Cloud Data Loss Prevention (Cloud DLP) kini menjadi bagian dari Perlindungan Data Sensitif. Nama API tetap sama: Cloud Data Loss Prevention API (DLP API). Untuk mengetahui informasi tentang layanan yang membentuk Perlindungan Data Sensitif, lihat Ringkasan Perlindungan Data Sensitif.

Menyesuaikan kemungkinan kecocokan

Dengan menggunakan aturan frasa pengaktif, Anda dapat lebih memperluas lagi pendeteksi infoType bawaan dan kustom dengan aturan konteks yang andal. Aturan frasa pengaktif menginstruksikan Perlindungan Data Sensitif untuk menyesuaikan kemungkinan temuan, bergantung pada apakah frasa pengaktif muncul di dekat penemuan tersebut. Aturan frasa pengaktif adalah sejenis aturan pemeriksaan, yang ditentukan dalam kumpulan aturan. Setiap aturan diterapkan ke kumpulan infoType kustom atau bawaan.

Anatomi aturan frasa pengaktif

Pendeteksi infoType dapat memiliki nol atau beberapa aturan frasa pengaktif. Dalam konfigurasi pemeriksaan, tentukan setiap objek HotwordRule di dalam array rules, sebagai berikut:

"rules":[
  {
    "hotwordRule":{
      "hotwordRegex":{
        "pattern":"REGEX_PATTERN"
      },
      "proximity":{
        "windowAfter":"NUM_CHARS_TO_CONSIDER_AFTER_FINDING",
        "windowBefore":"NUM_CHARS_TO_CONSIDER_BEFORE_FINDING"
      }
      "likelihoodAdjustment":{
        "fixedLikelihood":"LIKELIHOOD_VALUE"
             -- OR --
        "relativeLikelihood":"LIKELIHOOD_ADJUSTMENT"
      },
    }
  },
  ...
]

Ganti kode berikut:

REGEX_PATTERN: ekspresi reguler (objek Regex ) yang menentukan hal yang memenuhi syarat sebagai frasa pengaktif.
NUM_CHARS_TO_CONSIDER_AFTER_FINDING: rentang karakter setelah penemuan. Perlindungan Data Sensitif menganalisis rentang ini untuk menentukan apakah frasa pengaktif muncul di dekat temuan.
NUM_CHARS_TO_CONSIDER_BEFORE_FINDING: rentang karakter sebelum penemuan. Perlindungan Data Sensitif menganalisis rentang ini untuk menentukan apakah frasa pengaktif muncul di dekat temuan.
LIKELIHOOD_VALUE: tingkat Likelihood tetap untuk menetapkan temuan.
LIKELIHOOD_ADJUSTMENT: angka yang menunjukkan seberapa besar perlindungan Data Sensitif harus meningkatkan atau mengurangi kemungkinan temuan. Bilangan bulat positif meningkatkan tingkat kemungkinan, dan bilangan bulat negatif menguranginya. Misalnya, jika temuan adalah POSSIBLE tanpa aturan deteksi dan relativeLikelihood adalah 1, temuan tersebut akan diupgrade ke LIKELY. Jika relativeLikelihood adalah -1, temuan tersebut akan didowngrade ke UNLIKELY. Kemungkinan tidak akan pernah turun lebih rendah dari VERY_UNLIKELY atau melebihi VERY_LIKELY. Dalam kasus ini, tingkat kemungkinannya tetap sama. Misalnya, jika kemungkinan dasarnya adalah VERY_LIKELY dan relativeLikelihood adalah 1, kemungkinan akhir tetap VERY_LIKELY.

Contoh frasa pengaktif: Mencocokkan nomor rekam medis

Misalnya Anda ingin mendeteksi infoType kustom seperti nomor rekam medis (MRN) dalam bentuk "###-#-#####". Selain itu, Anda ingin Perlindungan Data Sensitif untuk meningkatkan kemungkinan kecocokan dari setiap temuan yang mengikuti frasa pengaktif "MRN".

Contoh nilai:

123-4-56789 akan cocok sebagai POSSIBLE.
MRN 123-4-56789 akan cocok dengan VERY_LIKELY.

Contoh JSON dan cuplikan kode berikut menunjukkan cara mengonfigurasi aturan frasa pengaktif. Contoh ini menggunakan pendeteksi ekspresi reguler kustom.

Dalam contoh ini, perhatikan hal-hal berikut:

Permintaan tersebut menentukan infoType kustom C_MRN, yang merupakan detektor untuk string apa pun yang cocok dengan ekspresi reguler [0-9]{3}-[0-9]{1}-[0-9]{5}.
Ekspresi reguler (?i)(mrn|medical)(?-i) menentukan frasa pengaktif. Penelusuran Perlindungan Data Sensitif untuk frasa pengaktif ini dalam rentang karakter yang ditentukan dalam kolom proximity.
Untuk setiap temuan C_MRN yang memiliki frasa pengaktif dalam kumpulan proximity, Perlindungan Data Sensitif menetapkan tingkat kemungkinan ke VERY_LIKELY.

C#

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan


using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
using static Google.Cloud.Dlp.V2.CustomInfoType.Types;

public class InspectDataWithHotwordRule
{
    public static InspectContentResponse InspectDataHotwordRule(
        string projectId,
        string text,
        string customRegex,
        string hotwordRegex,
        InfoType infoType = null)
    {
        // Instantiate dlp client.
        var dlp = DlpServiceClient.Create();

        // Construct the content item.
        var contentItem = new ContentItem
        {
            ByteItem = new ByteContentItem
            {
                Type = ByteContentItem.Types.BytesType.TextUtf8,
                Data = Google.Protobuf.ByteString.CopyFromUtf8(text)
            }
        };

        // Construct the info type if null.
        var infotype = infoType ?? new InfoType { Name = "C_MRN" };

        // Construct the custom regex detector.
        var customInfoType = new CustomInfoType
        {
            InfoType = infotype,
            Regex = new Regex { Pattern = customRegex },
            Likelihood = Likelihood.Possible
        };

        // Construct hotword rule.
        var hotwordRule = new DetectionRule.Types.HotwordRule
        {
            HotwordRegex = new Regex { Pattern = hotwordRegex },
            LikelihoodAdjustment = new DetectionRule.Types.LikelihoodAdjustment
            {
                FixedLikelihood = Likelihood.VeryLikely
            },
            Proximity = new DetectionRule.Types.Proximity
            {
                WindowBefore = 10
            }
        };

        // Construct the rule set for the inspect config.
        var inspectionRuleSet = new InspectionRuleSet
        {
            InfoTypes = { infotype },
            Rules =
            {
                new InspectionRule
                {
                    HotwordRule = hotwordRule
                }
            }
        };

        // Construct the inspect config.
        var inspectConfig = new InspectConfig
        {
            CustomInfoTypes = { customInfoType },
            IncludeQuote = true,
            RuleSet = { inspectionRuleSet },
        };

        // Construct the request.
        var request = new InspectContentRequest
        {
            ParentAsLocationName = new LocationName(projectId, "global"),
            Item = contentItem,
            InspectConfig = inspectConfig
        };

        // Call the API.
        var response = dlp.InspectContent(request);

        // Inspect the response.
        Console.WriteLine($"Findings: {response.Result.Findings.Count}");
        foreach (var f in response.Result.Findings)
        {
            Console.WriteLine("Quote: " + f.Quote);
            Console.WriteLine("Info type: " + f.InfoType.Name);
            Console.WriteLine("Likelihood: " + f.Likelihood);
        }
        return response;
    }
}

Go

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

import (
	"context"
	"fmt"
	"io"

	dlp "cloud.google.com/go/dlp/apiv2"
	"cloud.google.com/go/dlp/apiv2/dlppb"
)

// inspectWithHotWordRules inspects data with hot word rule, it uses custom
// regex with a hot word rule to increase the likelihood match
func inspectWithHotWordRules(w io.Writer, projectID, textToInspect string) error {
	// projectID := "my-project-id"
	// textToInspect := "Patient's MRN 444-5-22222 and just a number 333-2-33333"

	ctx := context.Background()

	// Initialize a client once and reuse it to send multiple requests. Clients
	// are safe to use across goroutines. When the client is no longer needed,
	// call the Close method to cleanup its resources.
	client, err := dlp.NewClient(ctx)
	if err != nil {
		return err
	}

	// Closing the client safely cleans up background resources.
	defer client.Close()

	// Specify the type and content to be inspected.
	contentItem := &dlppb.ContentItem{
		DataItem: &dlppb.ContentItem_ByteItem{
			ByteItem: &dlppb.ByteContentItem{
				Type: dlppb.ByteContentItem_TEXT_UTF8,
				Data: []byte(textToInspect),
			},
		},
	}

	// Construct the custom regex detectors
	customInfoType := &dlppb.CustomInfoType{
		InfoType: &dlppb.InfoType{
			Name: "C_MRN",
		},
		Type: &dlppb.CustomInfoType_Regex_{
			Regex: &dlppb.CustomInfoType_Regex{
				Pattern: "[1-9]{3}-[1-9]{1}-[1-9]{5}",
			},
		},
		Likelihood: dlppb.Likelihood_POSSIBLE,
	}

	// Construct hotword rule.
	hotWordRule := &dlppb.CustomInfoType_DetectionRule_HotwordRule{
		HotwordRegex: &dlppb.CustomInfoType_Regex{
			Pattern: "(?i)(mrn|medical)(?-i)",
		},
		Proximity: &dlppb.CustomInfoType_DetectionRule_Proximity{
			WindowBefore: int32(10),
		},
		LikelihoodAdjustment: &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment{
			Adjustment: &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment_FixedLikelihood{
				FixedLikelihood: dlppb.Likelihood_VERY_LIKELY,
			},
		},
	}

	inspectionRuleSet := &dlppb.InspectionRuleSet{
		Rules: []*dlppb.InspectionRule{
			{
				Type: &dlppb.InspectionRule_HotwordRule{
					HotwordRule: hotWordRule,
				},
			},
		},
		InfoTypes: []*dlppb.InfoType{
			customInfoType.InfoType,
		},
	}

	// Construct the Inspect request to be sent by the client.
	req := &dlppb.InspectContentRequest{
		Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
		Item:   contentItem,
		InspectConfig: &dlppb.InspectConfig{
			CustomInfoTypes: []*dlppb.CustomInfoType{
				customInfoType,
			},
			RuleSet: []*dlppb.InspectionRuleSet{
				inspectionRuleSet,
			},
			IncludeQuote: true,
		},
	}

	// Send the request.
	resp, err := client.InspectContent(ctx, req)
	if err != nil {
		return err
	}

	// Parse the response and process results
	fmt.Fprintf(w, "Findings: %v\n", len(resp.Result.Findings))
	for _, v := range resp.GetResult().Findings {
		fmt.Fprintf(w, "Quote: %v\n", v.GetQuote())
		fmt.Fprintf(w, "InfoType Name: %v\n", v.GetInfoType().GetName())
		fmt.Fprintf(w, "Likelihood: %v\n", v.GetLikelihood())
	}
	return nil
}

Java

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ByteContentItem;
import com.google.privacy.dlp.v2.ByteContentItem.BytesType;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.CustomInfoType.DetectionRule.HotwordRule;
import com.google.privacy.dlp.v2.CustomInfoType.DetectionRule.LikelihoodAdjustment;
import com.google.privacy.dlp.v2.CustomInfoType.DetectionRule.Proximity;
import com.google.privacy.dlp.v2.CustomInfoType.Regex;
import com.google.privacy.dlp.v2.Finding;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectContentRequest;
import com.google.privacy.dlp.v2.InspectContentResponse;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.Likelihood;
import com.google.privacy.dlp.v2.LocationName;
import com.google.protobuf.ByteString;
import java.io.IOException;

public class InspectWithHotwordRules {

  public static void main(String[] args) throws Exception {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    String textToInspect = "Patient's MRN 444-5-22222 and just a number 333-2-33333";
    String customRegexPattern = "[1-9]{3}-[1-9]{1}-[1-9]{5}";
    String hotwordRegexPattern = "(?i)(mrn|medical)(?-i)";
    inspectWithHotwordRules(projectId, textToInspect, customRegexPattern, hotwordRegexPattern);
  }

  // Inspects a BigQuery Table
  public static void inspectWithHotwordRules(
      String projectId, String textToInspect, String customRegexPattern, String hotwordRegexPattern)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify the type and content to be inspected.
      ByteContentItem byteItem =
          ByteContentItem.newBuilder()
              .setType(BytesType.TEXT_UTF8)
              .setData(ByteString.copyFromUtf8(textToInspect))
              .build();
      ContentItem item = ContentItem.newBuilder().setByteItem(byteItem).build();

      // Specify the regex pattern the inspection will look for.
      Regex regex = Regex.newBuilder().setPattern(customRegexPattern).build();

      // Construct the custom regex detector.
      InfoType infoType = InfoType.newBuilder().setName("C_MRN").build();
      CustomInfoType customInfoType =
          CustomInfoType.newBuilder().setInfoType(infoType).setRegex(regex).build();

      // Specify hotword likelihood adjustment.
      LikelihoodAdjustment likelihoodAdjustment =
          LikelihoodAdjustment.newBuilder().setFixedLikelihood(Likelihood.VERY_LIKELY).build();

      // Specify a window around a finding to apply a detection rule.
      Proximity proximity = Proximity.newBuilder().setWindowBefore(10).build();

      // Construct hotword rule.
      HotwordRule hotwordRule =
          HotwordRule.newBuilder()
              .setHotwordRegex(Regex.newBuilder().setPattern(hotwordRegexPattern).build())
              .setLikelihoodAdjustment(likelihoodAdjustment)
              .setProximity(proximity)
              .build();

      // Construct rule set for the inspect config.
      InspectionRuleSet inspectionRuleSet =
          InspectionRuleSet.newBuilder()
              .addInfoTypes(infoType)
              .addRules(InspectionRule.newBuilder().setHotwordRule(hotwordRule))
              .build();

      // Construct the configuration for the Inspect request.
      InspectConfig config =
          InspectConfig.newBuilder()
              .addCustomInfoTypes(customInfoType)
              .setIncludeQuote(true)
              .setMinLikelihood(Likelihood.POSSIBLE)
              .addRuleSet(inspectionRuleSet)
              .build();

      // Construct the Inspect request to be sent by the client.
      InspectContentRequest request =
          InspectContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(item)
              .setInspectConfig(config)
              .build();

      // Use the client to send the API request.
      InspectContentResponse response = dlp.inspectContent(request);

      // Parse the response and process results
      System.out.println("Findings: " + response.getResult().getFindingsCount());
      for (Finding f : response.getResult().getFindingsList()) {
        System.out.println("\tQuote: " + f.getQuote());
        System.out.println("\tInfo type: " + f.getInfoType().getName());
        System.out.println("\tLikelihood: " + f.getLikelihood());
      }
    }
  }
}

Node.js

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');

// Instantiates a client
const dlp = new DLP.DlpServiceClient();

// The project ID to run the API call under
// const projectId = 'my-project';

// The string to inspect
// const string = 'Patients MRN 444-5-22222';

// The minimum likelihood required before returning a match
// const minLikelihood = DLP.protos.google.privacy.dlp.v2.Likelihood.POSSIBLE;

// The maximum number of findings to report per request (0 = server maximum)
// const maxFindings = 0;

// The infoTypes of information to match
// See https://cloud.google.com/dlp/docs/concepts-infotypes for more information
// about supported infoTypes.
// const infoTypes = [{ name: 'EMAIL_ADDRESS' }];

// The customInfoTypes of information to match
// const customInfoTypes = [{ infoType: { name: 'DICT_TYPE' }, dictionary: { wordList: { words: ['foo', 'bar', 'baz']}}},
//   { infoType: { name: 'REGEX_TYPE' }, regex: {pattern: '\\(\\d{3}\\) \\d{3}-\\d{4}'}}];

// Whether to include the matching string
// const includeQuote = true;

// Custom hotword regex patten
// const hotwordRegexPattern = '(?i)(mrn|medical)(?-i)';

async function inspectWithHotwordRule() {
  // Construct item to inspect
  const item = {
    byteItem: {
      type: DLP.protos.google.privacy.dlp.v2.ByteContentItem.BytesType
        .TEXT_UTF8,
      data: Buffer.from(string, 'utf-8'),
    },
  };

  // Construct a hot word rule
  const hotwordRule = {
    hotwordRegex: {
      pattern: hotwordRegexPattern,
    },
    proximity: {
      windowBefore: 10,
    },
    likelihoodAdjustment: {
      fixedLikelihood:
        DLP.protos.google.privacy.dlp.v2.Likelihood.VERY_LIKELY,
    },
  };

  // Construct a hotword inspection rule
  const inpectionRuleSet = [
    {
      infoTypes: customInfoTypes.map(
        customInfoType => customInfoType.infoType
      ),
      rules: [{hotwordRule: hotwordRule}],
    },
  ];

  // Assigns likelihood to each match
  customInfoTypes = customInfoTypes.map(customInfoType => {
    customInfoType.likelihood =
      DLP.protos.google.privacy.dlp.v2.Likelihood.POSSIBLE;
    return customInfoType;
  });

  // Construct request
  const request = {
    parent: `projects/${projectId}/locations/global`,
    inspectConfig: {
      infoTypes: infoTypes,
      customInfoTypes: customInfoTypes,
      minLikelihood: minLikelihood,
      includeQuote: includeQuote,
      limits: {
        maxFindingsPerRequest: maxFindings,
      },
      ruleSet: inpectionRuleSet,
    },
    item: item,
  };

  // Run request
  const [response] = await dlp.inspectContent(request);
  const findings = response.result.findings;
  if (findings.length > 0) {
    console.log('Findings:');
    findings.forEach(finding => {
      if (includeQuote) {
        console.log(`\tQuote: ${finding.quote}`);
      }
      console.log(`\tInfo type: ${finding.infoType.name}`);
      console.log(`\tLikelihood: ${finding.likelihood}`);
    });
  } else {
    console.log('No findings.');
  }
}
inspectWithHotwordRule();

PHP

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\HotwordRule;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\LikelihoodAdjustment;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\Proximity;
use Google\Cloud\Dlp\V2\CustomInfoType\Regex;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectContentRequest;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\Likelihood;

/**
 * Inspect data with a hotword rule
 * This sample uses a custom regex with a hotword rule to increase the likelihood of match.
 *
 * @param string $projectId         The Google Cloud project id to use as a parent resource.
 * @param string $textToInspect     The string to inspect.
 */
function inspect_hotword_rule(
    // TODO(developer): Replace sample parameters before running the code.
    string $projectId,
    string $textToInspect = "Patient's MRN 444-5-22222 and just a number 333-2-33333"
): void {
    // Instantiate a client.
    $dlp = new DlpServiceClient();

    $parent = "projects/$projectId/locations/global";

    // Specify what content you want the service to Inspect.
    $item = (new ContentItem())
        ->setValue($textToInspect);

    // Specify the regex pattern the inspection will look for.
    $customRegexPattern = '[1-9]{3}-[1-9]{1}-[1-9]{5}';
    $hotwordRegexPattern = '(?i)(mrn|medical)(?-i)';

    // Construct the custom regex detector.
    $cMrnDetector = (new InfoType())
        ->setName('C_MRN');
    $customInfoType = (new CustomInfoType())
        ->setInfoType($cMrnDetector)
        ->setLikelihood(Likelihood::POSSIBLE)
        ->setRegex((new Regex())
            ->setPattern($customRegexPattern));

    // Specify hotword likelihood adjustment.
    $likelihoodAdjustment = (new LikelihoodAdjustment())
        ->setFixedLikelihood(Likelihood::VERY_LIKELY);

    // Specify a window around a finding to apply a detection rule.
    $proximity = (new Proximity())
        ->setWindowBefore(10);

    $hotwordRule = (new HotwordRule())
        ->setHotwordRegex((new Regex())
            ->setPattern($hotwordRegexPattern))
        ->setLikelihoodAdjustment($likelihoodAdjustment)
        ->setProximity($proximity);

    // Construct rule set for the inspect config.
    $inspectionRuleSet = (new InspectionRuleSet())
        ->setInfoTypes([$cMrnDetector])
        ->setRules([
            (new InspectionRule())
                ->setHotwordRule($hotwordRule)
        ]);

    // Construct the configuration for the Inspect request.
    $inspectConfig = (new InspectConfig())
        ->setCustomInfoTypes([$customInfoType])
        ->setIncludeQuote(true)
        ->setRuleSet([$inspectionRuleSet]);

    // Run request
    $inspectContentRequest = (new InspectContentRequest())
        ->setParent($parent)
        ->setInspectConfig($inspectConfig)
        ->setItem($item);
    $response = $dlp->inspectContent($inspectContentRequest);

    // Print the results
    $findings = $response->getResult()->getFindings();
    if (count($findings) == 0) {
        printf('No findings.' . PHP_EOL);
    } else {
        printf('Findings:' . PHP_EOL);
        foreach ($findings as $finding) {
            printf('  Quote: %s' . PHP_EOL, $finding->getQuote());
            printf('  Info type: %s' . PHP_EOL, $finding->getInfoType()->getName());
            printf('  Likelihood: %s' . PHP_EOL, Likelihood::name($finding->getLikelihood()));
        }
    }
}

Python

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

import google.cloud.dlp

def inspect_data_w_custom_hotwords(
    project: str,
    content_string: str,
) -> None:
    """Uses the Data Loss Prevention API to analyze string with medical record
       number custom regex detector, with custom hotwords rules to boost finding
       certainty under some circumstances.

    Args:
        project: The Google Cloud project id to use as a parent resource.
        content_string: The string to inspect.

    Returns:
        None; the response from the API is printed to the terminal.
    """

    # Instantiate a client.
    dlp = google.cloud.dlp_v2.DlpServiceClient()

    # Construct a custom regex detector info type called "C_MRN",
    # with ###-#-##### pattern, where each # represents a digit from 1 to 9.
    # The detector has a detection likelihood of POSSIBLE.
    custom_info_types = [
        {
            "info_type": {"name": "C_MRN"},
            "regex": {"pattern": "[1-9]{3}-[1-9]{1}-[1-9]{5}"},
            "likelihood": google.cloud.dlp_v2.Likelihood.POSSIBLE,
        }
    ]

    # Construct a rule set with hotwords "mrn" and "medical", with a likelohood
    # boost to VERY_LIKELY when hotwords are present within the 10 character-
    # window preceding the PII finding.
    hotword_rule = {
        "hotword_regex": {"pattern": "(?i)(mrn|medical)(?-i)"},
        "likelihood_adjustment": {
            "fixed_likelihood": google.cloud.dlp_v2.Likelihood.VERY_LIKELY
        },
        "proximity": {"window_before": 10},
    }

    rule_set = [
        {"info_types": [{"name": "C_MRN"}], "rules": [{"hotword_rule": hotword_rule}]}
    ]

    # Construct the configuration dictionary with the custom regex info type.
    inspect_config = {
        "custom_info_types": custom_info_types,
        "rule_set": rule_set,
        "include_quote": True,
    }

    # Construct the `item`.
    item = {"value": content_string}

    # Convert the project id into a full resource id.
    parent = f"projects/{project}"

    # Call the API.
    response = dlp.inspect_content(
        request={"parent": parent, "inspect_config": inspect_config, "item": item}
    )

    # Print out the results.
    if response.result.findings:
        for finding in response.result.findings:
            print(f"Quote: {finding.quote}")
            print(f"Info type: {finding.info_type.name}")
            print(f"Likelihood: {finding.likelihood}")
    else:
        print("No findings.")

REST

Lihat panduan memulai JSON untuk mengetahui informasi lebih lanjut tentang penggunaan DLP API dengan JSON.

Metode HTTP dan URL:

POST https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect

Ganti PROJECT_ID dengan project ID.

Input JSON:

{
  "item":{
    "value":"Patient's MRN 444-5-22222 and just a number 333-2-33333"
  },
  "inspectConfig":{
    "customInfoTypes":[
      {
        "infoType":{
          "name":"C_MRN"
        },
        "regex":{
          "pattern":"[0-9]{3}-[0-9]{1}-[0-9]{5}"
        },
        "likelihood":"POSSIBLE",
      }
    ],
    "ruleSet":[
        {
        "infoTypes": [{"name" : "C_MRN"}],
        "rules":[
          {
            "hotwordRule":{
              "hotwordRegex":{
                "pattern":"(?i)(mrn|medical)(?-i)"
              },
              "likelihoodAdjustment":{
                "fixedLikelihood":"VERY_LIKELY"
              },
              "proximity":{
                "windowBefore":10
              }
            }
          }
        ]
      }
    ]
  }
}

Output JSON (disingkat):

{
  "result": {
    "findings": [
      {
        "infoType": {
          "name": "C_MRN"
        },
        "likelihood": "VERY_LIKELY",
        "location": {
          "byteRange": {
            "start": "14",
            "end": "25"
          },
          "codepointRange": { ... }
        }
      },
      {
        "infoType": {
          "name": "C_MRN"
        },
        "likelihood": "POSSIBLE",
          "byteRange": {
            "start": "44",
            "end": "55"
          },
          "codepointRange": { ... }
        }
      }
    ]
  }
}

Output menunjukkan bahwa Perlindungan Data Sensitif mengidentifikasi nomor rekam medis dengan benar menggunakan detektor infoType kustom C_MRN. Lebih lanjut, karena konteksnya cocok dalam aturan frasa pengaktif, Perlindungan Data Sensitif menetapkan hasil pertama—yang memiliki MRN dalam proximity yang ditetapkan—kemungkinan VERY_LIKELY, seperti yang dikonfigurasi. Temuan kedua tidak memiliki konteks, sehingga likelihood tetap berada di POSSIBLE.

Contoh frasa pengaktif: Menetapkan kemungkinan kecocokan untuk kolom tabel

Contoh ini menunjukkan cara menetapkan kemungkinan kecocokan di seluruh kolom data. Pendekatan ini berguna, misalnya, jika Anda ingin mengecualikan kolom data dari hasil pemeriksaan.

Perhatikan tabel berikut. Satu kolom berisi nomor Jaminan Sosial (SSN), dan kolom lainnya berisi SSN sungguhan.

Nomor Jaminan Sosial Palsu	Nomor Jaminan Sosial Asli
111-11-1111	222-22-2222

Untuk meminimalkan derau dalam hasil pemeriksaan, Anda dapat mengecualikan temuan di kolom Fake Social Security Number. Tetapkan tingkat kemungkinan rendah untuk kolom ini. Kemudian, konfigurasi permintaan yang cocok dengan tingkat kemungkinan tersebut akan dikecualikan dari hasil.

Dalam contoh ini, perhatikan hal-hal berikut:

Aturan frasa pengaktif diterapkan ke infoType US_SOCIAL_SECURITY_NUMBER.
Ekspresi reguler frasa pengaktif (Fake Social Security Number) berisi nama kolom yang memiliki nilai placeholder.
Properti windowBefore disetel ke 1, yang berarti frasa pengaktif berada di header kolom, dan temuannya harus berada di kolom.
Untuk setiap temuan US_SOCIAL_SECURITY_NUMBER dalam kolom ini, Perlindungan Data Sensitif menetapkan tingkat kemungkinan ke VERY_UNLIKELY.
Properti minLikelihood disetel ke POSSIBLE, yang berarti bahwa setiap temuan yang memiliki tingkat kemungkinan lebih rendah dari POSSIBLE akan dikecualikan dari hasil pemeriksaan.

Lihat panduan memulai JSON untuk mengetahui informasi lebih lanjut tentang penggunaan DLP API dengan JSON.

Metode HTTP dan URL:

POST https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect

Ganti PROJECT_ID dengan project ID.

C#

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan



using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
using System;
using System.Collections.Generic;
using static Google.Cloud.Dlp.V2.CustomInfoType.Types;

public class InspectTableWithCustomHotwords
{
    public static InspectResult InspectTable(
        string projectId,
        Table tableToInspect = null,
        IEnumerable<InfoType> infoTypes = null)
    {
        // Instantiate the dlp client.
        var dlp = DlpServiceClient.Create();

        // Construct the table if null.
        if (tableToInspect == null)
        {
            var row1 = new Value[]
            {
                new Value{ StringValue = "111-11-1111" },
                new Value { StringValue = "222-22-2222" }
            };
            tableToInspect = new Table
            {
                Headers =
                {
                    new FieldId { Name = "Fake Social Security Number" },
                    new FieldId { Name = "Real Social Security Number" }
                },
                Rows =
                {
                    new Table.Types.Row { Values = { row1 } }
                }
            };
        }

        // Specify the table and construct the content item.
        var contentItem = new ContentItem { Table = tableToInspect };

        // Specify the type of info to be inspected.
        var infotypes = infoTypes ?? new InfoType[] { new InfoType { Name = "US_SOCIAL_SECURITY_NUMBER" } };

        // Construct the Inspection Rule Set by specifying the hotword rule as detection rule.
        var ruleSet = new InspectionRuleSet[]
        {
            new InspectionRuleSet
            {
                InfoTypes = { infotypes },
                Rules =
                {
                    new InspectionRule
                    {
                        HotwordRule = new DetectionRule.Types.HotwordRule
                        {
                            HotwordRegex = new Regex
                            {
                                Pattern = "(Fake Social Security Number)"
                            },
                            LikelihoodAdjustment = new DetectionRule.Types.LikelihoodAdjustment
                            {
                                FixedLikelihood = Likelihood.VeryUnlikely
                            },
                            Proximity = new DetectionRule.Types.Proximity
                            {
                                WindowBefore = 1
                            }
                        }
                    }
                }
            }
        };

        // Construct the request.
        var request = new InspectContentRequest
        {
            InspectConfig = new InspectConfig
            {
                InfoTypes = { infotypes },
                IncludeQuote = true,
                MinLikelihood = Likelihood.Possible,
                RuleSet = { ruleSet }
            },
            ParentAsLocationName = new LocationName(projectId, "global"),
            Item = contentItem
        };

        // Call the API.
        InspectContentResponse response = dlp.InspectContent(request);

        // Inspect the results.
        var resultFindings = response.Result.Findings;

        Console.WriteLine($"Findings: {resultFindings.Count}");

        foreach (var f in resultFindings)
        {
            Console.WriteLine("\tQuote: " + f.Quote);
            Console.WriteLine("\tInfo type: " + f.InfoType.Name);
            Console.WriteLine("\tLikelihood: " + f.Likelihood);
        }

        return response.Result;
    }
}

Go

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan


import (
	"context"
	"fmt"
	"io"

	dlp "cloud.google.com/go/dlp/apiv2"
	"cloud.google.com/go/dlp/apiv2/dlppb"
)

// inspectTableWithCustomHotword Sets the match likelihood of a table column to customize data inspection results.
// This example showcases how you can adjust the match likelihood for an entire column of data, enabling the
// exclusion of specific columns from inspection if needed.
func inspectTableWithCustomHotword(w io.Writer, projectID, hotwordRegexPattern string) error {
	// projectID := "your-project-id"
	// hotwordRegexPattern := "(Fake Social Security Number)"

	tableToInspect := &dlppb.Table{
		Headers: []*dlppb.FieldId{
			{Name: "Fake Social Security Number"},
			{Name: "Real Social Security Number"},
		},
		Rows: []*dlppb.Table_Row{
			{
				Values: []*dlppb.Value{
					{
						Type: &dlppb.Value_StringValue{StringValue: "111-11-1111"},
					},
					{
						Type: &dlppb.Value_StringValue{StringValue: "222-22-2222"},
					},
				},
			},
		},
	}

	ctx := context.Background()

	// Initialize a client once and reuse it to send multiple requests. Clients
	// are safe to use across goroutines. When the client is no longer needed,
	// call the Close method to cleanup its resources.
	client, err := dlp.NewClient(ctx)
	if err != nil {
		return err
	}

	// Closing the client safely cleans up background resources.
	defer client.Close()

	// Specify what content you want the service to de-identify.
	contentItem := &dlppb.ContentItem_Table{
		Table: tableToInspect,
	}

	// Specify the likelihood adjustment to adjust the match likelihood for your detection rule
	// based on your needs and desired level of sensitivity in data analysis.
	likelihoodAdjustment := &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment{
		Adjustment: &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment_FixedLikelihood{
			FixedLikelihood: dlppb.Likelihood_VERY_UNLIKELY,
		},
	}

	// Specify the type of info the inspection will look for.
	// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types.
	infoTypes := []*dlppb.InfoType{
		{Name: "US_SOCIAL_SECURITY_NUMBER"},
	}

	// Specify the proximity so that It helps identify sensitive information
	// occurring near other data points, enabling more context-aware analysis.
	proximity := &dlppb.CustomInfoType_DetectionRule_Proximity{
		WindowBefore: 5,
	}

	// Construct hotWord rule.
	hotwordRule := &dlppb.CustomInfoType_DetectionRule_HotwordRule{
		HotwordRegex: &dlppb.CustomInfoType_Regex{
			Pattern: hotwordRegexPattern,
		},
		Proximity:            proximity,
		LikelihoodAdjustment: likelihoodAdjustment,
	}

	// Construct rule set for the inspect config.
	inspectionRuleSet := &dlppb.InspectionRuleSet{
		InfoTypes: infoTypes,
		Rules: []*dlppb.InspectionRule{
			{
				Type: &dlppb.InspectionRule_HotwordRule{
					HotwordRule: hotwordRule,
				},
			},
		},
	}

	// Construct the configuration for the Inspect request.
	config := &dlppb.InspectConfig{
		IncludeQuote:  true,
		InfoTypes:     infoTypes,
		MinLikelihood: dlppb.Likelihood_POSSIBLE,
		RuleSet: []*dlppb.InspectionRuleSet{
			inspectionRuleSet,
		},
	}

	// Construct the Inspect request to be sent by the client.
	req := &dlppb.InspectContentRequest{
		Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
		Item: &dlppb.ContentItem{
			DataItem: contentItem,
		},
		InspectConfig: config,
	}
	// Send the request.
	resp, err := client.InspectContent(ctx, req)
	if err != nil {
		return err
	}

	// Parse the response and process results.
	fmt.Fprintf(w, "Findings: %v\n", len(resp.Result.Findings))
	for _, v := range resp.GetResult().Findings {
		fmt.Fprintf(w, "Quote: %v\n", v.GetQuote())
		fmt.Fprintf(w, "Infotype Name: %v\n", v.GetInfoType().GetName())
		fmt.Fprintf(w, "Likelihood: %v\n", v.GetLikelihood())
	}
	return nil
}

Java

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.Finding;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectContentRequest;
import com.google.privacy.dlp.v2.InspectContentResponse;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.Likelihood;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;

public class InspectTableWithCustomHotword {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    // The Google Cloud project id to use as a parent resource.
    String projectId = "your-project-id";
    // Specify the table to be considered for de-identification.
    Table tableToDeIdentify =
        Table.newBuilder()
            .addHeaders(FieldId.newBuilder().setName("Some Social Security Number").build())
            .addHeaders(FieldId.newBuilder().setName("Real Social Security Number").build())
            .addRows(
                Table.Row.newBuilder()
                    .addValues(Value.newBuilder().setStringValue("111-11-1111").build())
                    .addValues(Value.newBuilder().setStringValue("222-22-2222").build())
                    .build())
            .build();
    // Specify the regex pattern to be detected.
    // Refer https://github.com/google/re2/wiki/Syntax for creating regular expression.
    String hotwordRegexPattern = "Some Social Security Number";
    inspectDemotingFindingsWithHotwords(projectId, tableToDeIdentify, hotwordRegexPattern);
  }

  //  Inspects the provided table, excluding the findings of entire column matching regular
  // expression.
  public static void inspectDemotingFindingsWithHotwords(
      String projectId, Table tableToDeIdentify, String hotwordRegexPattern) throws IOException {

    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      CustomInfoType.DetectionRule.LikelihoodAdjustment likelihoodAdjustment =
          CustomInfoType.DetectionRule.LikelihoodAdjustment.newBuilder()
              .setFixedLikelihood(Likelihood.VERY_UNLIKELY)
              .build();

      // Specify the type of info the inspection will look for.
      // See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types
      List<InfoType> infoTypes =
          Stream.of("US_SOCIAL_SECURITY_NUMBER")
              .map(it -> InfoType.newBuilder().setName(it).build())
              .collect(Collectors.toList());

      CustomInfoType.DetectionRule.Proximity proximity =
          CustomInfoType.DetectionRule.Proximity.newBuilder().setWindowBefore(1).build();

      // Construct hotword rule.
      CustomInfoType.DetectionRule.HotwordRule hotwordRule =
          CustomInfoType.DetectionRule.HotwordRule.newBuilder()
              .setHotwordRegex(
                  CustomInfoType.Regex.newBuilder().setPattern(hotwordRegexPattern).build())
              .setLikelihoodAdjustment(likelihoodAdjustment)
              .setProximity(proximity)
              .build();

      // Construct rule set for the inspect config.
      InspectionRuleSet inspectionRuleSet =
          InspectionRuleSet.newBuilder()
              .addAllInfoTypes(infoTypes)
              .addRules(InspectionRule.newBuilder().setHotwordRule(hotwordRule))
              .build();

      // Construct the configuration for the Inspect request.
      InspectConfig config =
          InspectConfig.newBuilder()
              .setIncludeQuote(true)
              .setMinLikelihood(Likelihood.POSSIBLE)
              .addRuleSet(inspectionRuleSet)
              .addAllInfoTypes(infoTypes)
              .build();

      // Construct the Inspect request to be sent by the client.
      InspectContentRequest request =
          InspectContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setInspectConfig(config)
              .build();

      InspectContentResponse response = dlp.inspectContent(request);
      // Parse the response and process results.
      System.out.println("Findings: " + response.getResult().getFindingsCount());
      for (Finding f : response.getResult().getFindingsList()) {
        System.out.println("\tQuote: " + f.getQuote());
        System.out.println("\tInfo type: " + f.getInfoType().getName());
        System.out.println("\tLikelihood: " + f.getLikelihood());
      }
    }
  }
}

Node.js

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');

// Instantiates a client
const dlp = new DLP.DlpServiceClient();

// The project ID to run the API call under.
// const projectId = "your-project-id";

// Table to inspect
const tableToInspect = {
  headers: [
    {name: 'Fake Social Security Number'},
    {name: 'Real Social Security Number'},
  ],
  rows: [
    {
      values: [{stringValue: '111-11-1111'}, {stringValue: '222-22-2222'}],
    },
  ],
};

async function inspectWithCustomHotwords() {
  // Specify the regex pattern to be detected.
  const hotwordRegexPattern = '(Fake Social Security Number)';

  // Specify what content you want the service to de-identify.
  const contentItem = {
    table: tableToInspect,
  };

  // Specify the type of info the inspection will look for.
  const infoTypes = [{name: 'US_SOCIAL_SECURITY_NUMBER'}];

  // Construct hotword rule.
  const hotwordRule = {
    hotwordRegex: {
      pattern: hotwordRegexPattern,
    },
    likelihoodAdjustment: {
      fixedLikelihood:
        DLP.protos.google.privacy.dlp.v2.Likelihood.VERY_UNLIKELY,
    },
    proximity: {
      windowBefore: 1,
    },
  };

  // Construct rule set for the inspect configuration.
  const inspectionRuleSet = {
    infoTypes: infoTypes,
    rules: [
      {
        hotwordRule: hotwordRule,
      },
    ],
  };

  // Construct the configuration for the Inspect request.
  const config = {
    infoTypes: infoTypes,
    ruleSet: [inspectionRuleSet],
    minLikelihood: DLP.protos.google.privacy.dlp.v2.Likelihood.POSSIBLE,
    includeQuote: true,
  };

  // Construct the Inspect request to be sent by the client.
  const request = {
    parent: `projects/${projectId}/locations/global`,
    item: contentItem,
    inspectConfig: config,
  };

  // Use the client to send the API request.
  const [response] = await dlp.inspectContent(request);

  // Print Findings.
  const findings = response.result.findings;
  if (findings.length > 0) {
    console.log(`Findings: ${findings.length}\n`);
    findings.forEach(finding => {
      console.log(`InfoType: ${finding.infoType.name}`);
      console.log(`\tQuote: ${finding.quote}`);
      console.log(`\tLikelihood: ${finding.likelihood} \n`);
    });
  } else {
    console.log('No findings.');
  }
}
inspectWithCustomHotwords();

PHP

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\HotwordRule;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\LikelihoodAdjustment;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\Proximity;
use Google\Cloud\Dlp\V2\CustomInfoType\Regex;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectContentRequest;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\Likelihood;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\Value;

/**
 * Hotword example: Set the match likelihood of a table column.
 * This example demonstrates how you can set the match likelihood of an entire column of data.
 * This approach is helpful, for example, if you want to exclude a column of data from inspection
 * results.
 *
 * @param string $projectId         The Google Cloud project id to use as a parent resource.
 */
function inspect_column_values_w_custom_hotwords(string $projectId): void
{
    // Instantiate a client.
    $dlp = new DlpServiceClient();

    $parent = "projects/$projectId/locations/global";

    // Specify the table to be inspected.
    $tableToDeIdentify = (new Table())
        ->setHeaders([
            (new FieldId())
                ->setName('Fake Social Security Number'),
            (new FieldId())
                ->setName('Real Social Security Number'),
        ])
        ->setRows([
            (new Row())->setValues([
                (new Value())
                    ->setStringValue('111-11-1111'),
                (new Value())
                    ->setStringValue('222-22-2222')
            ])
        ]);

    $item = (new ContentItem())
        ->setTable($tableToDeIdentify);

    // Specify the regex pattern the inspection will look for.
    $hotwordRegexPattern = 'Fake Social Security Number';

    // Specify hotword likelihood adjustment.
    $likelihoodAdjustment = (new LikelihoodAdjustment())
        ->setFixedLikelihood(Likelihood::VERY_UNLIKELY);

    // Specify a window around a finding to apply a detection rule.
    $proximity = (new Proximity())
        ->setWindowBefore(1);

    // Construct the hotword rule.
    $hotwordRule = (new HotwordRule())
        ->setHotwordRegex((new Regex())
            ->setPattern($hotwordRegexPattern))
        ->setLikelihoodAdjustment($likelihoodAdjustment)
        ->setProximity($proximity);

    // Construct rule set for the inspect config.
    $infotype = (new InfoType())
        ->setName('US_SOCIAL_SECURITY_NUMBER');
    $inspectionRuleSet = (new InspectionRuleSet())
        ->setInfoTypes([$infotype])
        ->setRules([
            (new InspectionRule())
                ->setHotwordRule($hotwordRule)
        ]);

    // Construct the configuration for the Inspect request.
    $inspectConfig = (new InspectConfig())
        ->setInfoTypes([$infotype])
        ->setIncludeQuote(true)
        ->setRuleSet([$inspectionRuleSet])
        ->setMinLikelihood(Likelihood::POSSIBLE);

    // Run request.
    $inspectContentRequest = (new InspectContentRequest())
        ->setParent($parent)
        ->setInspectConfig($inspectConfig)
        ->setItem($item);
    $response = $dlp->inspectContent($inspectContentRequest);

    // Print the results.
    $findings = $response->getResult()->getFindings();
    if (count($findings) == 0) {
        printf('No findings.' . PHP_EOL);
    } else {
        printf('Findings:' . PHP_EOL);
        foreach ($findings as $finding) {
            printf('  Quote: %s' . PHP_EOL, $finding->getQuote());
            printf('  Info type: %s' . PHP_EOL, $finding->getInfoType()->getName());
            printf('  Likelihood: %s' . PHP_EOL, Likelihood::name($finding->getLikelihood()));
        }
    }
}

Python

Untuk mempelajari cara menginstal dan menggunakan library klien untuk Perlindungan Data Sensitif, lihat Library klien Perlindungan Data Sensitif.

Untuk mengautentikasi Perlindungan Data Sensitif, siapkan Kredensial Default Aplikasi. Untuk mengetahui informasi selengkapnya, baca Menyiapkan autentikasi untuk lingkungan pengembangan lokal.

Lihat di GitHub Masukan

from typing import List

import google.cloud.dlp

def inspect_column_values_w_custom_hotwords(
    project: str,
    table_header: List[str],
    table_rows: List[List[str]],
    info_types: List[str],
    custom_hotword: str,
) -> None:
    """Uses the Data Loss Prevention API to inspect table data using built-in
    infoType detectors, excluding columns that match a custom hot-word.
    Args:
        project: The Google Cloud project id to use as a parent resource.
        table_header: List of strings representing table field names.
        table_rows: List of rows representing table values.
        info_types: The infoType for which hot-word rule is applied.
        custom_hotword: The custom regular expression used for likelihood boosting.
    """

    # Instantiate a client
    dlp = google.cloud.dlp_v2.DlpServiceClient()

    # Construct the `table`. For more details on the table schema, please see
    # https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
    headers = [{"name": val} for val in table_header]
    rows = []
    for row in table_rows:
        rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
    table = {"headers": headers, "rows": rows}

    # Construct the `item` for table to be inspected.
    item = {"table": table}

    # Prepare info_types by converting the list of strings into a list of
    # dictionaries.
    info_types = [{"name": info_type} for info_type in info_types]

    # Construct a rule set with caller provided hot-word, with a likelihood
    # boost to VERY_UNLIKELY when the hot-word are present
    hotword_rule = {
        "hotword_regex": {"pattern": custom_hotword},
        "likelihood_adjustment": {
            "fixed_likelihood": google.cloud.dlp_v2.Likelihood.VERY_UNLIKELY
        },
        "proximity": {"window_before": 1},
    }

    rule_set = [
        {
            "info_types": info_types,
            "rules": [{"hotword_rule": hotword_rule}],
        }
    ]

    # Construct the configuration dictionary, which defines the entire inspect content task.
    inspect_config = {
        "info_types": info_types,
        "rule_set": rule_set,
        "min_likelihood": google.cloud.dlp_v2.Likelihood.POSSIBLE,
        "include_quote": True,
    }

    # Convert the project id into a full resource id.
    parent = f"projects/{project}/locations/global"

    # Call the API
    response = dlp.inspect_content(
        request={
            "parent": parent,
            "inspect_config": inspect_config,
            "item": item,
        }
    )

    # Print out the results.
    if response.result.findings:
        for finding in response.result.findings:
            try:
                if finding.quote:
                    print(f"Quote: {finding.quote}")
            except AttributeError:
                pass
            print(f"Info type: {finding.info_type.name}")
            print(f"Likelihood: {finding.likelihood}")
    else:
        print("No findings.")

REST

Input JSON:

{
  "item": {
    "table": {
      "headers": [
        {
          "name": "Fake Social Security Number"
        },
        {
          "name": "Real Social Security Number"
        }
      ],
      "rows": [
        {
          "values": [
            {
              "stringValue": "111-11-1111"
            },
            {
              "stringValue": "222-22-2222"
            }
          ]
        }
      ]
    }
  },
  "inspectConfig": {
    "infoTypes": [
      {
        "name": "US_SOCIAL_SECURITY_NUMBER"
      }
    ],
    "includeQuote": true,
    "ruleSet": [
      {
        "infoTypes": [
          {
            "name": "US_SOCIAL_SECURITY_NUMBER"
          }
        ],
        "rules": [
          {
            "hotwordRule": {
              "hotwordRegex": {
                "pattern": "(Fake Social Security Number)"
              },
              "likelihoodAdjustment": {
                "fixedLikelihood": "VERY_UNLIKELY"
              },
              "proximity": {
                "windowBefore": 1
              }
            }
          }
        ]
      }
    ],
    "minLikelihood": "POSSIBLE"
  }
}

Output JSON:

{
  "result": {
    "findings": [
      {
        "quote": "222-22-2222",
        "infoType": {
          "name": "US_SOCIAL_SECURITY_NUMBER"
        },
        "likelihood": "VERY_LIKELY",
        "location": {
          "byteRange": {
            "end": "11"
          },
          "codepointRange": {
            "end": "11"
          },
          "contentLocations": [
            {
              "recordLocation": {
                "fieldId": {
                  "name": "Real Social Security Number"
                },
                "tableLocation": {}
              }
            }
          ]
        },
        "createTime": "TIMESTAMP",
        "findingId": "TIMESTAMP"
      }
    ]
  }
}

Nilai 111-11-1111, yang berada di kolom Fake Social Security Number, cocok dengan aturan frasa pengaktif, sehingga Perlindungan Data Sensitif ditetapkan ke tingkat kemungkinan VERY_UNLIKELY . Level ini lebih rendah dari kemungkinan minimum yang ditetapkan dalam konfigurasi pemeriksaan (POSSIBLE), sehingga temuan ini dikecualikan dari hasil pemeriksaan.

Anda dapat bereksperimen dengan contoh ini dengan menghapus kumpulan aturan. Perhatikan bahwa Perlindungan Data Sensitif menyertakan 111-11-1111 dalam hasil.