SecureContext
This sample application demonstrates the secure context feature, which prevents logging of sensitive information such as passwords or access codes. It demonstrates suppression and encrpytion in a prompt with the switts.secure_context property, and suppression in a recognition with the swirec.secure_context property.
See Logging security for more information about secure context and the differences between suppression and encryption.
To demonstrate the encryption feature, you must specify a public key in a session.xml file, otherwise the application generates minor alarms and doesn’t show the encryption features. The example_session.xml file, located in %NSSSVRSDK%\config contains a sample public key.
Before running the application, display the Applications tab for the Voice Browser service and set the Session.xml URL field to the pathname using a file:// or http:// URL. For example:
file://venus.nuance.com/c$/Program Files/Nuance/Voice Platform/Speech Server/config/example_session.xml
See Specifying a session.xml file for more information.
Notes for running SecureContext
Initial page URI
http://hostname:8090/SecureContext/secure_context.vxml
Sample dialog
|
Application |
Welcome to the secure context sample application. This sample shows two ways to collect information while suppressing or encrypting information in the logs that might expose sensitive user information. First, we'll do a "normal" dialog state with full logging. Please say yes or no. |
|
Caller |
Yes. |
|
Application |
I heard yes. This information was captured in the call log and the utterance was recorded. Now let's collect some sensitive information with recognition logging and utterance capture encrypted. Please say your five digit account number. |
|
Caller |
Five, four, three, two, one. |
|
Application |
Got a result. Will confirm in the next state with prompt logging suppressed. I heard, five four three two one. Is that correct? |
|
Caller |
Yes. |
|
Application |
Great. The confirmation prompt was not logged, but your response to the confirmation prompt was. To demonstrate an alternate use of the secure context parameters please say a five digit number again. |
|
Caller |
One, two, three, four, five. |
|
Application |
I heard, one two three four five. Is that correct? |
|
Caller |
Yes. |
|
Application |
Great. This entire confirmation state was logged, but the prompt with your account information was played in the previous state, so was not logged. Thanks for trying the secure context sample application. |
Logged events
When the secure_context parameters for recognition and TTS are enabled, call log entries for prompts and recognition results are suppressed or encrypted, depending on the settings. The application also includes custom log messages to mark the beginning of dialog states where the prompt or recognition logging is being suppressed or encrypted.
Recognitions
A recognition creates one call log entry for the results, and one utterance file for the waveform data. The first recognition of the SecureContext application is not secured:
|
Application |
Welcome to the secure context sample application. This sample shows two ways to collect information while suppressing or encrypting information in the logs that might expose sensitive user information. First, we'll do a "normal" dialog state with full logging. Please say yes or no. |
|
Caller |
Yes. |
This unsecured recognition produces these two call log entries, one for the waveform created and the other for the recognition result:
...|EVNT=NUANwvfm|PLAYABLE=NUAN-45-14-MTL-DOC-0a0314b4_000019c8_4b574f3a_0008_0001-utt001-POSTEP.wav|...
...EVNT=SWIrcnd|...|RSLT=true|RAWT=yes|SPOK=yes|...|KEYS=<MEANING conf="988">true</MEANING><SWI_confidence conf="0">0</SWI_confidence>|...|WVNM=NUAN-45-14-MTL-DOC-0a0314b4_000019c8_4b574f3a_0008_0001-utt001-POSTEP.wav|...
The recognition entry includes the result (RSLT), raw text (RAWT), transcript (SPOK), and keys (KEYS) returned by the recognizer. It also includes the name and location of the recorded waveform (WVNM) associated with this recognition the result.
The next recognition is secured by enabling the swirec.secure_context property within the field in the VoiceXML:
<field name="secure_reco" type="digits?length=5">
<property name= "swirec.secure_context " value = "encrypt"/>
<prompt>Now let's collect some sensitive information with recognition logging and utterance capture encrypted.</prompt>
<prompt>Please say your five digit account number. </prompt>
When the application executes this section, the caller’s reply is recognized as normal:
|
Application |
I heard yes. This information was captured in the call log and the utterance was recorded. Now let's collect some sensitive information with recognition logging and utterance capture encrypted. Please say your five digit account number. |
|
Caller |
Five, four, three, two, one. |
The secured recognition shows this information in the call log:
...|EVNT=NUANwvfm|PLAYABLE=NUAN-45-14-MTL-DOC-0a0314b4_000019c8_4b574f3a_0008_0001-utt002-POSTEP.wav.enc|...|SECURE=encrypt
...|EVNT=SWIrcnd|...|RSLT=_ENCRYPTED|RAWT=_ENCRYPTED|SPOK=_ENCRYPTED|KEYS=_ENCRYPTED|...|WVNM=NUAN-45-14-MTL-DOC-0a0314b4_000019c8_4b574f3a_0008_0001-utt002-POSTEP.wav.enc|SECURE=encrypt|...
Here the log entries for both events show a new SECURE=encrypt item. The NUANwvfm event shows that PLAYABLE waveform is created but encrypted. The SWIrcnd event shows that the results, raw text, transcript, and keys are all encrypted.
Prompts
Consider the following unsecured TTS prompt at the beginning of the SecureContext application:
|
Application |
Please say yes or no. |
|
Caller |
Yes. |
This results in a call log entry that contains the full prompt within a <speak> request:
...|EVNT=NVOCinpt|...<speak xml:lang\="en-US" version\="1.0" xmlns\="http://www.w3.org/2001/10/synthesis"><meta name\="secure_context" content\="open"/> Please say yes or no.</speak>
A sensitive prompt can be secured by enabling the switts.secure_context property within the field in the VoiceXML. For example, the following prompt repeats a recognized account number back to the caller, but does not log it:
<field name="confirm" type="boolean">
<property name= "switts.secure_context" value = "suppress"/>
<prompt>I heard, <say-as type="digits">
<value expr="secure_reco"/></say-as></prompt>
When Voice Platform executes this section, the account number is repeated back to the caller:
|
Application |
Got a result. Will confirm in the next state with prompt logging suppressed. I heard, five four three two one. Is that correct? |
However the matching call log entry for this “I heard ...” prompt includes a SECURE=suppress item, and suppresses the <speak> request passed to Vocalizer. The account number is not logged.
...|EVNT=NVOCinpt|...|TEXT=_SUPPRESSED|SECURE=suppress
Since recognition is not secured in this state, the result (yes) is logged and the caller’s response is recorded.
...EVNT=NUANwvfm|...|PLAYABLE=NUAN-45-14-MTL-DOC-0a0314b4_000019c8_4b574f3a_0008_0001-utt003-POSTEP.wav
...EVNT=SWIrcnd|RSTT=ok|RENR=prun|ENDR=itimeout|NBST=1|RSLT=true|RAWT=yes|SPOK=yes|...|KEYS=...|...|WVNM=NUAN-45-14-MTL-DOC-0a0314b4_000019c8_4b574f3a_0008_0001-utt003-POSTEP.wav|...
Recognitions and prompts
The next state enables security on TTS and recognition in the same field. It encrypts the prompts that ask for and confirm the caller’s account number, and suppresses the recognition result. The caller’s response is not recorded.
<field name="secure_reco2" type="digits?length=5">
<property name= "swirec.secure_context" value = "suppress"/>
<property name= "switts.secure_context" value = "encrypt"/>
<prompt>To demonstrate an alternate use of the secure context parameters please say a five digit number again.</prompt>
...
<prompt>I heard, <say-as type="digits"><value expr="secure_reco2"/></say-as></prompt>
...
The matching call log entries show the TTS prompts are encrypted (only one is shown):
...EVNT=NVOCinpt|...|TEXT=_ENCRYPTED|SECURE=encrypt
Because the recognition result is suppressed, the result is not logged and the caller’s response is not recorded. No wavefile is created.
EVNT=SWIrcnd|...|RSLT=_SUPPRESSED|RAWT=_SUPPRESSED|SPOK=_SUPPRESSED|...|WVNM=_SUPPRESSED
EVNT=NUANwvfm|PLAYABLE=_SUPPRESSED|UCPU=0|SCPU=0|SECURE=suppress
The final state in the application is for confirmation only and doesn’t need to enable security. All prompts and recognition results are logged and the user utterance is recorded.
