You need to design a secure mechanism for data storage in Amazon S3 that ensures confidentiality and integrity of data at rest. Which encryption options should you consider?