Data Encryption Workshop

Data Encryption Workshop Data Encryption Workshop (DEW) is a full-stack data encryption service. It covers Key Management Service (KMS), Key Pair Service (KPS), and Dedicated HSM. With DEW, you can develop customized encryption applications, and integrate it with other HUAWEI CLOUD services to meet even the most demanding encryption scenarios.

You can subscribe to monthly/yearly packages or pay as you use.

Learn more
  • Subscribe now to Dedicated HSM certified by State Cryptography Administration.
  • For details, please consult with our pre-sales personnel.
Product Advantages
  • Service Integration

    DEW provides Key Management Service (KMS), an offering that integrates many of HUAWEI CLOUD extensive services including OBS, EVS, IMS, and more.

  • Login Security

    DEW provides Key Pair Service (KPS) that enables you to create or import key pairs on the management console when logging in to your purchased ECS.

  • Compliance

    With DEW, keys and random numbers are generated by the third-party validated HSMs. It is compliant with national and international laws and regulations.

  • Dedicated HSM

    DEW provides CSCA certified or FIPS 140-2 validated level-3 HSM protection, guaranteeing high-performance encryption to meet your stringent security requirements.

Application Scenarios
  • Dedicated HSM

  • Key Management Service

  • Key Pair Service

Dedicated HSM

Dedicated HSM

For encryption scenarios requiring strict compliance, you can use the CSCA (China State Cryptography Administration) certified HSM or FIPS 140-2 validated level-3 HSM to implement exclusive encryption. Two HSMs are provided by default to ensure the high reliability.

Advantages

Regulatory Compliance

HSMs provided by DEW are third-party certified or validated.

Performance Assurance

Provides exclusive chips to ensure concurrent high-speed computing performance under different encryption protocols.

Superb Compatibility

Provides the same functions and interfaces as physical HSMs. It is compatible with traditional applications and is easy when migrating to cloud.

Related Services

ecs

bms

Key Management Service

Key Management Service

KMS uses validated HSMs to protect your keys, so you can effortlessly create and manage keys for data encryption. It can be Integrated with other HUAWEI CLOUD services such as OBS, EVS, and IMS.

Advantages

Wide Application

Integrates with OBS, EVS, IMS, and more, to enable secure and easy data encryption.

Broad Capabilities

Supports full management and lifecycle management of your keys.

Easy Integration

Supports APIs, so you can call APIs to integrate KMS with your applications for data encryption.

Secure and Reliable

Stores CMKs redundantly online, physically backs up root keys in multiple copies offline, and performs regular backups to ensure key persistence.

Related Services

obs

evs

ims

vbs

Key Pair Service

High-Performance Computing

KPS is designed for login scenarios that have stringent security requirements. When purchasing an ECS, you can set the login mode to key-pair login. The key pair can be reset or replaced as necessary.

Advantages

Secure

By default, key pairs use the SSH-2 (RSA, 2048) algorithm for encryption and decryption.

Manageable

You can import your private keys to the DEW management console on HUAWEI CLOUD and use KPS to manage them.

Controllable

The DEW management console provides you with easy control and management for your key pairs.

Related Services

ecs

bms

Functions

  • Dedicated HSM

    Provides you with basic, professional, and enterprise editions, catering for your needs in different service scenarios.

  • Key Management

    KMS provides you with basic and professional editions, catering for your needs in different service scenarios.

  • Key Pair Service

    With KPS, you can download the private keys to your local host, or have your private keys managed in the cloud.

Dedicated HSM

  • Basic Edition

    Exclusive encryption chips are provided. Provides the same functions and interfaces as physical HSMs to facilitate the migration of services to the cloud. Supports China's SM1, SM2, SM3, and SM4 encryption algorithms.

  • Professional Edition

    In addition to the professional edition, we can offer you the enterprise edition to meet your customized requirements. Please contact our pre-sales personnel for details.

  • Enterprise Edition

    In addition to functions available with the basic edition, you can use the exclusive subrack, power supply, bandwidth, and interface resources, meeting your stringent security requirements.

Key Management

  • Basic Edition

    With the basic-edition KMS, you can employ user-imported keys, and create a maximum of two keys. You can create, enable, disable, and delete Customer Master Keys (CMKs). You can create, encrypt, and decrypt Data Encryption Keys (DEKs), and additionally, and you can use the keys to interwork with OBS, EVS, and IMS for data encryption.


  • Professional Edition

    In addition to functions available with the basic edition, you can create 20 keys, and integrate the professional-edition KMS with RDS for static data encryption. Developers can use APIs to encrypt applications.

Key Pair Service

  • Private Keys Saved Locally

    The password for logging in to the ECS may be weak or at the risk of brute-force cracking. To avoid such risk, you can import the local private key for login.

  • Private Keys Managed by DEW

    If you do not have a secure mechanism for storing private keys locally, you can easily manage them using DEW on HUAWEI CLOUD, and use the managed key pairs for login authentications.

Create an Account and Experience HUAWEI CLOUD for Free

Register Now