NimbostratusiRules for identifying PII data and invoking REST calls
Can anyone comment on the use of iRules to identify sensitive data elements (SSN, DOB, and other PII data) in an incoming http stream, trigger the invocation of a RESTful web service call that takes those elements in their cleartext form and directs them to an external RESTful interface where the elements are then encrypted or tokenized, returned back to the F5 encrypted or tokenized in the web service payload, and re-inserted by the F5 back into the original http stream for sending to the next downstream device? It’s a long winded question.
The reverse would also have to occur, i.e. the encrypted or tokenized elements would be in the outgoing (response) http stream and also need to be identified by iRules so a RESTful web service call can be made back to the external device – this time using the encrypted or tokenized valued in the REST payload, and send those elements to the external RESTful interface. The external device would decrypt or de-tokenize, insert the clear text back into the payload of the REST response, to be consumed by the F5 and irules put them back into the http response going to the browser. Is anyone aware of iRules being used in this fashion?
