Concept Description
|
Concept |
Description |
|---|---|
|
Confidentiality |
A system only allows authorized users to access the sensitive information in the system, preventing unauthorized access and disclosure. Confidentiality is usually implemented using encryption technologies, including data encryption and description. This ensures that only authorized users can access and understand data. |
|
Integrity |
Data is not tampered with or damaged during transmission or storage. Integrity is usually implemented by using technologies such as hash functions and digital signatures, to ensure that data is not tampered with or damaged during transmission or storage. |
|
Availability |
Systems and data are available whenever needed, not affected by attacks, faults, or other reasons. From the perspective of security, availability can be achieved through load balancing, elastic computing, event monitoring and alarming, and brute-force attack defense, such as anti-DDoS. |
|
Auditability |
The ability to effectively monitor, record, and audit systems or data processing. Auditability is usually implemented by using technologies such as audit logs, audit tracing, monitoring systems, and audit tools. System operations and events are recorded for subsequent audit and monitoring. |
|
Non-repudiation |
During a communication or transaction, one party cannot deny the message or behavior that has been sent or received. Non-repudiation is usually implemented by using technologies such as digital signatures, public key infrastructure (PKI), audit logs, and audit trails to ensure neither communication party can deny their behaviors or messages. |
|
Account |
Your Huawei Cloud resources belong to an account. Resource isolation and billing are also based on this account. It has full access permissions for the resources and cloud services it owns. Each account has independent identity authentication, access control, and resource isolation. By default, accounts are isolated from each other. |
|
IAM |
Identity and Access Management (IAM) provides identity authentication and permissions management to help you securely control access to your cloud services and resources. |
|
IAM user |
You can use your account to create IAM users and assign permissions for specific resources. Each IAM user has their own identity credentials (password or access keys) and uses cloud resources based on assigned permissions. An account and its IAM users have a parent-child relationship. The account owns the resources and makes payments for the resources used by IAM users. It has full access permissions for these resources. You use an account to create IAM users and grant permissions to them. You can also use this account modify or revoke the IAM users' permissions at any time. |
|
MFA |
Multi-factor authentication (MFA) is a security authentication process that requires users to provide two or more types of authentication factors to authenticate their identities. The factors include passwords, fingerprints, SMS verification codes, smart cards, and biometric recognition, improving user account security. |
|
Security threat |
Security threats refer to the risk factors or events that may cause the system, network, or data to be damaged or accessed. Security threats can be accidental or intentional and may cause a system to be attacked or damaged. Security threats can be external (such as hacker attacks and malware) or internal (such as employee negligence and internal leakage). |
|
Threat modeling |
Identify potential threats to a system to develop protection policies and build a secure system. |
|
Security risk |
The probability and impact of possible damage or loss brought by security threats to a system, network, or data in terms of confidentiality, integrity, or availability. Security risks are usually caused by threats, system vulnerabilities, improper security measures, or other factors. Security risks are usually assessed and managed through risk assessment, which determines the risk level and take corresponding control measures. |
|
Playbook |
In security response, a playbook is a predefined operation guide designed to help security teams take actions in a quick and orderly manner in the face of specific security events or threats. A playbook usually contains detailed steps, processes, tools, and division of labor to ensure security incidents can be effectively handled and potential losses and impacts can be reduced. |
|
Data subject |
A natural person who provides personal data and can be identified based on personal data or a combination of personal data. Natural persons have the right to complain or ask questions about how their personal data is processed. Example: the end users of a product, or the employees of a company. |
|
Data controller |
A natural or legal person, public authority, agency, or any other body that, alone or jointly with others, determines the purposes and means of personal data processing. They have control over the processing of personal data and assume the primary responsibility for personal data protection. |
|
Data processor |
A natural or legal person, public authority, agency, or any other body that processes personal data on behalf of a data controller. A data processor must provide adequate protection following the data controller's requirements. |
|
Third party (in privacy protection) |
Any natural person, legal person, public authority, agency, or other body other than the data subject, data controller, data processor, and any person directly authorized by the data controller or processor to process data. |
|
Personal data |
Any data relating to an identified or identifiable natural person, known as a data subject. Natural persons are identifiable if they can be directly or indirectly identified, by such information as a name, an identification number, location data, or one or more special characteristics specific to the physical, physiological, mental, economic, cultural, or social identity, and other relevant information of these natural persons. |
|
Sensitive personal data |
A subset of high-impact personal data. It refers to the personal data that is way closely related to an individual's fundamental rights and freedom and, if disclosed, may result in personal injury, financial losses, reputation damage, identity theft or fraud, or discrimination. |
Feedback
Was this page helpful?
Provide feedbackThank you very much for your feedback. We will continue working to improve the documentation.See the reply and handling status in My Cloud VOC.
For any further questions, feel free to contact us through the chatbot.
Chatbot
