Help Center/ Data Security Center/ Service Overview/ DSC and Related Services
Updated on 2024-07-01 GMT+08:00

DSC and Related Services

Figure 1 shows the relationships between DSC and related services.

Figure 1 DSC and related services

OBS

Object Storage Service (OBS) is a stable, secure, efficient, and easy-to-use cloud storage service that can store any amount and form of unstructured data. After OBS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data, analyze abnormal user behaviors, and protect data stored in OBS.

RDS

Relational Database Service (RDS) is a cloud-based web service that is reliable, scalable, easy to manage, and immediately ready for use. After RDS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in RDS instances.

DWS

Data Warehouse Service (DWS) is an online data processing database that uses the cloud infrastructure to provide scalable, fully-managed, and immediately read for use database services. After DWS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in DWS.

DDS

Document Database Service (DDS) is a database service compatible with the MongoDB protocol and is secure, highly available, reliable, scalable, and easy to use. It provides DB instance creation, scaling, redundancy, backup, restoration, monitoring, and alarm reporting functions with just a few clicks on the DDS console. After DDS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in DDS.

ECS

Elastic Cloud Server (ECS) is a cloud server that provides scalable, on-demand computing resources. After ECS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in self-built databases on ECSs.

Bare Metal Server (BMS)

Bare Metal Server (BMS) features both the scalability of VMs and high performance of physical servers. After BMS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in self-built databases on BMSs.

CSS

Cloud Search Service (CSS) is a fully managed, distributed search service. It is fully compatible with open-source Elasticsearch and provides functions including structured and unstructured data search, statistics, and reporting. The process of using CSS is similar to that of using a database. After CSS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in big data assets on CSS.

DLI

Data Lake Insight (DLI) is a Serverless big data compute and analysis service that is fully compatible with Apache Spark, Apache Flink, and openLooKeng (Apache Presto) ecosystems. With multi-model engines, enterprises can use SQL statements or programs to easily complete batch processing, stream processing, in-memory computing, and machine learning of heterogeneous data sources. After DLI access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in big data assets on DLI.

MRS

MapReduce Service (MRS) provides enterprise-level big data clusters on the cloud. Tenants can fully control the clusters and run big data components such as Hadoop, Spark, HBase, Kafka, and Storm in the clusters. After MRS access permissions are granted, DSC is allowed to automatically identify and classify sensitive data and protect data stored in Hive on CSS.

ELB

DSC is bound to Elastic Load Balance (ELB) to query the encryption communications status.

SMN

Simple Message Notification (SMN) provides the message notification function. Once this function is enabled, DSC sends messages to you by email when sensitive data identification is complete or an abnormal event is detected.

Relationship with CTS

Cloud Trace Service (CTS) is used to record the operations you have performed using DSC for later querying, auditing, or backtracking.

Table 1 DSC operations supported by CTS

Operation

Resource Type

Trace Name

Assign or revoke permissions for DSC

dscGrant

grantOrRevokeTodsc

Add an OBS bucket

dscObsAsset

addBuckets

Delete an OBS bucket

dscObsAsset

deleteBucket

Add a database

dscDatabaseAsset

addDatabase

Modify a database

dscDatabaseAsset

updateDatabase

Delete a database

dscDatabaseAsset

deleteDatabase

Add a big data source

dscBigdataAsset

addBigdata

Modify a big data source

dscBigdataAsset

updateBigdata

Delete a big data source

dscBigdataAsset

deleteBigdata

Update the object name

dscAsset

updateAssetName

Download a template for batch import

dscBatchImportTemplate

downloadBatchImportTemplate

Add databases in batches

dscAsset

batchAddDatabase

Add assets in batches

dscAsset

batchAddAssets

Display abnormal events

dscExceptionEvent

listExceptionEventInfo

Obtain the abnormal event details

dscExceptionEvent

getExceptionEventDetail

Add alarm configurations

dscAlarmConfig

addAlarmConfig

Change alarm configurations

dscAlarmConfig

updateAlarmConfig

Download a report

dscReport

downloadReport

Delete a report

dscReport

deleteReport

Add a scan rule

dscRule

addRule

Modify a scan rule

dscRule

editRule

Delete a scan rule

dscRule

deleteRule

Add a scan rule group

dscRuleGroup

addRuleGroup

Modify a scan rule group

dscRuleGroup

editRuleGroup

Delete a scan rule group

dscRuleGroup

deleteRuleGroup

Add a scan task

dscScanTask

addScanJob

Modify a scan task

dscScanTask

updateScanJob

Delete a scan subtask

dscScanTask

deleteScanTask

Delete a scan task

dscScanTask

deleteScanJob

Start a scan task

dscScanTask

startJob

Stop a scan task

dscScanTask

stopJob

Start a scan subtask

dscScanTask

startTask

Stop a scan subtask

dscScanTask

stopTask

Enable/disable data masking for Elasticsearch

dscBigDataMaskSwitch

switchBigDataMaskStatus

Obtain the Elasticsearch field

dscBigDataMetaData

getESField

Add an Elasticsearch data masking template

dscBigDataMaskTemplate

addBigDataTemplate

Modify an Elasticsearch data masking template

dscBigDataMaskTemplate

editBigDataTemplate

Delete an Elasticsearch data masking template

dscBigDataMaskTemplate

deleteBigDataTemplate

Query the Elasticsearch data masking template list

dscBigDataMaskTemplate

showBigDataTemplates

Enable or disable an Elasticsearch data masking template

dscBigDataMaskTemplate

operateBigDataTemplate

Switch the status of an Elasticsearch data masking template

dscBigDataMaskTemplate

switchBigDataTemplate

Enable or disable data masking for databases

dscDBMaskSwitch

switchDBMaskStatus

Obtain the database fields

dscDBMetaData

getColumn

Add a database masking template

dscDBMaskTemplate

addDBTemplate

Modify a database masking template

dscDBMaskTemplate

editDBTemplate

Delete a database masking template

dscDBMaskTemplate

deleteDBTemplate

Query the database masking template list

dscDBMaskTemplate

showDBTemplates

Start or stop a database data masking template

dscDBMaskTemplate

operateDBTemplate

Switch the status of a database data masking template

dscDBMaskTemplate

switchDBTemplate

Add a masking algorithm

dscMaskAlgorithm

addMaskAlgorithm

Edit a masking algorithm

dscMaskAlgorithm

editMaskAlgorithm

Delete a masking algorithm

dscMaskAlgorithm

deleteMaskAlgorithm

Test a masking algorithm

dscMaskAlgorithm

testMaskAlgorithm

Obtain the mapping between fields and masking algorithms

dscMaskAlgorithm

getFieldAlgorithms

Add encryption algorithm configurations

dscEncryptMaskConfig

addEncryptConfig

Modify encryption algorithm configurations

dscEncryptMaskConfig

editEncryptConfig

Delete encryption algorithm configurations

dscEncryptMaskConfig

deleteEncryptConfig

VPC

Virtual Private Cloud (VPC) enables you to provision logically isolated, configurable, and manageable virtual networks for cloud servers, cloud containers, and cloud databases, improving cloud service security and simplifying network deployment.

IAM

Identity and Access Management (IAM) provides you with permission management for DSC. Only users who have Tenant Administrator permissions can perform operations such as authorizing, managing, and detect cloud assets using DSC. To obtain the permissions, contact the users who have the Security Administrator permissions.