Mobile phones are the most important carry-on items for modern people. Hold in your hand when you are awake, and put it on the bed when you are asleep. p>
As we increasingly rely on mobile phone services, smartphones have also changed the way we record our lives and save information. p>
For example, the new phone still holds those old photos that have been passed down through the ages of the old phone, because these photos that are reluctant to delete carry our precious memories; the long list of mobile phone contacts records our important social relationships; Commonly used documents are directly backed up and stored in the cloud, and can be downloaded and used anytime, anywhere through a mobile phone. p>
We have gradually developed the habit of storing important data such as photos, videos, contacts, memos on smartphones and the cloud. For Huawei end users, Huawei Cloud Space is giving them the ability to acquire information across time and space. p>
Huawei Cloud Space is a personal cloud service function provided by Huawei for hundreds of millions of end users. The most commonly used functions are multi-backup data real-time update, cloud backup, and mobile phone search. strong> p>
▲ Explanation of cloud backup function p>
div>
Lost photos? Contact deleted accidentally? A new phone? Huawei Cloud Space can provide Huawei phones with Backup of the entire machine data every 7 days strong> to help you continuously protect your precious data. p>
▲ Find my phone p>
div>
If it is said that the lack of power on the mobile phone will trigger anxiety in modern people, losing the mobile phone is a fatal blow to modern people. The mobile phone search function strong> of Huawei Cloud Space can increase the probability of a mobile phone being recovered, and can also lock or erase data when the mobile phone is gone. p>
Cloud backup and search for mobile phones are the “guard” and “protection” that we can intuitively call when we use Huawei cloud space. However, Huawei Cloud Space also has a deeper “guardian”, that is, behind our daily use, we silently strengthen the technical protection of data security and protect the privacy of users. p>
Each phone is a huge and convenient database of personal information. In terms of safeguarding data security and user privacy, Huawei Cloud Space provides security guarantees through nine layers of mechanisms: Account authentication, data transmission, and data storage strong>. p>
01 Account authentication: Prove “I am me” to your phone first h3>
In the account authentication process, Huawei Cloud Space ensures user data security through three layers of password security, authentication management, and authorization management. p>
The security guarantee in this link is perceptible to users. So what happens when we prove “I am myself” to our Huawei phone? p>
1. Password security h4>
This layer of mechanism starts with the correct posture of setting a password on our Huawei account. p>
We prove to Huawei account “ I am In the process of “myself”, I can also realize that “the person who owns this Huawei account can only be myself”. p>
In the authentication management of Huawei Cloud Space, there are three main methods: p>
(1) Two-factor authentication: strong> means that your account can only be accessed through your trusted device. For example, my new Huawei Mate30 Pro 5G is here. The first login requires an old Huawei phone or mobile phone number to pass security verification. p>
(2) Swipe verification code: strong> When logging in through WAP and browser, resetting password, and account appeal, you need to pass the verification code. This small action can block the automatic attack from the door. p>
(3) Heuristic security authentication: strong> When we forget the account password and want to retrieve the account, we find that even the bound mobile phone number or email address is no longer available, what should we do ? Don’t panic, you can change your mobile phone number, email address, secure mobile phone number, or secure email address through an independent appeal. p>
3. Authorization Management h3>
Huawei one-key account
For account service applications, the application will apply to the account to obtain user information, such as avatar, nickname, email address, etc., when logging in. You can control this information and selectively decide whether to release this information to the application. p>
In other words, I have the nickname of my avatar, and various applications cannot easily obtain important information such as my avatar, nickname, and email address. p>
02 Data transmission: identifying and resisting impersonationPerson h3>
After proving to the mobile phone that “I really am me”, we can upload and download data in Huawei Cloud Space. So how does it guarantee data security during the process of transmitting data to Huawei Cloud Space? p>
If we simply think of the process of transmitting data as sending a courier, then in the process, you will find that: the courier is sealed and the channels for shipping the courier are encrypted; the sender and recipient need Prove your identity to prevent impersonation; there is also a special encryption mechanism for the connection between the sender and the recipient. p>
The security of data transmission is guaranteed by three layers of mechanisms: digital certificate management, session management and key algorithm. p>
4. Digital certificate h4>
When there is “communication” between Huawei mobile phones and servers, all user data is encrypted and transmitted through a channel called “HTTPS secure channel”. p>
HTTP and HTTPS define how data is wrapped. Take uploading photos as an example. HTTP is clear text transmission, which means that the content transmitted through HTTP is equivalent to using a transparent plastic bag to pack the data. Photos in transparent plastic bags, of course, can easily be peeped by others. p>
p>
How can I avoid this? The solution for Huawei Cloud Space is to save this “credential” on a cloud server. p>
During the session, the user enters the account password through the client to get the credentials on the server to ensure that impersonation by a third party cannot be impersonated, thereby ensuring that the identity of the user is not counterfeited, and user data is not tampered with or leaked. p>
Session management enables the data transmission process of Huawei Cloud Space to achieve the following two security effects: p>
· strong> Make sure that we enter the account and password to log in, it is the real Huawei client (app or web page), not other counterfeit goods; p>
p>
· Ensure that the client interacts with a trusted cloud server, not an impersonated untrusted server. p>
blockquote>
6. Key algorithm h4>
Key is a concept in cryptography. It is not the same thing as the password that we usually use to log in to an account. p>
When we upload a photo, in order to prevent it from being seen clearly, we will pack the photo into a box and lock it. This is encryption. p>
The key that locks the box is the key. p>
As for how to pack photos, in which box, how to twist the key to lock, this process can be understood as a key algorithm. p>
Huawei Cloud Space uses a high-security encryption algorithm suite and is managed, deployed, and maintained by a specialized organization. p>
p>
We can understand that when uploading photos to Huawei Cloud Space, the box containing the photos is not only solid and delicate and airtight. When you lock it with a key, you need to screw it up and down in the keyhole. Ring; there are eight or sixty-four tooth marks on the key. p>
03 Data storage: protected by multiple enchantments in the cloud h3>
From the photos and videos in the gallery to the mobile phone backup once every 7 days, as well as the documents and compressed packages in the personal cloud service, how exactly is the information that we save in Huawei cloud space guarded? p>
7. Key management h4>
Now that the key is an important thing to lock and unlock the box. p>
key>
In the process of transfer, key storage, and key, it also needs to be closely managed. p>
When Huawei Cloud Space encrypts user sensitive data, a key is generated. p>
The encryption key uses the user key bound to the Huawei account, which means that this key is also bound to another key. p>
The user keys in the cloud are hosted by Huawei Cloud Service Key Management Service and are isolated and controlled. In other words, the box containing the data and the keys used to lock and unlock are stored separately. p>
The user key on the client is also stored and protected by system-level security encryption, which cannot be obtained and decrypted by other applications. p>
Also, user keys can only be accessed by trusted applications with user authorization. p>
8. Integrity Protection h4>
In order to ensure that the data we store on Huawei Cloud Space is complete and cannot be tampered with, Huawei Cloud Space also has an “Integrity Protection” mechanism. strong> p>
When user data is uploaded, the user data content is summarized. User data and summary content are stored separately. p>
When we obtain data, we need to use a digest for integrity check, to ensure that the obtained stored data is consistent with the storage, and to prevent data from being tampered during transmission and storage. p>
In simple terms, this “integrity protection” mechanism can beUnderstand: p>
We need to store a letter
Make a summary record of this letter by a certain rule, such as how many words, the first letter of the first few lines, etc. The letter and the summary will be placed in different places. When the recipient opens the letter, he will check the summary to confirm whether the letter has been tampered with. p>
9. Privacy protection h4>
In July 2019, Huawei released the first white paper on cloud privacy protection in China. In this privacy policy, we have outlined several key points: p>
· People and services without user authorization cannot obtain and decrypt user data stored in Huawei Cloud Space. p>
p>
· Disposal of personal data stored in Huawei Cloud Services requires personal authorization. p>
p>
· Users can make decisions based on their wishes and can fully control their privacy. p>
blockquote>
In other words, I have the nickname of my avatar, and various applications cannot easily obtain important information such as my avatar, nickname, and email address. p>
02 Data transmission: identifying and resisting impersonationPerson h3>
After proving to the mobile phone that “I really am me”, we can upload and download data in Huawei Cloud Space. So how does it guarantee data security during the process of transmitting data to Huawei Cloud Space? p>
If we simply think of the process of transmitting data as sending a courier, then in the process, you will find that: the courier is sealed and the channels for shipping the courier are encrypted; the sender and recipient need Prove your identity to prevent impersonation; there is also a special encryption mechanism for the connection between the sender and the recipient. p>
The security of data transmission is guaranteed by three layers of mechanisms: digital certificate management, session management and key algorithm. p>
4. Digital certificate h4>
When there is “communication” between Huawei mobile phones and servers, all user data is encrypted and transmitted through a channel called “HTTPS secure channel”. p>
HTTP and HTTPS define how data is wrapped. Take uploading photos as an example. HTTP is clear text transmission, which means that the content transmitted through HTTP is equivalent to using a transparent plastic bag to pack the data. Photos in transparent plastic bags, of course, can easily be peeped by others. p>
How can I avoid this? The solution for Huawei Cloud Space is to save this “credential” on a cloud server. p>
During the session, the user enters the account password through the client to get the credentials on the server to ensure that impersonation by a third party cannot be impersonated, thereby ensuring that the identity of the user is not counterfeited, and user data is not tampered with or leaked. p>
Session management enables the data transmission process of Huawei Cloud Space to achieve the following two security effects: p>
· strong> Make sure that we enter the account and password to log in, it is the real Huawei client (app or web page), not other counterfeit goods; p>
p>
· Ensure that the client interacts with a trusted cloud server, not an impersonated untrusted server. p>
blockquote>6. Key algorithm h4>
Key is a concept in cryptography. It is not the same thing as the password that we usually use to log in to an account. p>
When we upload a photo, in order to prevent it from being seen clearly, we will pack the photo into a box and lock it. This is encryption. p>
The key that locks the box is the key. p>
As for how to pack photos, in which box, how to twist the key to lock, this process can be understood as a key algorithm. p>
Huawei Cloud Space uses a high-security encryption algorithm suite and is managed, deployed, and maintained by a specialized organization. p>
p>
We can understand that when uploading photos to Huawei Cloud Space, the box containing the photos is not only solid and delicate and airtight. When you lock it with a key, you need to screw it up and down in the keyhole. Ring; there are eight or sixty-four tooth marks on the key. p>
03 Data storage: protected by multiple enchantments in the cloud h3>
From the photos and videos in the gallery to the mobile phone backup once every 7 days, as well as the documents and compressed packages in the personal cloud service, how exactly is the information that we save in Huawei cloud space guarded? p>
7. Key management h4>
Now that the key is an important thing to lock and unlock the box. p>
key> In the process of transfer, key storage, and key, it also needs to be closely managed. p>
When Huawei Cloud Space encrypts user sensitive data, a key is generated. p>
The encryption key uses the user key bound to the Huawei account, which means that this key is also bound to another key. p>
The user keys in the cloud are hosted by Huawei Cloud Service Key Management Service and are isolated and controlled. In other words, the box containing the data and the keys used to lock and unlock are stored separately. p>
The user key on the client is also stored and protected by system-level security encryption, which cannot be obtained and decrypted by other applications. p>
Also, user keys can only be accessed by trusted applications with user authorization. p>
8. Integrity Protection h4>
In order to ensure that the data we store on Huawei Cloud Space is complete and cannot be tampered with, Huawei Cloud Space also has an “Integrity Protection” mechanism. strong> p>
When user data is uploaded, the user data content is summarized. User data and summary content are stored separately. p>
When we obtain data, we need to use a digest for integrity check, to ensure that the obtained stored data is consistent with the storage, and to prevent data from being tampered during transmission and storage. p>
In simple terms, this “integrity protection” mechanism can beUnderstand: p>
We need to store a letter Make a summary record of this letter by a certain rule, such as how many words, the first letter of the first few lines, etc. The letter and the summary will be placed in different places. When the recipient opens the letter, he will check the summary to confirm whether the letter has been tampered with. p>
9. Privacy protection h4>
In July 2019, Huawei released the first white paper on cloud privacy protection in China. In this privacy policy, we have outlined several key points: p>
· People and services without user authorization cannot obtain and decrypt user data stored in Huawei Cloud Space. p>
p>
· Disposal of personal data stored in Huawei Cloud Services requires personal authorization. p>
p>
· Users can make decisions based on their wishes and can fully control their privacy. p>
blockquote>