LUL - G2408

Encryption and cryptography Guidance

active, Most Current
Organization: LUL
Publication Date: 1 December 2018
Status: active
Page Count: 8
scope:

This guidance applies to:

  • System support organisations, such as TfL's Technology & Data (T&D) directorate1, which support each TfL information system. Particularly:

o T&D Networks & Hosting, which is responsible for the maintenance of many of TfL's networks.

o Information System (IS) Assurance, which is responsible for defining build standards for T&D-supported technology.

  • Those responsible for information security within TfL (including but not limited to Cyber Security and Information Owners).

This document applies to all information systems and services owned, operated or supported by (or on behalf of) TfL.

Purpose

This guidance document identifies:

  • The encryption algorithms that it is acceptable to use to encrypt data that is stored or processed by TfL information systems and services
  • How encryption is implemented technically
  • How encryption keys are managed

1 TfL's information systems are not supported by the T&D directorate exclusively. A given system may thus be supported by a support organisation other than TfL T&D. Readers should therefore read T&D as T&D (or equivalent support organisation for the system or service concerned, where different)' throughout this document.

Document History

G2408
December 1, 2018
Encryption and cryptography Guidance
This guidance applies to: System support organisations, such as TfL’s Technology & Data (T&D) directorate1, which support each TfL information system. Particularly: o T&D Networks & Hosting, which...
Advertisement