Story 2.9: Encryption & Data Protection
| Field | Value |
|---|---|
| Story Points | 8 |
| Sprint | Sprint 8 |
Encryption Architecture
Data at Rest:
- AWS KMS master keys
- RDS encryption
- Column-level PII encryption
Data in Transit:
- TLS 1.3 for all traffic
- Certificate management via ACM
Field-Level Encryption:
- Aadhaar numbers
- Bank account numbers
- Medical records
- Salary information
- AES-256-GCM with envelope encryption