All Products
Search
Document Center

Simple Log Service:Data encryption

Last Updated:Sep 03, 2024

Simple Log Service allows you to use Key Management Service (KMS) to encrypt data that is stored. This way, data is stored in a secure manner. Simple Log Service provides encrypted transmission based on the SSL or TLS protocol to protect data from potential security risks on the cloud.

Server-side encryption

Simple Log Service supports the following encryption types:

  • Encryption by using service keys

    Log service generates an independent service key for each Logstore. The service key never expires.

    Simple Log Service supports the Advanced Encryption Standard (AES) encryption algorithm.

  • Encryption by using Bring Your Own Key (BYOK) keys

    You can create a CMK in the KMS console and grant the relevant permissions to Simple Log Service. When Simple Log Service calls a KMS API operation, this CMK is used to create a key that is used to encrypt data. If the CMK is deleted or disabled, the corresponding BYOK key becomes invalid.

    Important

    If the CMK created in the KMS console becomes invalid, all read and write requests to the Logstore fail.

For more information, see Encrypt data.

Encrypted transmission based on SSL or TLS

Simple Log Service can be accessed over HTTP or HTTPS. SSL or TLS is a Layer 4 protocol that helps ensure data privacy and data integrity between two applications.

  • Encrypted transmission based on Logtail

    Logtail is an agent that is used by Simple Log Service to collect logs. To prevent your data from being tampered with during transmission, Logtail uses the HTTPS method to obtain private tokens from the server and signs all data packets that are used to send logs.

  • Encrypted transmission based on SDKs

    Simple Log Service provides SDKs in multiple programming languages, such as Java, Python, .NET, PHP, and C. This helps you use Simple Log Service in an efficient manner. Simple Log Service SDKs allow you to use the HTTPS method to read data from and write data to Simple Log Service.