Help Center/ ROMA Connect/ User Guide(new)/ Connectors/ Huawei Cloud Services/ DSC
Updated on 2024-04-23 GMT+08:00
View PDF

DSC

The DSC connector is used to connect to the Huawei Cloud Data Security Center (DSC).

DSC is a latest-generation cloud data security management platform that protects data assets by data classification, risk identification, data masking, and watermark-based source tracking. Its asset map provides an overview of the security status of each stage across the data security lifecycle.

Creating a DSC Connection

  1. Log in to the new ROMA Connect console.
  2. In the navigation pane on the left, choose Connector. On the page displayed, click New Connection.
  3. CreatingSelect the DSC connector.
  4. In the dialog box displayed, configure the connector and click OK.

    Parameter

    Description

    Name

    Enter the connector instance name.

    Access Key

    Access key ID (AK) of the current account. Obtain the AK by referring to Access Keys. If an AK/SK pair has been generated, find the downloaded AK/SK file (such as credentials.csv).

    Secret Access Key

    Secret access key (SK) of the current account. Obtain the SK by referring to Access Keys. If an AK/SK pair has been generated, find the downloaded AK/SK file (such as credentials.csv).

    Description

    Enter the description of the connector to identify it.

Action

  • Deleting data asset authorization
  • Adding asset authorization
  • Viewing assets
  • Editing data asset name
  • Starting/Stoping a data masking task
  • Listing data masking tasks
  • Extracting the dark image watermark from an image (image address)
  • Extracting the dark text watermark from an image (image address)
  • Injecting an invisible watermark into an image (image addresses)
  • Extracting an invisible watermark from a document (document address)
  • Injecting a watermark into a document (document address)
  • Masking sensitive data
  • Extracting the data watermark
  • Injecting a data watermark

Configuration Parameters

Table 1 Deleting data asset authorization

Parameter

Description

bucket_id

Bucket ID.

project_id

Project ID.

region_id

Region ID.
Table 2 Adding asset authorization

Parameter

Description

project_id

Project ID.

region_id

Region ID.

type

Asset type.

buckets

OBS bucket list.

asset_name

Asset name.

location

Bucket location.

bucket_name

Bucket name.

bucket_policy

Bucket policy.
Table 3 Viewing assets

Parameter

Description

project_id

Project ID.

region_id

Region ID.

added

Whether the asset is authorized.

  • true
  • false

offset

Page number.

limit

Number of records displayed on each page.
Table 4 Editing data asset name

Parameter

Description

asset_id

Asset ID.

project_id

Project ID.

region_id

Region ID.

name

Asset name.
Table 5 Starting/Stoping a data masking task

Parameter

Description

project_id

Project ID.

template_id

Template ID.

region_id

Region ID.

status

Status of the task.
Table 6 Listing data masking tasks

Parameter

Description

project_id

Project ID.

template_id

Template ID.

region_id

Region ID.

workspace_id

Workspace ID.

offset

Page number.

limit

Number of records displayed on each page.
Table 7 Extracting the dark image watermark from an image (image address)

Parameter

Description

project_id

Project ID.

region_id

Region ID.

region_id

ID of the region where the project is located. Example: xx-xx-1.

src_file

Address of the image that the dark image watermark needs to be extracted from, in the obs://bucket/object format. bucket: name of the OBS bucket in the same region as the current project; object: full path name of the object. Huawei Cloud OBS objects only. Example: obs://hwbucket/hwinfo/hw.png, where obs:// is OBS, hwbucket is the bucket name, and hwinfo/hw.png is the full path name of the object.

image_watermark

Storage address of the extracted image watermark in the format of src_file.
Table 8 Extracting the dark text watermark from an image (image address)

Parameter

Description

project_id

Project ID.

region_id

Region ID.

region_id

ID of the region where the project is located. Example: xx-xx-1.

src_file

Address of the image that the dark text watermark needs to be extracted from, in the obs://bucket/object format. bucket: name of the OBS bucket in the same region as the current project; object: full path name of the object. Huawei Cloud OBS objects only. Example: obs://hwbucket/hwinfo/hw.png, where obs:// is OBS, hwbucket is the bucket name, and hwinfo/hw.png is the full path name of the object.

mark_len

Length of the watermark to extract. Range: 0–32. This parameter improves watermark extraction performance.
Table 9 Injecting an invisible watermark into an image (image addresses)

Parameter

Description

project_id

Project ID.

region_id

Region ID.

region_id

ID of the region where the project is located. Example: xx-xx-1.

src_file

Address of the image to add the dark watermark to, in the obs://bucket/object format. bucket: name of the OBS bucket in the same region as the current project; object: full path name of the object. Huawei Cloud OBS files only. Example: obs://hwbucket/hwinfo/hw.png, where obs:// is OBS, hwbucket is the bucket name, and hwinfo/hw.png is the full path name of the object.

blind_watermark

Content of the invisible text watermark. Max.: 32 characters. Digits and letters only. Set either this parameter or image_watermark.

image_watermark

Address of the invisible image watermark in the format of src_file. Set either this parameter or blind_watermark. If both are set, image_watermark takes effect.

dst_file

Storage address of the watermarked image in the format of src_file. If not specified, the value of src_file is used (the original file is overwritten after the watermark is added).
Table 10 Extracting an invisible watermark from a document (document address)

Parameter

Description

project_id

Project ID.

region_id

Region ID.

region_id

ID of the region where the project is located. Example: xx-xx-1.

doc_type

Type of the document a watermark needs to be extracted from.

Options:

  • WORD
  • EXCEL
  • PDF
  • PPT

src_file

Address of the document that the dark text watermark needs to be extracted from, in the obs://bucket/object format. bucket: name of the OBS bucket in the same region as the current project; object: full path name of the object. Huawei Cloud OBS objects only. Example: obs://hwbucket/hwinfo/hw.doc, where obs:// is OBS, hwbucket is the bucket name, and hwinfo/hw.doc is the full path name of the object.

file_password

Password for opening a file. Max.: 256 characters. If an Office Word document requires a password for read or domain control, you need to enter the password to open the file.
Table 11 Injecting a watermark into a document (document address)

Parameter

Description

project_id

Project ID.

region_id

Region ID.

region_id

ID of the region where the project is located. Example: xx-xx-1.

src_file

Address of the document to add the watermark to. Format: obs://bucket/object, where bucket is the name of the OBS bucket in the same region as the current project and object is the full path name of the object. Huawei Cloud OBS objects only. Example: obs://hwbucket/hwinfo/hw.png, where obs:// is OBS, hwbucket is the bucket name, and hwinfo/hw.png is the full path name of the object.

doc_type

Type of the document to watermark.

Options:

  • WORD
  • EXCEL
  • PDF
  • PPT

dst_file

Storage address of the watermarked document in the format of src_file. If not specified, the value of src_file is used (the original file is overwritten after the watermark is added).

blind_watermark

Content of the invisible text watermark. Either this parameter or visible_watermark must be set.

visible_watermark

Content of the visible text watermark. Either this parameter or blind_watermark must be set.

image_mark

Address of document to inject with a visible image watermark. The field is in the format of src_file. The image must be a PNG or JPG file (max.: 1 MB).

visible_type

Whether to inject visible text or image watermarks. TEXT (default): visible_watermark is set to visible text watermark; IMAGE: image_watermark is set to an image watermark address without the visible_watermark, font_size, rotation, and opacity fields.

Options:

  • TEXT
  • IMAGE

file_password

Password for opening a file. Max.: 256 characters. If an Office Word document requires a password for read or domain control, you need to enter the password to open the file.

marked_file_password

Password for a watermarked document. Max.: 256 characters. Default: no password.

readonly_password

Read-only password for a watermarked document. Max.: 256 characters. Default: no read-only password.

front

Font size of a visible watermark. Range: 1–100. Default: 50.

rotation

Font angle of a visible watermark (anticlockwise). Range: 0–90. Default: 45.

opacity

Transparency of a visible watermark. Range: 0–1. Default: 0.3.
Table 12 Masking sensitive data

Parameter

Description

project_id

Project ID.

region_id

Region ID.

mask_strategies

List of masking policies. Each policy corresponds to a field. Max.: 100 policies.

name

Name of the field containing sensitive data to mask. Max.: 256 characters.

algorithm

Data masking algorithm name.

Options:

  • SHA256
  • SHA512
  • AES
  • PRESNM
  • MASKNM
  • PRESXY
  • MASKXY
  • SYMBOL
  • KEYWORD
  • NUMERIC

parameters

Data masking algorithm parameters.

data

Data list.
Table 13 Extracting a data watermark

Parameter

Description

project_id

Project ID.

region_id

Region ID.

watermark_key

Watermark key.

columns

List of field types. Max.: 100 types. Must include all fields with primary_key as true and at least one field with primary_key as false to extract watermarks.

name

Field name. Max.: 256 characters.

type

Field type.

Options:

  • INTEGER
  • STRING
  • DOUBLE

primary_key

Whether the field is a primary key. true: primary key, for locating the watermark. false: non-primary key, for embedding or extracting the watermark content in this column. The field type list can contain multiple fields with primary_key as true or false.

data

Watermark data. Max.: 30,000 records.
Table 14 Injecting a data watermark

Parameter

Description

project_id

Project ID.

region_id

Region ID.

watermark_content

Watermark content.

watermark_key

Watermark key.

columns

List of field types. Max.: 100 types. Include at least two fields: one primary_key as true (for the primary key) and one primary_key as false (for watermark injection).

name

Field name. Max.: 256 characters.

type

Field type.

Options:

  • INTEGER
  • STRING
  • DOUBLE

primary_key

Whether the field is a primary key. true: primary key, for locating the watermark. false: non-primary key, for embedding or extracting the watermark content in this column. The field type list can contain multiple fields with primary_key as true or false.

data

Content of a field, which can contain a maximum of 2,000 characters.
Parent topic: Huawei Cloud Services