SPADE utilizes industry-standard encryption algorithms approved by the National Institute of Standards and Technology (NIST) to secure data both at rest and in transit.
Status: Active (Primary Symmetric Cipher)
We utilize 256-bit AES encryption to protect all
database records, including candidate profiles, passwords, and
examination question banks. This is the global gold standard
for securing classified information and provides
quantum-resistant data protection.
Status: Active (Primary Asymmetric Cipher)
RSA algorithms with a 4096-bit key length are deployed
for secure key exchanges and digital signatures. This ensures
that the connection between the candidate's browser and the
SPADE servers cannot be intercepted or spoofed.
Status: Active (Network Security)
All
traffic moving across the SPADE network is routed through
enforced HTTPS utilizing TLS 1.3. This prevents
"Man-in-the-Middle" (MitM) attacks and ensures data integrity
during live exam submissions.
Information stored on our PostgreSQL databases (such as Tax IDs, test scores, and AI malpractice logs) is fully encrypted at the volume level. Server access requires strict Multi-Factor Authentication (MFA) within a Virtual Private Cloud (VPC).
Live video telemetry from the AI facial tracking engine and real-time answer submissions are encrypted via end-to-end TLS tunnels. Video data is processed locally on the client machine and is never transmitted in raw format.
To maintain absolute security, SPADE strictly prohibits fallback connections to obsolete cryptographic standards. DES (Data Encryption Standard), 3DES, and SSL v2/v3 are permanently disabled across our infrastructure due to known vulnerabilities. Connections attempting to use these legacy protocols will be automatically rejected by the engine.
For inquiries regarding our security posture, penetration testing schedules, or compliance documentation, please contact security@spade.edu.in.