IBM Sterling Ideas

formerly Watson Supply Chain

Submit new product ideas for IBM Sterling solutions. Before you submit, please review existing ideas; if an idea close to yours already exists, it's better to add comments or vote on the existing idea. We will review your ideas and use them to help prioritize our product development. Best of all, the portal will automatically update you when the status of your idea has been changed. Order Management, Store Engagement, Watson Order Optimizer, Inventory Visibility, CPQ and Call Center are now part of Watson Supply Chain

Connect with IBM experts and your peers on the Supply Chain Collaboration Community and the Order Management Interest Group

Session ID should be complete alpha numeric random number


 - Generate session IDs using secure random number generators

Examples: CryptGenRandom, RNGCryptoServiceProvider

- Invalidate sessions after an inactivity timeout or on logout

- Set appropriate attributes in the HTTP Response headers to avoid storing restricted and confidential information in browser caches Best practices include setting the following:

Cache-Control: no-cache, no-store

Expires: 0

Pragma: no-cache

- Set the HTTPOnly attribute in the HTTP Response header to prevent client-side scripts from accessing cookies


- TISD-1810-2.3 Cryptographic Algorithms

  • Avatar32.5fb70cce7410889e661286fd7f1897de Guest
  • Jun 19 2019
  • Needs review
How will this idea be used?

This is the enhancement request to support client security requirement.

What is your industry? Telecommunications
What is the idea priority? Medium
DeveloperWorks ID
Link to original RFE
  • Attach files