检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
You can encrypt data on the new file systems if needed. Keys for encrypting file systems are provided by Key Management Service (KMS), which is secure and convenient. You do not need to establish and maintain key management infrastructure.
Creates a new secret version in the specified secret to encrypt and store secret values randomly generated in the background. At the same time, the newly created secret version is marked as SYSCURRENT. Constraints The RotateSecret API does not support rotation of common secrets.
This key is used to encrypt all objects.
Constraints Default keys cannot be used to encrypt or decrypt such data with the tool. Asymmetric keys cannot be used to encrypt or decrypt such data with the tool. You can call an API to use a default key to encrypt or decrypt small volumes of data.
Data Protection User encryption allows you to use the encryption feature provided on the cloud platform to encrypt ECS resources, improving data security. If you use an encrypted ECS to create an AS configuration, the AS configuration is encrypted as the ECS.
Encryption Data Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server.
Encryption Data Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server. Creating Encryption Data Log in to the IEF console. In the navigation pane, choose Edge Applications > Application Configuration.
Configuring TLS Context TLS is designed to ensure data confidentiality and integrity between two communication application programs. In the multi-tenant deployment scenario, you need to contact the system administrator to configure the TLS certificate. Procedure Choose System > About
SSE-OBS uses a data key derived from the OBS root key to encrypt or decrypt an object. OBS does not need to interact with KMS. Therefore, you do not need to grant special permissions when sharing objects. Parent topic: Server-Side Encryption
Enabling or Disabling Encrypted Backup Scenarios TaurusDB can encrypt backups. After encrypted backup is enabled, a key is required, which is generated and managed by Data Encryption Workshop (DEW).
This section describes how to call a KMS API and use a CMK to encrypt or decrypt data. Process: Create a CMK in KMS. Call the encrypt-data API of KMS to encrypt plaintext data by using a CMK. Deploy ciphertext certificates on your servers.
CREATE CLIENT MASTER KEY Function CREATE CLIENT MASTER KEY creates a CMK object that can be used to encrypt a CEK object. Precautions This syntax is specific to a fully-encrypted database.
CREATE CLIENT MASTER KEY Function CREATE CLIENT MASTER KEY creates a CMK object that can be used to encrypt a CEK object. Precautions This syntax is specific to a fully-encrypted database.
Connecting to a Database in SSL Mode When establishing connections to the GaussDB server using JDBC, you can enable SSL connections to encrypt client and server communications for security of sensitive data transmission on the Internet.
Connecting to a Database in SSL Mode When establishing connections to the GaussDB server using JDBC, you can enable SSL connections to encrypt client and server communications for security of sensitive data transmission on the Internet.
If necessary, encrypt such data. Collector Deployment When you manually install the ICAgent on an Elastic Cloud Server (ECS), your AK/SK will be used as an input parameter in the installation command.
Replacing an HA Certificate HA certificates are used to encrypt the communication between active/standby processes and HA processes to ensure the communication security.
To encrypt them, perform the operations provided in this topic. Setting the HFile and WAL encryption mode to SMS4 or AES has a great impact on the system and will cause data loss in case of any misoperation. You are not advised to perform this operation.
According to the principle of asymmetric cryptography, each certificate holder has a pair of public and private keys, which can be used to encrypt and decrypt each other. The public key is public and does not need to be kept confidential.
AES Encrypt the character string using the AES encryption algorithm. AES algorithm configurations: The initial vector (IV) is a 16-byte random number. The encryption mode is GCM. PKCS7-Padding (CMS-Padding) is recommended.
