About

Research is funded in part or whole by the National Science Foundation and the Office of Naval Research.

FLAIM (Framework for Log Anonymization and Information Management)

FLAIM is a general framework, created to support the anonymization of heterogeneous logs to multiple levels. It is developed by the LAIM Working Group at the NCSA. As the developers of FLAIM, our main contributions are to provide (1) the anonymization engine containing a broad set of anonymization algorithms for various datatypes, (2) the XML based policy engine which validates and parses users' XML policies against a variety of schemas (we incorporate Relax NG, Schematron, XML and XSLT technologies here), and (3) a simple yet strict API governing how parsing modules (loaded dynamically at run-time) can pass records back and forth with FLAIM's anonymization engine.

The reason for creating an API and dynamically loadable modules is to allow others to more easily expand FLAIM's use beyond the few types of logs that we initially supported (e.g., pcap headers, netfilter, NetFlows). The typical user will just download FLAIM and the appropriate module for their log type. However, we foresee other, more advanced users that would like to expand FLAIM to other logs for their special needs. They could write a module that supports streaming (This is possible because the the methods to read and write data are abstracted away from FLAIM), or one that parses a new type of log.

For information on the architecture and design of FLAIM, look at Publications page at the LAIM home. The Documentation page has the user guides, developer guides and MAN page. Download and Installation are hopefully self-explanatory.