You can use session agents in the Windows pipeline to manage data privacy.
The Windows pipeline enables multi-threaded processing, multi-instance processing, and sequenced processing that can accelerate the testing and application of privacy rules. However, any data that is not cleansed in the Windows pipeline is passed through the Tealeaf server system and can be monitored by system administrators and users.
By design, the Windows pipeline runs individual session agents, such as the Privacy session agent, to manipulate session data via individual threads, which enables better management of the processing. In addition, the Health-Based Routing session agent enables the distribution of the pipeline data across multiple servers for superior load balancing.
The Windows pipeline does not restrict the number of instances of a session agent, so you can create sequenced processing. One instance of the Privacy session agent can execute an action to manipulate a value in the hit, and then another session agent downstream can act on the result of the first privacy rule. Sequenced processing enables sophisticated post-processing of hit data.
The following types of privacy actions should be handled in the Windows pipeline:
- Moving data values into the request buffer from the response buffer for event triggering.
- Concatenating existing values.
- Post-processing request or response values.
- Blocking data that Tealeaf users should not see, while enabling Tealeaf administrators to access it.
- General listing, manipulation, or other alterations of data values in the hit.
Potential security risks of Windows pipeline privacy
When hits arrive faster than the Windows pipeline can process them, those hits are spooled to temporary files on the disk drive. Spooling hits to a disk drive might present a security risk, as potentially sensitive information in those hits becomes accessible to employees. Although spooled data is deleted after the hit is processed, there is a small window of time in which the data is exposed and accessible. Some company security policies might not permit this type of spooling storage or might require additional deletion or data scrubbing of the storage area to ensure that no sensitive data remains.
Deal with performance implications of Windows pipeline privacy
- Split your privacy rules between two or more instances of the privacy session agent by creating a child pipeline.
- Split your privacy rules across more than one server by putting a privacy session agent into the pipeline on each server with a portion of your privacy actions in each.
Apply privacy rules to Windows pipeline session agents
Tealeaf provides a utility for testing and iterating on the development of privacy rules. While these rules are applied using the Windows pipeline session agents, the same rules can be applied through PCA privacy management.
Apply privacy to binary response formats
Tealeaf supports the ability to apply privacy rules to the responses for the MSBIN1 format.
In the Windows pipeline, this data format can be decoded into clear text using the Inflate session agent. Later in the same pipeline, the Privacy session agent can be inserted, and privacy rules applied to the clear text version. To perform privacy, you create privacy rules in the same manner as any other text/xml post or text/xml response format.