检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
Encrypting Data in EVS When purchasing a disk, you can choose Advanced Settings > Encryption to encrypt the disk using the key provided by KMS. For details, see Figure 1. For more information about EVS, see the Elastic Volume Service User Guide.
HTTP does not encrypt data in transmit, so confidential information, such as passwords, accounts, and transaction records, transmitted over HTTP is plaintext and easy to be leaked, stolen, or tampered with anytime. HTTP is insecure for transmitting private information.
Connecting to the Database (Using SSL) When you use psycopy2 to connect to the GaussDB server, you can enable SSL to encrypt the communication between the client and server. To enable SSL, you must have the server certificate, client certificate, and private key files.
Connecting the Database (Using SSL) When you use psycopy2 to connect to the GaussDB server, you can enable SSL to encrypt the communications between the client and server. To enable SSL, you must have the server certificate, client certificate, and private key files.
Encrypting Data in SFS When creating a file system using the Scalable File Service (SFS), you can select KMS encryption and use the key provided by the KMS to encrypt the file system.For details, see Figure 1. For more information, see the Scalable File Service User Guide.
If you want to use the OBS encryption function, follow instructions in Using OBS to Encrypt Data for Running Jobs to configure related information and call an API to run a job.
The public key is used to encrypt sensitive information when calling a service API.
Configuring One-Way or Two-Way Authentication Between the Dedicated Gateway and Client Scenario If the API frontend supports HTTPS, you need to add an SSL certificate for the independent domain name bound to the API group. An SSL certificate is used for data encryption and identity
Server-Side Encryption Overview If you have any questions during the development, post them on the Issues page of GitHub. OBS supports server-side encryption. For more information, see Server-Side Encryption. Parent topic: Server-Side Encryption
Encrypting Data in IMS When uploading an image file to Image Management Service (IMS), you can choose to encrypt the image file using a key provided by KMS to protect the file. Figure 1 describes details. For details, see the Image Management Service User Guide.
GAUSS-02781 -- GAUSS-02790 GAUSS-02783: "encrypt the plain text failed!" SQLSTATE: 39000 Description: Internal system error. Solution: Contact technical support. GAUSS-02784: "encode the plain text failed!" SQLSTATE: 39000 Description: Internal system error.
Ransomware Prevention Overview Ransomware can intrude a server, encrypt data, and ask for ransom, causing service interruption, data leakage, or data loss. Attackers may not unlock the data even after receiving the ransom. HSS provides static and dynamic ransomware prevention.
To avoid such problems, you can encrypt the sensitive data in the database and protect the keys that are used to encrypt the data. This prevents anyone without the keys from using the data, but this kind of protection must be planned in advance.
Billing Examples Billing Scenario A user created a symmetric key at 14:25:00 on May 18, 2023 and used the key to encrypt OBS. During the use of the key, 164,573 API requests were generated. The user stopped using the key and deleted it at 16:14:00 on June 29, 2023.
Check whether both the source and destination databases use SSL to encrypt connections.
Key Management Service Using KMS to Encrypt Offline Data Using KMS to Encrypt and Decrypt Data for Cloud Services Using the Encryption SDK to Encrypt and Decrypt Local Files Encrypting and Decrypting Data Through Cross-region DR Using KMS to Protect File Integrity
Ciphertext DEKs are generated when you use a CMK to encrypt the plaintext DEKs. Huawei Cloud services use the plaintext DEK to encrypt a plaintext file, generating a ciphertext file.
(java.security.PublicKey publicKey, byte[] source) Encrypt data using the RSA algorithm. static String encrypt(String source, java.security.PublicKey publicKey) Encrypt data using the RSA algorithm (both the source and returned data is encoded using Base64). static String encrypt(
Benefits: Advantages over CMK encryption in KMS Users can use CMKs to encrypt and decrypt data on the KMS console or by calling KMS APIs. A CMK can encrypt and decrypt data no more than 4 KB. An envelope can encrypt and decrypt larger volumes of data.
The ciphertext DEK was generated by using a custom key to encrypt the plaintext DEK. Use the plaintext DEK to encrypt the file. A ciphertext file is generated. Save the ciphertext DEK and the ciphertext file together in a persistent storage device or a storage service.
