Block Storage is a high-performance, low latency block storage service for Alibaba Cloud ECS. It supports random or sequential read and writes operations. Block Storage is similar to a physical disk. You can format a Block Storage device and create a file system on it to meet the data storage needs of your business.

Block Storage devices

Alibaba Cloud provides a variety of Block Storage devices for ECS instances, such as disks and Share Block Storage devices based on a distributed storage architecture, and local disks located on the physical servers where the ECS instances are hosted.

Data security

• Data reliability during reading and writing operations

Three copies of your business data are stored in the Block Storage cluster in the same zone to ensure 99.9999999% data reliability during reading and write operations. For more information, see Triplicate technology.

• Proactive backup

You can create snapshots at regular intervals to enhance your data security. Snapshots are backup services provided by Alibaba Cloud. They provide data backup capabilities for disks and Shared Block Storage devices, ensuring that information such as logs and customer transactions are backed up. For more information, see Snapshot overview.

• Data erasure mechanism

When you delete a piece of data from disks and Share Block Storage devices, it is completely erased from the distributed Block Storage system and can no longer be accessed by other users in any way. The following measures are used to ensure all data is erased:

1. To make full use of the high bandwidth and low latency features of sequential writing to a physical disk, the storage system appends data to an existing file at the underlayer of a disk in sequence. Based on the features of appending data to an existing file, deleting the logical space of a disk is recorded as metadata. The storage system returns only zero for all requests of reading data from the logical space. Similarly, when you overwrite the data in the logical space of a disk or a Shared Block Storage device, the storage system does not directly overwrite the data in the logical space but modifies the mapping between the logical space and the physical space. This ensures that data that has been overwritten can no longer be read. Data fragments that result from delete or overwrite operations are forcibly and permanently deleted from the underlying physical disks.
2. When a block storage device (disk) is released, the storage system destroys the metadata immediately to ensure that the data can no longer be accessed. At the same time, the physical storage space corresponding to the disk is recycled. The physical space must be cleared before it is re-assigned to store data. Before data is written to a new disk, the system returns only zero for all read requests.

• Data encryption

For data-sensitive applications, we recommend that you encrypt the storage devices that you use. Disks and their snapshots are encrypted with keys based on the industry-standard AES-256 algorithm. Data is automatically encrypted when it is transmitted from ECS instances to disks and automatically decrypted when the data is read. For more information, see Encryption overview.

Read More: https://www.alibabacloud.com/help/doc-detail/63136.htm?