Help Center> Intelligent EdgeFabric> User Guide> User Guide (Platinum)> Containerized Application Management> Encryption Data
Updated on 2023-11-24 GMT+08:00
View PDF

Encryption Data

Encryption data is used to store and encrypt sensitive information. Edge applications can access plaintext data through MQTT server.

Creating Encryption Data

  1. Log in to the IEF console, and click Switch Instance on the Dashboard page to select a platinum service instance.
  2. In the navigation pane, choose Edge Applications > Application Configuration. Then, click Create Encryption Data in the upper right corner. On the page that is displayed, specify the parameters.

    Figure 1 Creating encryption data

    The encryption data is stored in key-value pairs. The value needs to be entered twice. Multiple encryption items can be added to each encryption data record.

  3. Click Create.

    You can view encryption data after creating it. However, for data privacy protection, data cannot be viewed in plaintext. You can also edit or delete encryption data.

    Figure 2 Encryption data

Binding Encryption Data to Edge Nodes

Encryption data can be bound to edge nodes that are not in the running state. When an edge node is restored to Running, the bound data will be automatically synchronized to the node. You can bind encryption data to an edge node in either of the following ways:

  • On the encryption data details page, click Bind Node and then Bind Edge Node.
    Figure 3 Binding an edge node
  • On the edge node details page, click the Configuration tab. In the Encryption Data area, click Bind.
    Figure 4 Binding encryption data to an edge node

Using Encryption Data

After encryption data is bound to an edge node, you can obtain the data by using the MQTT client on the edge node.

A certificate must be used for security authentication when encryption data is requested. For details about the authentication method, see Performing Security Authentication Using Certificate.

  1. Subscribe to the topic described in Encryption Data Acquisition.

    Topic: $hw/{project_id}/encryptdatas/{encryptdata_name}/properties/{properties_name}/plaintext

  2. Publish the topic described in Encryption Data Request.

    Topic: $hw/{project_id}/encryptdatas/{encryptdata_name}/properties/{properties_name}/decrypt

    After the request is published, the decrypted data is sent the topic subscribed to in 1.