Data encryption

Data encryption refers to protecting data while in-transit (as it travels to and from Amazon IoT SiteWise, and between SiteWise Edge gateways and servers), and at rest (while it is stored on local devices or in Amazon services). You can protect data in transit using Transport Layer Security (TLS) or at rest using client-side encryption.

Note

Amazon IoT SiteWise edge processing exposes APIs that are hosted within SiteWise Edge gateways and accessible over the local network. These APIs are exposed over a TLS connection backed by a server-certificate owned by the Amazon IoT SiteWise Edge connector. For client authentication, these APIs use an access-control password. The server-certificate private-key and the access-control password are both stored on disk. Amazon IoT SiteWise edge processing relies on file-system encryption for the security of these credentials at rest.

For more information about server-side encryption and client-side encryption, review the topics listed below.

Topics

Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Internetwork traffic privacy

Encryption at rest