Functions
DSC offers basic data security capabilities such as data classification and grading, data masking, and data watermarking. It also displays the overall security posture of data on the cloud through an asset map and implements one-stop data security operations.
Common Data Security Protection offers the standard and professional editions for you to choose.
- Standard Edition: On Asset Center, you can add data assets and view the asset map and dashboard. You can also perform data classification and grading using the sensitive data identification function.
- Professional Edition: For data assets that have been classified and graded, you can perform static masking via console or data masking via APIs, as well as injecting and extracting data watermarks.

To use the API data security function, you need to purchase it on the API data security instances page. For details, see Purchasing an API Data Security Instance.
- √: indicates that the function is supported in the corresponding edition.
- ×: indicates that the function is not supported in the corresponding edition.
Function |
Description |
Reference Document |
Standard |
Professional |
---|---|---|---|---|
Asset Map |
You can view multiple aspects of your asset security, such as asset overview, categories and levels, permission configuration, data storage, and sensitive data. This helps you quickly detect risky assets and handle them.
|
√ |
√ |
|
Asset Management |
|
√ |
√ |
|
Sensitive Data Identification |
The identification duration depends on the data volume, number of identification rules, and scan mode. For details, see How Long Does It Take for DSC to Identify and Mask Sensitive Data? |
√ |
√ |
|
Data Masking |
DSC data masking supports static masking and API-based masking. Data masking has the following features:
In addition, DSC provides APIs for data masking. For details, see Dynamic Data Masking. DSC uses preset and customized masking algorithms to mask sensitive data stored in RDS, Elasticsearch, MRS, Hive, HBase, DLI, and OBS. For details about the masking duration, see How Long Does It Take for DSC to Identify and Mask Sensitive Data? |
× |
√ |
|
Data Watermarking |
Provides the functions of adding and extracting watermarks for databases and documents.
DSC provides APIs for dynamically adding data watermarks and extracting watermarks from data. For details, see DSC API Reference. |
× |
√ |
|
Policy Center |
|
√ |
√ |
|
API Data Security Protection |
API data security protection is a comprehensive API security protection system for enterprises. It automatically sorts application APIs to implement fine-grained access control, API exception risk detection, API sensitive data detection, masking, and watermarking. |
Buying an API data security instance |
Buying an API data security instance |
|
Dashboard |
By default, DSC provides an integrated situational awareness dashboard that presents a thorough analysis of risky assets, identification, masking, and watermarking tasks, as well as events and alarms in the cloud. This dashboard facilitates swift recognition and response to the overall status of assets, including addressing risky assets and urgent alarms. |
√ |
√ |
|
Alarms |
When a system or service risk alarm is generated for DBSS, the alarm event is sent to DSC. You can view the alarm event on the DSC console. |
√ |
√ |
|
Events |
DSC integrates with key security components, including Database Audit, and Cloud Bastion Host, enabling centralized event management and real-time event delivery to DSC. This allows users to promptly verify and handle events. You can also convert alarms on the Alarm Management page to events. |
√ |
√ |
|
OBS Usage Audit |
DSC detects OBS buckets based on sensitive data identification rules and monitors identified sensitive data. After abnormal operations of the sensitive data are detected, DSC allows you to view the monitoring result and handle the abnormal events as required. |
√ |
√ |
|
Data Transfer Details |
|
× |
√ |
|
Multi-Account Management |
After the multi-account management function is enabled, the security administrator can protect the data of all member accounts without logging in to them. |
√ |
√ |
|
Alarm Notifications |
Sends notifications through the notification method configured by users when sensitive data identification is completed or abnormal events are detected. |
√ |
√ |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot