Help Center> > Service Overview >What Is DEW?

What Is DEW?

Data is the core asset of an enterprise. Each enterprise has its core sensitive data, which needs to be encrypted and protected from breach.

Data Encryption Workshop (DEW) is a cloud data encryption service. It covers Key Management Service (KMS), Key Pair Service (KPS), and Dedicated Hardware Security Module (Dedicated HSM). DEW uses HSMs to protect the security of your keys, and can be integrated with other HUAWEI CLOUD services to address data security, key security, and key management issues. Additionally, DEW enables you to develop customized encryption applications.

  • KMS

    Key Management Service (KMS) is a secure, reliable, and easy-to-use cloud service that helps users create, manage, and protect keys in a centralized manner.

    KMS uses Hardware Security Modules (HSMs) to protect keys, helping you create and control customer master keys (CMKs) with ease. All CMKs are protected by root keys in HSMs to avoid key leakage.

  • KPS

    Key Pair Service (KPS) is a secure, reliable, and easy-to-use cloud service designed to manage and protect your SSH key pairs (key pairs for short).

    KPS uses HSMs to generate true random numbers which are then used to produce key pairs. In addition, it adopts a complete and reliable key pair management solution to help users create, import, and manage key pairs with ease. The public key of a generated key pair is stored in KPS while the private key can be downloaded and saved separately, which ensures the privacy and security of the key pair.

  • Dedicated HSM

    Dedicated HSM is a cloud service used for encryption, decryption, signature, signature verification, key generation, and the secure storage of keys.

    Dedicated HSM provides encryption hardware certified by China State Cryptography Administration (CSCA), guaranteeing data security and integrity on Elastic Cloud Servers (ECSs) and meeting compliance requirements. Dedicated HSM offers you a secure and reliable management for the keys generated by your instances, and uses multiple algorithms for data encryption and decryption.