Development of Alibaba Cloud global infrastructure

Published on 04 Feb 2023

Cloud, data, security, centers

Data security is based on engineering rather than a single piece of technology. This is particularly true for cloud providers. In this whitepaper, we attempt to explain that data protection engineering is a systematic task that requires meticulous design, from constructing physical data centers and IaaS infrastructure to establishing stringent fine-grained data security privileges, systems, and regulations, and is backed by global compliance and qualification standards.

Data only produces value when it flows. Data that cannot be used or evaluated has no value. Data security consists of trust measures to facilitate efficient data flow. At Alibaba Cloud, we do not alter user information. This is the line in the sand and the essential prerequisite for our endeavors. The foundation of Alibaba Cloud's data security concept is assigning data rights and responsibilities. In this approach, data owners, data sharers, and regulators may unleash the trust-based value of data.

Alibaba Cloud has created data risk convergence capabilities on the infrastructure and platform levels based on regions and zones, as shown in the most recent release of its data and privacy protection architecture. Alibaba Cloud offers customers native, highly automated, and transparent protection features prioritizing security, compliance, and privacy. It is dedicated to developing a trustworthy and secure computing environment to allow the circulation and use of protected data.

The foundation of trust is clearly stated rights and responsibilities. In addition to identifying and rating the data, we establish data ownership, usage norms, and deletion rights and ensure compliance with applicable laws, rules, and certifications. It is reasonable to claim that Alibaba Cloud is the Asia-Pacific cloud provider with the most compliance and privacy certifications.

The tools, use situations, and technology used for data security and privacy protection are globally consistent. It includes the use of data lineage to record the complex data exchange links and ensure security, the protection of sensitive data with the addition of blind watermarks only recognizable by machines, data recognition based on deep neural networks, and machine learning to improve data discovery and classification, and the concealment of API calls to improve data access security.

Yet, the driving factor differs from provider to vendor. As the largest cloud provider in the world, Alibaba Cloud is at the forefront of developing the most secure cloud environment, fostering user confidence, and ensuring that users from all over the globe may securely use the cloud.

We also want to collaborate with users to secure data respectably. In the age of the digital economy, the development of core competencies among businesses is predicated on the creation of the trust.

Alibaba cloud infrastructure terminology

Alibaba Cloud expands its infrastructure across continents to provide consumers with highly accessible, secure, and low-latency cloud services to local regulatory requirements. Users may pick several areas and zones of cloud services to do business safely and communicate with clients and partners from anywhere.

Alibaba Cloud's infrastructure is separated into regions and zones. The diagram below illustrates their connections.


Zones are regions within the same territory with distinct electricity and network infrastructure. A zone is a distinct physical place within a region. Each area includes many zones. They are fault-isolated from one another to ensure the security of the application. Network latency between instances in the same zone is minimal. Customers can install their system in several zones to enhance catastrophe resilience.


Alibaba Cloud's physical data centers are referred to as regions. A region includes numerous zones. Users may choose a region in which to produce resources. Unfortunately, when resources are generated, their area cannot be altered. For instance, users may choose China (Beijing) area, which has ten zones.

Cross-regional communication must traverse carrier networks, which may be somewhat slower than communication between zones. Customers that seek minimal latency may install their services locally.

As miniatures of Alibaba Cloud, additional local regions have been introduced in locations with a thriving digital economy and significant commercial potential. The architecture of these areas is identical to that of other core regions. These areas provide a variety of application scenarios with over 40 Alibaba Cloud services across five categories: compute, storage, database, network, and security.

Local regions are smaller and less expensive than central regions, yet they offer the same design and low latency as central regions. Designed for businesses in regions with a thriving digital economy, they facilitate the move of IT centers to the cloud and real-time data interchange.


Download Alibaba Cloud's whitepaper to learn more about cloud data security centers only on Whitepapers Online.



You will receive an email with a download link. To access the link, please check your inbox or spam folder