Data Vault

Data Vault

We believe in client satisfaction and to deliver the best of our services and solutions
we work with the client’s in house teams and departments.

Aadhaar Data Vault
  • All entities are directed to mandatorily store Aadhaar Numbers and any connected Aadhaar data (e.g. eKYC XML containing Aadhaar Numbers and data) on a separate secure database/vault/syslem. This system will be termed as “Aadhaa Data Vault” and will be the only place where the Aadhaar Number and any connected Aadhaar data will be stored.
  • All business use-case of entities shall use this Reference Key instead of Aadhaar number in all systems where such reference key need to be stored/mapped, i e. all tables/systems requiring storage or Aauhaar numbers for their business transations should from now onwards maintain only the reference key. Actual Aadhaar number should not be stored in any business databases other than Aadhaar Data Vault.
DSM, Accelerating Time to Value with Consolidated Control
  • Centrally manage keys and policy
  • High-availability with cluster
  • Multi-tenant and strong separation of duties
  • Proven 10,000+ device and key management scale
  • Web, CLI, API Interfaces (SOAP,REST)
Tokenization
  • Each Aadhaar number is to be referred by an additional key called as Reference Key. Mapping of reference key and Aadhaar number is to be maintianed in the Aadhaar Data Vault.
  • The chosen Reference Key generation method is to ensure that the recovery of the original Aadhaar numer must not be computationally feasible knowing only the reference key or number of reference keys. It is suggested that a UUID(Universally Unique Identifier represented via hex string) scheme be used to create such reference ke so that from such reference key, Aadhaar number can neither can be guessed nor reverse engineered
Transparent Encryption

Securing Data Vault

Securing Vault using HSM protected Key

The Aadhaar number and any connected data maintained on the Aadhaar Data Vault shall always be kept encrypted and access to it strictly controlled only for authorized systems. Keys for encryption are to be stored in HSM devices only

  • Option 1 : Use HSM with Oracle or SQL TDE
  • Option 2 : Use DSM with HSM and Vormetric TDE
  • Option 3 : Use DSM with HSM and VAE
  • Proven 10,000+ device and key management scale
  • Option 4 : Use DSM with HSM and VKM