If data requiring special protection is processed in a web service, this data must be individually protected by using end-to-end mechanisms at the application level (end-to-end), such as XML encryption.
Since transport encryptions are already terminated on outer layers, as well as possible payload logging and "hop by hop" communication, a pure transport encryption in most cases does not offer sufficient protection for particularly confidential data.
Examples of data requiring special protection are Medical data, Criminal records, Bank details of a person, Quarterly figures before publication and Draft contracts with high financial volume.
Motivation: Due to the special need for protection, confidentiality protection is required for certain data even if they are encrypted for transport or transmitted via secure networks.
Please specify product compliance as well as the corresponding method