From 732056c6cee8a17feaaadd7edcb0f77f6e44b531 Mon Sep 17 00:00:00 2001 From: Austin Date: Thu, 17 Feb 2022 08:24:20 +0000 Subject: [PATCH 1/2] update zh-cn/device-dev/security/security-privacy-protection.md. Signed-off-by: Austin --- zh-cn/device-dev/security/security-privacy-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/zh-cn/device-dev/security/security-privacy-protection.md b/zh-cn/device-dev/security/security-privacy-protection.md index ae8f6bcae40..822fb7527dd 100644 --- a/zh-cn/device-dev/security/security-privacy-protection.md +++ b/zh-cn/device-dev/security/security-privacy-protection.md @@ -195,7 +195,7 @@ 从技术上保证数据处理活动的安全性,包括个人数据的加密存储、安全传输等安全机制,系统应默认开启或采取安全保护措施。 -- 对于个人数据的访问需要有保护机制,主要包括身份认证和访问控制。身份认证(如用户名、密码)限定只有经过认证的用户才能访问数据,可应用于多用户场景;访问控制(如[权限控制](security-guidelines-overall.md#li201725506375))可应用于对应用程序的限制。 +- 对于个人数据的访问需要有保护机制,主要包括身份认证和访问控制。身份认证(如用户名、密码)限定只有经过认证的用户才能访问数据,可应用于多用户场景;访问控制(如[权限控制](security-guidelines-overall.md#section55012136125))可应用于对应用程序的限制。 - 分布式设备个人数据安全存储要满足密钥管理和存储服务(HUKS:Huawei Universal Keystore)的要求,包括:密钥安全存储、数据安全存储。 - 个人数据在分布式设备间传输要满足设备间的信任绑定关系和数据传输通道的安全性要求。详细信息可以参考[设备互联安全](security-guidelines-overall.md#section26153183616)。 - 认证凭证数据(密码、口令、指纹等)须加密存储。 -- Gitee From 866a6d64ed455b58724b6191ddd40087bdea1e85 Mon Sep 17 00:00:00 2001 From: Austin Date: Thu, 17 Feb 2022 08:29:09 +0000 Subject: [PATCH 2/2] update en/device-dev/security/security-privacy-protection.md. Signed-off-by: Austin --- en/device-dev/security/security-privacy-protection.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/en/device-dev/security/security-privacy-protection.md b/en/device-dev/security/security-privacy-protection.md index 0fbba604ba6..551d640e479 100644 --- a/en/device-dev/security/security-privacy-protection.md +++ b/en/device-dev/security/security-privacy-protection.md @@ -190,7 +190,7 @@ You shall obtain consent from users and comply with applicable laws and regulati Data processing security shall be ensured in technical terms, which include encrypted data storage and secure data transfer. Security mechanisms or measures shall be enabled by default for a system. -- A protection mechanism shall be available for personal data access, including identity authentication and access control. Identity authentication \(such as username and password\) allows only authenticated users to access data in multi-user scenarios. Access control \(for example, [permission control](security-guidelines-overall.md#li201725506375)\) can be applied to restrict access to applications. +- A protection mechanism shall be available for personal data access, including identity authentication and access control. Identity authentication \(such as username and password\) allows only authenticated users to access data in multi-user scenarios. Access control \(for example, [permission control](security-guidelines-overall.md#section852593153614)\) can be applied to restrict access to applications. - Secure storage of personal data on distributed devices must meet Huawei Universal Keystore \(HUKS\) requirements, including secure storage of keys and data. - The transfer of personal data between distributed devices must meet the trust binding relationship between devices and security requirements of data transmission channels. For details, see [Security Guidelines](security-guidelines-overall.md#section26153183616). - Authentication data \(such as passwords and fingerprints\) shall be encrypted before being stored. -- Gitee