Data Protection

  • Encryption at Rest: persisted user data is encrypted; only the enclave can decrypt.

  • Integrity: data is checked for tampering before use.

  • Access Controls: operators cannot read keys by design.

  • Transport: HTTPS everywhere; cookies are Secure + HttpOnly.

PreviousRemote AttestationNextThreat Model

Last updated