What Is DEW?

Key Management Service

(KMS)

KMS is a secure, reliable, and easy-to-use service for managing your keys on the cloud. It helps you easily create, manage, and protect keys.

KMS uses hardware security modules (HSMs) to protect keys. HSM meets the FIPS 140-2 Level 3 security requirements. It helps you create and manage keys. All keys are protected by root keys in HSMs to avoid key leakage.

Key Types

Cloud Secret Management Service

(CSMS)

CSMS is a secure, reliable, and easy-to-use secret hosting service.

Users or applications can use CSMS to create, retrieve, update, and delete credentials in a unified manner throughout the secret lifecycle. CSMS can help you eliminate risks incurred by hardcoding, plaintext configuration, and permission abuse.

Creating a Secret

Key Pair Service

(KPS)

KPS is a secure, reliable, and easy-to-use cloud service designed to manage and protect your SSH key pairs (key pairs for short).

KPS uses HSMs to generate true random numbers which are then used to produce key pairs. In addition, it adopts a complete and reliable key pair management solution to help users create, import, and manage key pairs with ease. The public key of a generated key pair is stored in KPS while the private key can be downloaded and saved separately, which ensures the privacy and security of the key pair.

Creating a Key Pair

Dedicated Hardware Security Module

(Dedicated HSM)

Dedicated HSM enables data encryption on the cloud, specifically, encrypting and decrypting data, verifying signature, generating keys, and storing keys.

Dedicated HSM provides encryption hardware, guaranteeing data security and integrity on Elastic Cloud Servers (ECSs) and meeting compliance requirements. Dedicated HSM offers you a secure and reliable management for the keys generated by your instances, and uses multiple algorithms for data encryption and decryption.

Dedicated HSM