Help Center/ Data Security Center/ FAQs/ Data Usage Audit/ Which Types of Abnormal Events Can Be Identified by DSC?
Updated on 2022-09-21 GMT+08:00

Which Types of Abnormal Events Can Be Identified by DSC?

Currently, DSC can only identify abnormal events in OBS.

DSC identifies sensitive data based on its identification rules and monitors events related to the sensitive data. You can check results in the event list and handle the abnormal events as needed. Table 1 lists the abnormal events that can be identified by DSC.

Table 1 Abnormal events that can be identified by DSC

Type

Event

Unauthorized data access

  • Access sensitive files without granted permissions.
  • Download sensitive files.

Abnormal data operations

  • Update sensitive files.
  • Append data to sensitive files.
  • Delete sensitive files.
  • Copy sensitive files.

Abnormal data management

  • When a bucket is added, the system detects that the bucket is a public read or a public read/write bucket.
  • When a bucket is added, the system detects that the access/ACL access permissions of a private bucket are granted for anonymous users or registered user groups.
  • The policy of a bucket containing sensitive files is changed or deleted.
  • The ACL of a bucket containing sensitive files is changed or deleted.
  • The cross-region replication configuration of a bucket containing sensitive files is modified or deleted.
  • The ACL of a sensitive file is modified or deleted.