Social Registry typically contains rich demographic information of persons. Hence, privacy and security of this data if utmost importance. OpenG2P offers several features related to privacy and security
- Encryption of PII at rest
- Anonymized eligibility and entitlement determination
- Anonymous data for reporting
- Role based access to data
- Multi factor authentication
- Robust secure deployment infrastructure
- HSM based Key Manager for encryption and digital signatures
- Secure input handling
Input security is handled in the following ways:
- Input validation
- Memory safe programming language (Python)
- Type safe programming using Python Pydantic
- ORM capabilities to avoid SQL Injection threats
- Social Registry fields can be encrypted and stored. Or the registry data can be anonymized.
- Social Registry uses MOSIP Keymanager module for cryptography APIs. Keymanager uses HSM to store keys and perform operations like encrypting, signing, etc. so that the real keys are stored in HSM.
- Know more about Privacy and Security in OpenG2P. And about Keymanager integration.
- Link to Configuration and source code.
 (1) (1).jpg)