Data in transit: This is secured by using HTTP over TLS (1.3)
HTTP (Hypertext Transfer Protocol) over TLS (Transport Layer Security) 1.3 offers several benefits over using previous versions of TLS/SSL.
Improved performance: TLS 1.3 has improved the speed of establishing a secure connection between the client and the server. This means that users will experience faster load times and reduced latency when accessing secure websites.
Enhanced security: TLS 1.3 includes new security features such as forward secrecy, which helps to protect against attacks on the server's private key. It also removes support for older, less secure cryptographic algorithms.
Simplified negotiation: TLS 1.3 reduces the number of round trips required to establish a secure connection, which simplifies the negotiation process and makes it more efficient.
Reduced latency: TLS 1.3 reduces the amount of data exchanged between the client and server during the connection establishment phase, which reduces latency and improves performance.
Better privacy: TLS 1.3 includes new privacy features such as encrypted server name indication (SNI), which helps to protect the privacy of users by preventing eavesdropping on the requested hostname.
Data at rest/in storage within OBT-HK: Sensitive data are encrypted using military grade encryption (AES-256). AES-256 (Advanced Encryption Standard with a 256-bit key) is a widely used symmetric encryption algorithm that provides a high level of security. It is considered an extremely strong encryption standard, with no known practical attacks against it.