International Organization for Standardization (ISO) on the definition of computer system security is: for the data processing system established and adopted technology and management security protection, protection of computer hardware, software and data from accidental and malicious reasons destroyed, changed and leaked. The database running on the computer system often stores a large number of important information, involving finance, life, privacy and other aspects, for a database, the importance of data security is self-evident, this paper introduces the system security of TcaplusDB from four aspects.

Network security

The Internet has brought convenience to people, but also to lawbreakers, some lawbreakers through the network, local area network and other ways to invade the server, so that the server can not run normally, resulting in abnormal data or leakage, causing significant losses to the enterprise. The TcaplusDB environment is in the private network environment of Tencent cloud VPC, which is fully isolated from the outside world to effectively ensure user data security.

Access security

Access security is mainly reflected in the following aspects:

  • CAM: TcaplusDB is currently integrated with Tencent Cloud user rights management system CAM, which supports interface-level rights access control to avoid non-relevant personnel accessing data;
  • Access password: TcaplusDB The access password is used for authentication on the directory server tCAPdir and access layer server TCAProxy.
  • IP whitelist: The TcaplusDB background supports IP whitelist-based access, that is, the specified IP client can read and write TcaplusDB data.
  • Audit: Audit logs are generated for all user operations, so that all access can be recorded.

Data security

TcaplusDB uses serialization and deserialization after data read and write compression or decompression. Even if the data file is hijacked, the data content cannot be resolved, which greatly reduces the harm of data leakage.

Safety compliance

The data files of TcaplusDB are encrypted with AES-128-CBC, which complies with the GDPR standard of the European Union. In addition, TcaplusDB also has some foreign safety certification systems, such as South Korea’s KIMS, which further broadens the database safety channel for Chinese enterprises to go abroad.

TcaplusDB is a distributed NoSQL database produced by Tencent. The storage and scheduling code is completely self-developed. It has features such as cache + ground fusion architecture, PB-level storage, millisecond delay, lossless horizontal expansion and complex data structure. At the same time, it has the characteristics of rich ecology, convenient migration, extremely low operation and maintenance cost and five nine high availability. Customers cover gaming, Internet, government, finance, manufacturing and Internet of Things and other fields.