A.8.24 — Use of cryptography
This control ensures cryptographic techniques are applied to protect data confidentiality, integrity, and authenticity.
| Property | Value |
|---|---|
| Section | technical |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-CRYPTO-01 | PKCS#11 HSM Key Protection |
| SID-CRYPTO-02 | PRF Extension Key Derivation |
| SID-CRYPTO-03 | AES-256-GCM Encrypted Keystore |
| SID-CRYPTO-04 | COSE Sign1 and mDOC Cryptography |
| SID-CRYPTO-05 | Secure Random Number Generation |
| SID-KEY-01 | WSCA WebSocket Key Signing Delegation |
| SID-KEY-02 | IACA Certificate Management |
| SID-OPS-10 | Encryption-at-Rest and Secrets Management |
| SID-TRANS-05 | Operator TLS Deployment Enforcement |
Source: ISO/IEC 27001:2022 Annex A