top of page

Unveiling the Security Features of CDHA

Updated: May 13

Welcome back to our ongoing exploration of CDHA, where advanced technology meets security to redefine data protection in today’s digital landscape. In this blog, we are exploring CDHA’s innovative security features which provide robust defence against cyber threats. 

CDHA employs a specialised cryptographic solution developed in collaboration with NCSC, and, refined over three and a half years to meet stringent security standards. Supported by thorough evaluations from the west, this solution ensures that the data remains safeguarded against evolving threats.  

CDHA is secure by design, meaning that any application developed using CDHA inherently integrates security measures. Adopting CDHA aligns organisations with security by design principles, setting a strong foundation for secure application development.  

Let’s explore the layers of CDHA’s security features to understand how it ensures robust protection against emerging threats. 

Data Encryption and Signing (Data in Rest and Data in Transit)

Unlike traditional encryption methods, CDHA employs unique row-level AES encryption, generated using user-specific keys, ensuring unparalleled security for data both at rest and during transit. This ephemeral AES encryption at the row level distinguishes CDHA from other encryption protocols like Transport Layer Security (TLS). 

Endpoint Security with ECDH (Elliptic Curve Diffie-Hellman) and ECDSA (Elliptic Curve Digital Signature Algorithm) ensures robust protection at every step of the data transmission process. User data is encrypted and signed using the user’s Key pair at the client browser level, safeguarding it from unauthorised access. To ensure secure data transmission from low to high trust domains, data payloads travel in encrypted form, which can only be decrypted by high assurance gateway. Once decrypted at the gateway, the data undergoes schema validation to verify its integrity before being forwarded to the high trust orchestrator. 

Authentication and Verification

Identity verification and signature validation further strengthen security at the high trust orchestrator level, guaranteeing the legitimacy of data transactions. CDHA employs stringent controls to prevent unauthorised requests from infiltrating the system. Application ID verification at the gateway, user public key identity checks, and signature verification by the High Trust Orchestrator ensures that only legitimate requests are processed. 

CDHA’s User Key Registration Portal, part of the Identity Service, guarantees secure user interactions within the framework. By properly generating and registering keys, this portal establishes a trusted relationship for all subsequent transactions, enhancing overall system security. 

Access Control and Role-Based Access Control (RBAC)

CDHA implements a multi-layered defence strategy. Application authentication and Role-Based Access Control (RBAC) prevent unauthorised access. Role-Based Access Control (RBAC) enforces strict access policies, granting users precisely the permissions they need to fulfill their roles. Furthermore, RBAC and Two-Factor Authentication (2FA) mechanisms add extra layers of protection against unauthorised access attempts. 


The high assurance gateway decrypts and validates incoming payloads, ensuring data integrity and adherence to predefined schemas. While CDHA implements robust security measures, residual risks persist, such as the potential compromise of a user’s device. In response, CDHA is collaborating with a major chip supplier, Intel, to develop potential solutions. 

Export Control (Additional Security Measure)

Additionally, the export control component conducts thorough checks on outgoing data to ensure compliance with regulations and safety standards before encryption. 


Threat Mitigation with CDHA: Addressing Security Risks through the STRIDE Model 

CDHA employs a comprehensive approach to mitigating various types of threats, as outlined by the STRIDE model. For example, it addresses: 

  • Spoofing threats by implementing robust authentication mechanisms such as user public key identity checks and application ID verification.  

  • Tampering threats are mitigated through data encryption and signing techniques, ensuring the integrity of transmitted information. 

  • Repudiation risks are minimised through identity verification and signature validation, establishing accountability for data transactions.  

  • Information Disclosure concerns are addressed through the implementation of Role-Based Access Control (RBAC) and encryption controls, safeguarding sensitive data from unauthorised access.  

  • Denial of Service (DoS) threats are mitigated through stringent access controls, encryption mechanisms, and the High Assurance Gateway’s ability to validate incoming payloads.  

  • Finally, Elevation of Privilege threats are countered by enforcing strict access policies based on user roles and implementing Two-Factor Authentication (2FA) mechanisms for additional user verification.  

Through these measures, CDHA effectively safeguards against a wide range of security threats, ensuring the integrity, confidentiality, and availability of data. 

While we have provided a glimpse into the security framework of CDHA, we have only scratched the surface of its capabilities. There is much more to explore in the domain of CDHA’s security features. Stay tuned with us as we will discuss implementing CDHA in Government Data Systems in our forthcoming blog post. 


Commenting has been turned off.
bottom of page