idea of encrypting PHI “data at rest” is rearing its ugly head for me as well. Using an encrypted drive does not really work to satisfy this I guess since in order for Iguana to have access to write the logs the drive must be mounted and unlocked. presumably then if some one hacks into the server they can get access to the log files.

You must be logged in to reply to this topic.