Product Advantages

  • Service Integration

    DEW provides KMS, integrated with many of the HUAWEI CLOUD extensive services including Object Storage Service (OBS), Elastic Volume Service (EVS), Image Management Service (IMS), and more.
    DEW provides KMS, integrated with many of the HUAWEI CLOUD extensive services including Object Storage Service (OBS), Elastic Volume Service (EVS), Image Management Service (IMS), and more.
  • Login Security

    DEW provides KPS that enables you to create or import key pairs on the management console when logging in to your purchased Elastic Cloud Server (ECS).
    DEW provides KPS that enables you to create or import key pairs on the management console when logging in to your purchased Elastic Cloud Server (ECS).
  • Compliance

    With DEW, keys and random numbers are generated by the third-party validated HSMs. It is compliant with local and international laws and regulations.
    With DEW, keys and random numbers are generated by the third-party validated HSMs. It is compliant with local and international laws and regulations.
  • Dedicated HSM

    DEW provides CSCA certified or FIPS 140-2 validated level-3 HSM protection, guaranteeing high-performance encryption to meet your strict security requirements.
    DEW provides CSCA certified or FIPS 140-2 validated level-3 HSM protection, guaranteeing high-performance encryption to meet your strict security requirements.

Application Scenarios

  • Dedicated HSM

  • Key Management Service

  • Key Pair Service

Dedicated HSM

Dedicated HSM

For encryption scenarios requiring strict compliance, you can use the FIPS 140-2 validated level-3 HSM to implement dedicated encryption.

Advantages

Regulatory Compliance
HSMs provided by DEW are third-party certified or validated.
Performance Assurance
Provides exclusive resource to ensure concurrent high-speed computing performance under different encryption protocols.
Superb Compatibility
Provides industry-standard and application-integrated APIs, including PCKS #11, JCE, CNG, and more.

Related Services

Key Management Service

Key Management Service

KMS uses validated HSMs to protect your keys, so you can effortlessly create and manage keys for data encryption. It can be integrated with other HUAWEI CLOUD services such as OBS, EVS, and IMS.

Advantages

Wide Application
Integrates with OBS, EVS, IMS, and more to enable secure and easy data encryption.
Broad Capabilities
Supports full management and lifecycle management of your keys.
Easy Integration
Supports APIs, so you can call APIs to integrate KMS with your applications for data encryption.
Secure and Reliable
Stores CMKs redundantly online, physically backs up root keys in multiple copies offline, and performs regular backups to ensure key persistence.

Related Services

Key Pair Service

Key Pair Service

KPS is designed for login scenarios that have stringent security requirements. When purchasing an ECS, you can set the login mode to key-pair login. The key pair can be reset or replaced as necessary.

Advantages

Secure
By default, key pairs use the SSH-2 (RSA, 2048) algorithm for encryption and decryption.
Manageable
You can import your private keys to the DEW management console on HUAWEI CLOUD and use KPS to manage them.
Controllable
The DEW management console provides you with easy control and management for your key pairs.

Related Services

Functions

  • Dedicated HSM

    Provides you with professional and enterprise editions, catering to your needs in different service scenarios.
    Provides you with professional and enterprise editions, catering to your needs in different service scenarios.
  • Key Management Service

    Uses Hardware Security Modules (HSMs) to protect your keys. It seamlessly interworks with other cloud services to protect service data and can be used to develop encryption applications.
    Uses Hardware Security Modules (HSMs) to protect your keys. It seamlessly interworks with other cloud services to protect service data and can be used to develop encryption applications.
  • Key Pair Service

    With KPS, you can download the private keys to your local host, or have your private keys managed in the cloud.
    With KPS, you can download the private keys to your local host, or have your private keys managed in the cloud.
  • Professional Edition

    Professional Edition

    Provides exclusive resources to ensure concurrent high-speed computing performance under different encryption protocols including RSA, DSA, ECDSA, and others. It also provides industry-standard and application-integrated APIs, including PKCS #11, JCE, CNG, and more. In addition, you can use the exclusive subrack, power supply, bandwidth, and interface resources, meeting your strict security requirements.

    Provides exclusive resources to ensure concurrent high-speed computing performance under different encryption protocols including RSA, DSA, ECDSA, and others. It also provides industry-standard and application-integrated APIs, including PKCS #11, JCE, CNG, and more. In addition, you can use the exclusive subrack, power supply, bandwidth, and interface resources, meeting your strict security requirements.

  • Enterprise Edition
    Enterprise Edition
    In addition to the professional edition, we can offer you the enterprise edition to meet your customized requirements. It can also be used in Dedicated Cloud scenarios. For details, please contact our pre-sales team.
    In addition to the professional edition, we can offer you the enterprise edition to meet your customized requirements. It can also be used in Dedicated Cloud scenarios. For details, please contact our pre-sales team.
  • You can use user-imported keys, and create a maximum of two keys. You can create, enable, disable, and delete CMKs. You can also create, encrypt, and decrypt Data Encryption Keys (DEKs). Additionally, you can use the keys to interwork with OBS, EVS, and IMS for data encryption.
    You can use user-imported keys, and create a maximum of two keys. You can create, enable, disable, and delete CMKs. You can also create, encrypt, and decrypt Data Encryption Keys (DEKs). Additionally, you can use the keys to interwork with OBS, EVS, and IMS for data encryption.
  • Private Keys Saved Locally
    Private Keys Saved Locally
    The password for logging in to the ECS may be weak or at risk from brute-force cracking. To avoid such risks, you can import the local private key for login.
    The password for logging in to the ECS may be weak or at risk from brute-force cracking. To avoid such risks, you can import the local private key for login.
  • Private Keys Managed by DEW
    Private Keys Managed by DEW
    If you do not have a secure mechanism for storing private keys locally, you can easily manage them using DEW on HUAWEI CLOUD, and use the managed key pairs for login authentications.
    If you do not have a secure mechanism for storing private keys locally, you can easily manage them using DEW on HUAWEI CLOUD, and use the managed key pairs for login authentications.

Provides Scalable, On-demand Computing Resources

Learn More