đź“„
Sunbird Saral
  • Sunbird Saral Overview
  • Saral Quick Guide
  • Saral Implementation Manual
    • OMR led scanning - Assessments
    • OCR led scanning - Admissions
  • Saral Transformation Story
  • LEARN
    • Software Requirement
    • Application Architecture
    • Features
      • Configurable Branding
      • Capture AI/ML Training Data
      • Support
      • Share App data
      • Auto Sync
      • Multi-Page support
      • Profile Menu
      • Dynamic Validations
      • Dynamic Tagging
      • Minimal Mode
      • Offline mode
      • App Force Update
      • Review results/marks
      • Firebase Analytics and Crashlytics
      • ML model deployment using Firebase
      • Improved Low light Performance - Manual Edit
      • Vertical Forms Scanning Support
      • Improve Processing Speed for big layouts
      • Admissions Data Capture
      • Securing PII Data Capture - Admissions
    • Specifications
      • Layout specification
      • Backend API Swagger Doc
    • Videos
      • Feature Explanation
        • OMR Layout scanning
        • Auto-Sync
        • Share scan app data
        • Skip feature
        • Support feature
        • Validation feature
        • Incorrect scanning
        • Multi-page feature
        • Branding feature
        • Offline mode
        • Review results/marks
      • Usage by States
        • Gujarat Implementation - Between 39:00 - 40:00 mins
        • Uttar Pradesh(U.P) , Gorakhpur Implementation
    • ML Model Accuracy/Results
  • USE
    • Roadmap
    • Workspace Setup - Playbook
    • Saral App Reference Backend
    • Generating APK from source code
    • Generate AAB(App bundle) from source code
    • Sign already generated APK file with private Key
    • Layout configuration
    • Debug/Run Saral App from Android Studio
    • Saral App Debug Tips
    • Saral App Usage Guidelines
    • Update BASE_URL,apkURL in APK
    • Update BASE_URL,apkURL in AAB
    • Sign already generated AAB(Android App Bundle) file with private key
    • Google Play Store App Publish Considerations
    • Layout Design Guidelines
    • Saral OCR Assets
    • Firebase setup for Saral App Telemetry
    • Firebase setup for TFLite model deployment
    • Alternatives for Saral components
  • ENGAGE
    • Source Code Repository
    • Saral SDK Source Code Repository
    • Tracker
    • Releases
      • v1.0.0-beta.1
      • v1.0.0-beta.2
      • v1.0.0-beta.3
      • v1.0.0-beta.4
      • v1.0.0-beta5
      • v1.5.0
      • v1.5.1
      • v1.5.2
      • v1.5.3
      • v1.5.4
      • v1.5.5
      • v1.5.6
      • v1.5.7
      • v1.5.9
      • v1.6.0
      • v1.6.1
      • v1.6.2
      • v1.7.0
    • Saral - Solution Providers
    • Discuss
  • Experience Saral
  • Dev Environment - Installation & Maintenance
    • Saral Installation Guide (Non-Prod)
    • Saral - Sandbox Maintenance Guide (Non-Prod)
  • Saral Easy Installer
    • Saral Production-Environment User Installation Guide
      • Manual Installation for Prod
      • Automating the Infra provisioning and install of the Saral application
        • Prerequisites
        • What automation does
        • Run installer
        • Post install steps
        • Monitoring-Stack
    • Reference Documents
      • SARAL Infra Requirements & Associated Cost
      • Saral Infra Cost Benefit Analysis
  • Tool for Saral Easy Layout generation and Auto generate ROI json
Powered by GitBook
On this page

Was this helpful?

Edit on GitHub
  1. LEARN
  2. Features

Securing PII Data Capture - Admissions

Saral supports handling secure storage of PII data by providing configurable field encryption of PII schema with different data security levels like encryption, encryption+masking, encryption+hashing.

PreviousAdmissions Data CaptureNextSpecifications

Last updated 1 year ago

Was this helpful?

Saral App supports enabling PII data encryption from v1.7.0 release which is added to admissions usecase.

The admissions record captures sensitive PII data of a student. It is necessary to manage data security.

Saral reference backend provides data encryption feature for Admissions record which can be configured at field level(each and every column/key in admissions record). Currently supports 6 different levels of encryption termed as:

  • ENCRYPTANDHASH - does encryption of data first and then hashing of encrypted data for added security

  • ENCRYPT - does encryption of data only

  • HASH - does hashing of data only

  • MASK - does masking of data only

  • ENCRYPTANDMASK - does encryption of data first and then masking of encrypted data for added security

  • ENCRYPTARRAY - does encryption of array type of data

Saral reference solution uses below algorithms for data security

Encryption: AES 256
Hashing: SHA 256

Data encryption can be configured under branding for a specific state. A new key named “encryptionSchemas” is added to brands schema which holds an object containing info about field level encryption enabling/disabling with the type of encryption. Refer to for more details.

By default the reference solution implements admissions record encryption as shown in below sample, which is added to default branding record and saved under brand collection in DB.

"encryptionSchemas": {
      "admissions": {
       "studentAadharNumber": "ENCRYPTANDMASK",
       "studentFirstname": "ENCRYPT",
       "studentSurname": "ENCRYPT",
       "studentDateOfBirth": "ENCRYPT",
       "studentAddress": "ENCRYPT",
       "studentBlock": "ENCRYPT",
       "studentDistrict": "ENCRYPT",
       "guardianFirstname": "ENCRYPT",
       "guardianSurname": "ENCRYPT",
       "fatherName": "ENCRYPT",
       "fatherContactDetails_phone1": "ENCRYPTANDMASK",
       "fatherContactDetails_phone2": "ENCRYPTANDMASK",
       "motherName": "ENCRYPT",
       "motherContactDetails_phone1": "ENCRYPTANDMASK",
       "motherContactDetails_phone2": "ENCRYPTANDMASK",
       "rollNumber": "ENCRYPTANDHASH",
       "addressOnRationCard_address": "ENCRYPTANDHASH",
       "addressOnRationCard_ward": "ENCRYPTANDHASH",
       "addressOnRationCard_block": "ENCRYPTANDHASH",
       "addressOnRationCard_district": "ENCRYPTANDHASH",
       "predictionInfo": {
          "trainingData": "ENCRYPTARRAY"
       }
      }
    }

Reference solution also allows state/adaptors to override the above encryption config by defining a similar structure as shown above in state specific branding.

Refer to this documentation to know more about additional guidelines that can be implemented to secure data

configurable-branding.md
Data Security guidelines for Saral - Admissions use case