swirec.secure_context

Sets recognizer security levels for protecting confidential data, typically for a single event.

Value

open, encrypt, suppress

DEFAULT: open (no security)

  • open—No security measures employed. This setting is appropriate for most exchanges between applications and users. For example, for simple navigation menus. However, if the user or application exchanges confidential data, that data can be written to log files or contained in saved audio files.
  • encrypt—The system encrypts any confidential text or audio data. This level requires configuration of an encryption key in the application’s session.xml. (If the key is missing from the configuration, the system rejects the request.) If the application saves whole call recordings (WCR), the system inserts silence in the saved files. Cannot be set at the same time as suppress.
  • suppress—The system suppresses any confidential text from the logs, and does not write audio waveforms. If the application saves whole call recordings (WCR), the system inserts silence in the saved files. Speech grammars can still pass recognition results to the logs, without risking confidential data, using the provided masking and hashing features. Cannot be set at the same time as encrypt.

How to set

Shown in precedence order (see Rules of parameter precedence):

Set in the browser, using the Vendor-Specific-Parameters header in a RECOGNIZE, DEFINE-GRAMMAR, or INTERPRET request (not SET-PARAMS).

Usage

Frequently set by applications for individual recognition events.

Note the spelling of this parameter: it uses "swirec." and not underscore.

This parameter provides security for confidential data such as identification numbers or passwords that users might provide to applications. It hides the information in call logs and audio waveforms. For a description of protected data types, and the resulting strings and audio written to log files, see Protecting confidential data.

Note: The swirec.secure_context parameter suppresses or encrypts information for the caller's input only. To affect the application's side of the conversation, use the switts.secure_context parameter.

See Security levels to protect confidential data for an overview of how the swirec.mute_wcr, swirec.secure_context, and wcr_encrypt parameters interact with each other.

The security levels are exclusive. You can change between suppression and encryption at any time, but cannot set both simultaneously.

Sample definition in a VoiceXML application where the setting is valid for a single recognition request. 

<field name="field1"/>
    <prompt>please say password</prompt>
    <property name="swirec.secure_context" value="suppress"/>
    <grammar><!-- ... --></grammar>
</field>

The browser interprets the application definition in a RECOGNIZE, DEFINE-GRAMMAR or INTERPRET method. To retain elevated security for more than one event, the browser specifies the swirec.secure_context value to subsequent RECOGNIZE, DEFINE-GRAMMAR or INTERPRET requests. Otherwise, the value reverts to the default.

Vendor-Specific-Parameters: swirec.secure_context=suppress