Personal Data Protection
To prevent personal data (such as the username or password) from being accessed by unauthorized entities or individuals, IAM encrypts the data before storing it, controls access to the data, and can check all operations performed on the data from operation logs.
Personal Data
Table 1 lists the personal data generated or collected by IAM.
|
Type |
Source |
Modifiable |
Mandatory |
|---|---|---|---|
|
Username. |
|
No |
Yes Usernames are used to identify users. |
|
Password |
|
Yes |
No You can also choose AK/SK authentication. |
|
AK/SK |
Created on the My Credentials page or the IAM console. |
No AK/SK cannot be modified, but they can be deleted and created again. |
No AK/SK are used to sign the requests sent to call APIs. |
Personal Data Storage
IAM uses encryption algorithms to encrypt user data before storing it.
- Usernames and AKs: non-sensitive data, which is stored in plaintext.
- Passwords and SKs: encrypted
Access Control
Personal data is stored in the IAM database after being encrypted. A whitelist is configured to control access to the database.
API Constraints
- AK/SK authentication is required for calling APIs. You can create an access key (AK/SK) and download the file containing the access key. If you are unable to locate the file, you can create an access key again and download the file. Do not share your access key with anyone else.
- IAM does not provide APIs for batch querying and modifying personal data.
Operation Logs
IAM logs all personal data operations, including adding, modifying, querying, and deleting personal data. It uploads operation logs to CTS, and allows users to query only their own operation logs.
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
