Confidentiality policies

The system can obscure or delete private data according to policies that you configure for each of the following traffic elements:

• Cookies
• POST command parameters
• URI path and query parameters

For each element, you must identify keys and specify how the system must handle them. For example, the system can apply MD5 hashing to obscure the value associated with a given key, it can delete the value alone or it can delete the entire name-value pair. You can also instruct the system to leave the data unchanged. Refer to the following table to see how the system handles data:

Options for handling private data

You can use the asterisk character (*) as a wildcard for matching in any key name. For example, typing ASPsessionid* to create a rule for cookies matches ASPsessionid2293C100, as well as ASPsessionidAF095BFF.

For keys that are not explicitly identified, the system provides "catch-all" rules.

Cookies

Web applications use cookies to save information about the client for later use by the server. Cookies are a convenient way to store user preferences and session-state information (for example, session ID). However, they can store such sensitive data as account numbers and logon credentials.

POST command parameters

Forms are a common feature of websites, used as means of getting information from end users to authentication engines, reservation systems, helpdesk and e-commerce applications. Logon credentials, credit card numbers, and so forth, are transmitted to the server by the parameters of the POST command.

URI path and query parameters

Web applications use Unified Resource Identifiers (URIs) to identify Internet resources. Both the path and query segments of a URI can contain private or otherwise sensitive data. Refer to the following table to see URIs with the path and query parameters:

URI examples showing path and query segments

Related topic

Configuring-confidentiality-policies