Security Architecture
On-Premise Deployment
Hosted within State Data Centre; NIC compatible.
End-to-End Encryption
AES-256 at rest, TLS 1.3 in transit.
Role-Based Access Control
Scoped to DGP, ADG, IG, DIG, SP, DSP, SHO, IO.
Two-Factor Authentication
OTP + device binding for all privileged users.
Audit Logs
Immutable trail of every query and access.
Air-Gapped Option
Fully offline private-LLM deployment supported.