Object Storage Service:Overview of security and compliance

Item

Description

Data encryption

OSS supports client-based encryption and server-side encryption. It also lets you set the TLS version to enhance the security of HTTPS encrypted transmission based on SSL/TLS. This effectively prevents potential security risks for data in the cloud.

Data consistency verification

OSS supports multiple data consistency verification mechanisms, such as ETag and cyclic redundancy check (CRC). These mechanisms ensure data integrity during upload, download, and storage. This helps you detect and prevent data corruption or loss during transmission and storage.

Content moderation

OSS provides a content moderation feature that lets you scan stored images for prohibited content, such as pornography, political content, terrorism-related content, and violent content. OSS also supports a malicious file detection feature to check your stored data for threats such as web shells, ransomware, and trojans.

OSS sandbox

If your OSS bucket is attacked or shares illegal content, OSS automatically moves the bucket to a sandbox. This prevents other buckets from being affected.

OSS DDoS protection

OSS DDoS protection is a service that defends against high-volume malicious DDoS attacks to ensure service availability and data security.

Compliance certifications

OSS is certified for multiple compliance standards, including the Cohasset Associates assessment, FINRA 4511, CFTC 1.31, ISO, BS10012, and CSA STAR. This helps you meet various compliance requirements.

SDK compliance guide

OSS provides a compliance guide to help developers meet requirements for protecting the personal information of end users. The guide explains how to use the Object Storage Service software development kit (SDK) in a compliant manner to avoid infringing on the rights of end users. Developers can use this guide for self-assessment and proper configuration to meet regulatory compliance requirements.