[vtp-dev] Security Branch Merged

[Trip Gilman <trip@xxxxxxxxxxxxxxx>]

Title: Security Branch Merged

I have recently merged the security branch into the trunk now that it has proven to be stable enough.  With the security updates, I wanted to provide a set of changes to enable the safe use of sensitive data within an application.  The changes amount to providing a mechanism for the application developer to identify the sensitive data used in the application and allow the runtime components to recognize this desire and take appropirate action when logging or otherwise transmitting the data to other agents.

This is really only a quick pass to allow the use of OpenVXML for applications involving sensitive data, such as credit card information, without having to completely disable logging to be compliant with security regulations.  There are quite a few more things I’d like to do along these lines.  Take a look at what I’ve put together as a starting point.  I’d love to hear everyone’s thoughts or suggestions on how we can improve this aspect of the software.  Below is an overview of the additions and changes:

UI Changes

• Variables declared in the begin blocks of applications and fragments can be marked as secured.  The application developer simply clicks the table column labeled with the lock icon to indicate the desired security setting.
• Variables declared in the variable assignment block can be marked as secured.  The application developer simply clicks the table column labeled with the lock icon to indicate the desired security setting.
• Blocks that produce VXML documents can be marked secure.  A simple checkbox is provided in the general configuration panel to mark the desired security setting.
• The decision block allows the left and right arguments to be marked as secured if they are expressions.  A checkbox is presented under the _expression_ field.
• The business object editor allows fields to be marked secured.  The table has a lock column similar to the begin and variable assignment blocks.
  

Scripting Changes

• Data objects (those under the Variables object) have a new function “isSecured()” that returns a Boolean indicating whether the value should be secured.
  

Runtime (API) Changes

• The variable registry function createVariable() has been overloaded to accept a Boolean as a second argument to indicate whether the object should be secured.
• IDataObject has a new function isSecured() that returns a Boolean indicating whether the object is secured.
• Data objects constructed using a business object template will now automatically honor the secured flag of each field.
• All runtime actions for built-in elements that log variables now check to see if the variable is secured and log the text “**Secured**” in place of the actual value.
• VXML documents produced by interaction objects marked as secured will no longer be logged regardless of logging level.
• The decision action will replace the calculated value of expressions marked secured with “**Secured**” when logging the comparison details and results.
• Insecure objects placed into a variable that was previously marked secure will automatically be marked secure when assigned.
  

Trip