Guaranteeing the confidentiality of exam papers

Following several leaks, this authority wanted to encrypt national exam papers in order to guarantee their confidentiality.

Once drafted, the papers are sent by e-mail to the various examination centres. Transportation of the files must therefore be secure.

With several thousand of parties involved, it is important that the information system security team has total control over the list of persons with clearance to access the content. The security team defines which storage spaces, local or shared, need to be protected. The solution must also ensure that the configuration deployed on the workstations is the one prepared by the security team

Lastly, the solution must be simple for users, and therefore transparent, with no need for them to make any decisions.

SECURITY DEPARTMENT: After being trained by PRIM’X, the Security team takes care of deploying ZONECENTRAL and defining and signing the security policies. The team also handles application of the encryption instructions by creating encrypted zones on the file servers and managing the cryptographic accesses of authorised users.

USERS: The authors’ local and shared files are fully encrypted. With ZED!, which is included in ZONECENTRAL, users send the exam papers in encrypted containers. The recipients are the only ones with the right to decrypt the data using their private key.

The encryption performed by ZONECENTRAL is transparent: data decryption is carried out without any action on the part of the user thanks to the implementation of the Microsoft PKI, which allows transfer of the private key in the session certificate store. This PKI also provides easy control of certificates in the event of expiry or revocation

NEXT STEPS:

Passwords will be replaced by certificates for internal e-mail encryption when the next PKI is deployed.