Security and Privacy Considerations for Filtering

[gmuratk]

Problem description
Section 8.3 Filtering must have a statement about security considerations for privacy. Some of the parameters/values passed may contain sensitive information.

Expected action
Similar to section 12.2 (CloudEvents), which has a Security Considerations section, section 8.3 must have a statement.

Additional context
Alternatively, Section 10 (Security) may cover this aspect, which can then be referenced from Section 8.3

[eric-murray]

Given that filtering parameters are passed as query parameters, my view is that it should not be possible to filter using personal information (such as phoneNumber or ipAddress). Probably the examples based on filtering by name should be changed.

[gmuratk]

@eric-murray 's comment is supported by DG the statements in the following sections: "4.2 Input/Output" and "3.1" subsection titled "POST or GET for transferring sensitive data". So, I propose the following changes to the examples in section 8.3

Operation	Strings/enums
equal	GET .../?type=mobile
non equal	GET .../?type!=mobile
Contains	GET .../?type=~str

and Examples as
Examples:

• Equals: to search devices with a particular operating system and version or type:
  • GET /device?os=ios&version=17.0.1
  • GET /device?type=apple,android
    • Search for several values separating them by ",".
• Inclusion: if we already have a filter that searches for "equal" and we want to provide it with the possibility of searching for "inclusion", we must include the character "~"
  • GET /device?version=17.0.1
    • Search for the exact version "17.0.1"
  • GET /device?version=~17.0
    • Look for version strings that include "17.0"