All Documents
Current Document

Content is empty

If you don't find the content you expect, please try another search term

Documentation

Data security

Last updated:2020-08-21 18:14:29

1. How is data encrypted during upload to KS3 and how does KS3 protect data against malicious access?

2. How does KS3 prevent data loss?

3. How can I ensure file integrity while uploading a file to KS3?

4. Does KS3 support door chain?

5. Which TLS versions does KS3 support?


1. How is data encrypted during upload to KS3 and how does KS3 protect data against malicious access?
  • Data security during transmission: KS3 APIs support HTTPS, which uses SSL encryption to ensure data security during transmission.
  • Data security on KS3: KS3 supports storing encrypted data, ensuring the security of stored data. Data encryption can be performed by the client side or server side.

    • During client-side data encryption, the client provides and maintains the encryption keys, and data encryption and decryption are completed on the client.
    • During server-side data encryption, KS3 or the client provides and maintains the encryption keys, and data encryption and decryption are completed on KS3.

    • If the keys for server-side data encryption are escrowed on KS3 (SSE-S3), KS3 employs multi-factor strong encryption to encrypt all objects with the same key. To ensure the security of the key, KS3 encrypts the key by using a periodically rotated primary key. The algorithm used for data encryption is 256-bit Advanced Encryption Standard (AES-256).

    • If the keys for server-side data encryption are provided by the client, it is up to you to manage data encryption and decryption, data encryption keys, and the tools.
  • Data access control: KS3 takes a series of measures to ensure only authorized users can access data. These measures include identity authentication at login, bucket-level and object-level ACLs, and public key/private key signature authentication.
2. How does KS3 prevent data loss?

KS3 employs a multi-replica policy to store users' basic data. The data persistence is equal to or greater than 99.999999999%. In other words, among 100,000,000,000 user instances, only one user instance might have a data loss issue within a month.

3. How can I ensure file integrity while uploading a file to KS3?

When you use the PUT method to upload a file, set the Content-MD5 header. KS3 will calculate the MD5 value of the uploaded file and compare the calculated value with MD5 value that you provides. For more information see PUT Object API.

4. Does KS3 support door chain?

Yes. For more information, see Door chain.

5. Which TLS versions does KS3 support?

Currently, KS3 supports TLSv1.0, TLSv1.1, and TLSv1.2. For information security, you are recommended to replace TLSv1.0 as soon as possible and use the up-to-date TLS version. Kingsoft Cloud will no longer be compatible with protocols supporting TLS1.0 after December 31, 2020. After that time, you might not be able to connect to KS3 if your terminal is too old. If you cannot connect to KS3, it is recommended that you upgrade TLS and try again.

On this page
Pure ModeNormal Mode

Pure Mode

Click to preview the document content in full screen
Feedback