Obfuscating trace data
First Claim
Patent Images
1. A method performed by a computer processor on a first device, said method comprising:
- executing an application, said application processing data objects;
with a tracer which obtains data from instrumentation in the application when an instrumentation condition instructs the tracer to monitor at least one of debugging data and performance data with respect to the application, and while said application is executing, and when the instrumentation condition occurs, monitoring a first function within said application, said first function receiving a first data object and returning a second data object;
identifying said first data object as being passed to said first function;
identifying said second data object as being returned from said first function;
while not obfuscating a name of the first function, selectively obfuscating said first data object to create a first obfuscated data object;
while not obfuscating the name of the first function, selectively obfuscating said second data object to create a second obfuscated data object; and
storing said first obfuscated data object and said second obfuscated data object.
2 Assignments
0 Petitions
Accused Products
Abstract
A tracer may obfuscate trace data such that the trace data may be used in an unsecure environment even though raw trace data may contain private, confidential, or other sensitive information. The tracer may obfuscate using irreversible or lossy hash functions, look up tables, or other mechanisms for certain raw trace data, rendering the obfuscated trace data acceptable for transmission, storage, and analysis. In the case of parameters passed to and from a function, trace data may be obfuscated as a group or as individual parameters. The obfuscated trace data may be transmitted to a remote server in some scenarios.
-
Citations
22 Claims
-
1. A method performed by a computer processor on a first device, said method comprising:
-
executing an application, said application processing data objects; with a tracer which obtains data from instrumentation in the application when an instrumentation condition instructs the tracer to monitor at least one of debugging data and performance data with respect to the application, and while said application is executing, and when the instrumentation condition occurs, monitoring a first function within said application, said first function receiving a first data object and returning a second data object; identifying said first data object as being passed to said first function; identifying said second data object as being returned from said first function; while not obfuscating a name of the first function, selectively obfuscating said first data object to create a first obfuscated data object; while not obfuscating the name of the first function, selectively obfuscating said second data object to create a second obfuscated data object; and storing said first obfuscated data object and said second obfuscated data object. - View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12)
-
-
13. A system comprising:
-
a processor, said processor being a hardware processor; an execution environment that executes an application using said processor, said execution environment having a process scheduler; a tracer that monitors said application during execution in said execution environment to obtain at least one of debugging data and performance data with respect to the application when an instrumentation condition occurs, said tracer that gathers actions performed by said process scheduler when the instrumentation condition occurs, one of said actions comprising function calls having input parameters and output parameters; an obfuscator that receives said input parameters and selectively creates obfuscated input parameters, and receives said output parameter and selectively creates obfuscated output parameters while not obfuscating a function name related to such input parameters; a communicator that transmits said obfuscated input parameters and said obfuscated output parameters and said function name to a remote device. - View Dependent Claims (14, 15, 16, 17)
-
-
18. A method comprising:
-
executing an application in a first secure location, said application processing confidential data, said application further comprising a first function receiving a first confidential parameter; during said executing, tracing said application within said first secure location to obtain at least one of debugging data and performance data with respect to the application when an instrumentation condition occurs, and when said instrumentation occurs, said tracing comprising identifying said first function and said first confidential parameter; selectively obfuscating said first confidential parameter to create a first obfuscated parameter while not obfuscating a function name related to the first confidential parameter; and transmitting said first obfuscated parameter and the function name to a remote device, said remote device being located outside of said first secure location. - View Dependent Claims (19, 20, 21, 22)
-
Specification