检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
检测到您已登录华为云国际站账号,为了您更好的体验,建议您访问国际站服务网站 https://www.huaweicloud.com/intl/zh-cn
不再显示此消息
If necessary, encrypt such data. Collector Deployment During the installation of UniAgent and ICAgent on Linux hosts, the history recording function is disabled. Therefore, your AK/SK and access code cannot be viewed by running commands.
You can encrypt data on the new file systems if needed. Keys for encrypting file systems are provided by Key Management Service (KMS), which is secure and convenient. You do not need to establish and maintain key management infrastructure.
Creates a new secret version in the specified secret to encrypt and store secret values randomly generated in the background. At the same time, the newly created secret version is marked as SYSCURRENT. Constraints The RotateSecret API does not support rotation of common secrets.
This key is used to encrypt all objects.
Envelope encryption: Instead of encrypting and decrypting data directly with a CMK, envelope encryption uses the CMK to generate a DEK to encrypt and decrypt data, and uses the CMK to encrypt and decrypt the DEK.
Constraints Default keys cannot be used to encrypt or decrypt such data with the tool. Asymmetric keys cannot be used to encrypt or decrypt such data with the tool. You can call APIs to use a default master key to encrypt or decrypt small-volume data.
Encryption Data Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server.
Encryption Data Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server. Creating Encryption Data Log in to the IEF console. In the navigation pane, choose Edge Applications > Application Configuration.
Configuring TLS Context TLS is designed to ensure data confidentiality and integrity between two communication application programs. In the multi-tenant deployment scenario, you need to contact the system administrator to configure the TLS certificate. Procedure Choose System > About
Connecting to an HBase Security Cluster Using the HBase Shell You can enable security channel encryption to encrypt data transmission. This section describes how to enable a secure channel for an HBase cluster.
Enabling or Disabling Encrypted Backup Scenarios TaurusDB can encrypt backups. After encrypted backup is enabled, a key is required, which is generated and managed by Data Encryption Workshop (DEW).
SSE-OBS uses a data key derived from the OBS root key to encrypt or decrypt an object. OBS does not need to interact with KMS. Therefore, you do not need to grant special permissions when sharing objects. Parent topic: Server-Side Encryption
This section describes how to call a KMS API and use a CMK to encrypt or decrypt data. Process: Create a CMK in KMS. Call the encrypt-data API of KMS to encrypt plaintext data by using a CMK. Deploy ciphertext certificates on your servers.
You cannot manually encrypt or decrypt backups. For how to create a disk backup, see Creating a Disk Backup. Backup encryption can control internal personnel's access to data, reducing the risk of internal leakage. Solution Ensure that the EVS disk to be backed up is encrypted.
Connecting to a Database in SSL Mode When establishing connections to the GaussDB server using JDBC, you can enable SSL connections to encrypt client and server communications for security of sensitive data transmission on the Internet.
Connecting to a Database in SSL Mode When establishing connections to the GaussDB server using JDBC, you can enable SSL connections to encrypt client and server communications for security of sensitive data transmission on the Internet.
Replacing an HA Certificate HA certificates are used to encrypt the communication between active/standby processes and HA processes to ensure the communication security.
If necessary, encrypt such data. Collector Deployment When you manually install the ICAgent on an Elastic Cloud Server (ECS), your AK/SK will be used as an input parameter in the installation command.
To encrypt them, perform the operations provided in this topic. Setting the HFile and WAL encryption mode to SMS4 or AES has a great impact on the system and will cause data loss in case of any misoperation. You are not advised to perform this operation.
AES Encrypt the character string using the AES encryption algorithm. AES algorithm configurations: The initial vector (IV) is a 16-byte random number. The encryption mode is GCM. PKCS7-Padding (CMS-Padding) is recommended.
