Basic Understanding of Aliyun Encryption Service (Part II)

Advantages of encryption service products

Secure key storage Using hardware cryptography machine to protect customer keys and cryptography machine in accordance with the National Cryptography Administration (GM/T 0029-2014) and the People’s Bank of China (PBOC1.0/2.0/3.0) and other requirements.

Secure key management device management adverbial clause: key management permission separation. Ali Cloud can only manage password machine hardware equipment, mainly including monitoring equipment availability indicators, open, stop services, etc. The key is completely managed by the customer and Ali Cloud does not have any method to obtain the customer key. The key management system has passed the security detection and authentication of the State Cryptography Administration.

Convenient Use on the cloud The encryption service instance is deployed on a customer’s private VPC network and can be managed and invoked using the customer’s specified private NETWORK IP address. The instance can be used with services on the cloud server instance conveniently.

Elastic expansion You can flexibly adjust the number of rented encryption service instances based on actual conditions and use load balancing to meet different encryption and decryption requirements.

Encryption services use cryptographic machines that have been detected and certified by the National Cryptography Administration to allow customers to safely generate, store and manage encryption keys used for data encryption, meeting strict key management requirements without sacrificing application performance.

Application Scenarios Encryption services for all customers on Aliyun, mainly for the protection of sensitive data such as financial business system, government system and enterprise financial system on aliyun. The encryption service of financial business system mainly includes the storage of bank card number, ID card, PIN code and other sensitive information. The usage scenario of encryption service in government system mainly includes the storage of sensitive information of secret-related services. The use of encryption services in enterprise financial systems mainly includes the storage of sensitive information such as contracts and finance.

Noun explanation

Encryption service instance A resource instance created by hardware cryptography machine virtualization. It implements all functions of the hardware cryptography machine and has certain encryption and decryption computing capabilities.

Identity card USB Key, which uniquely identifies the encryption service instance and manages the Key in the encryption service instance with the management client software of the encryption service instance.

The service proxy software used by the proxy connection and the encryption service instance provides SSL encryption for communication content and implements load balancing among multiple encryption service instances. More excellent courses:

7 days to play cloud server

Redis version of the cloud database using tutorial

Play cloud storage object storage OSS introduction

Ali Cloud CDN use tutorial

Load Balancing Introduction and Product Usage Guide

Official website of Ali Yun University (Official website of Ali Yun University, Innovative Talent Workshop under cloud Ecology)

Basic Understanding of Aliyun Encryption Service (Part II)

Related Posts

SpringBoot and Kotlin blend perfectly

Fresh surface via 】 【 the season will be finished the interview, but experience new generation | nuggets technical essay exhibition (the third)

Kafka -config kafka-config

Fresh surface via 】【 the season will be finished the interview, but experience new generation | nuggets technical essay exhibition (the third)