일치 가능성 맞춤설정

핫워드 규칙을 사용하여 강력한 컨텍스트 규칙으로 내장커스텀 infoType 감지기를 더 확장할 수 있습니다. 핫워드 규칙은 핫워드가 발견 항목 근처에서 발생하는지 여부에 따라 민감한 정보 보호에 발견 항목 가능성을 조정하도록 지시합니다. 핫워드 규칙은 규칙 세트에 지정된 검사 규칙의 한 유형입니다. 각 규칙은 내장 또는 커스텀 infoType 집합에 적용됩니다.

핫워드 규칙 심층 분석

infoType 감지기에는 핫워드 규칙이 없거나 여러 개일 수 있습니다. 검사 구성에서 다음과 같이 rules 배열 내에 각 HotwordRule 객체를 정의합니다.

"rules":[
  {
    "hotwordRule":{
      "hotwordRegex":{
        "pattern":"REGEX_PATTERN"
      },
      "proximity":{
        "windowAfter":"NUM_CHARS_TO_CONSIDER_AFTER_FINDING",
        "windowBefore":"NUM_CHARS_TO_CONSIDER_BEFORE_FINDING"
      }
      "likelihoodAdjustment":{
        "fixedLikelihood":"LIKELIHOOD_VALUE"
             -- OR --
        "relativeLikelihood":"LIKELIHOOD_ADJUSTMENT"
      },
    }
  },
  ...
]

다음을 바꿉니다.

  • REGEX_PATTERN: 핫워드로 한정되는 대상을 정의하는 정규 표현식(Regex 객체)입니다.
  • NUM_CHARS_TO_CONSIDER_AFTER_FINDING: 결과 다음의 문자 범위입니다. 민감한 정보 보호는 이 범위를 분석하여 핫워드가 발견 항목 근처에서 발생하는지 여부를 확인합니다.
  • NUM_CHARS_TO_CONSIDER_BEFORE_FINDING: 결과 이전의 문자 범위입니다. 민감한 정보 보호는 이 범위를 분석하여 핫워드가 발견 항목 근처에서 발생하는지 여부를 확인합니다.

  • LIKELIHOOD_VALUE: 결과를 설정할 고정된 Likelihood 수준입니다.

  • LIKELIHOOD_ADJUSTMENT: 민감한 정보 보호에서 발견 항목 가능성을 늘리거나 줄여야 하는 양을 나타내는 숫자입니다. 양의 정수는 가능성 수준을 늘리고 음의 정수는 줄입니다. 예를 들어 감지 규칙이 없고 relativeLikelihood가 1인 상태에서 결과가 POSSIBLE이면 결과가 LIKELY로 업그레이드됩니다. relativeLikelihood가 -1이면 결과가 UNLIKELY로 다운그레이드됩니다. 가능성은 VERY_UNLIKELY보다 아래로 떨어지거나 VERY_LIKELY를 초과할 수 없습니다. 이러한 경우 가능성 수준이 동일하게 유지됩니다. 예를 들어 기본 가능성이 VERY_LIKELY이고 relativeLikelihood가 1인 경우 최종 가능성은 VERY_LIKELY로 유지됩니다.

핫워드 예시: 의료 레코드 번호 대조

'###-#-#####' 형식의 의료 기록 번호(MRN)와 같은 커스텀 infoType을 검색한다고 가정해보세요. 그리고 민감한 정보 보호가 핫워드 'MRN' 다음에 오는 각 발견 항목의 일치 가능성을 높이려고 합니다.

예시 값:

  • 123-4-56789의 일치 가능성은 POSSIBLE입니다.
  • MRN 123-4-56789의 일치 가능성은 VERY_LIKELY입니다.

다음 JSON 예시 및 코드 스니펫은 핫워드 규칙을 구성하는 방법을 보여줍니다. 이 예시에서는 커스텀 정규 표현식 감지기가 사용됩니다.

이 예시에서는 다음에 주의하세요.

  • 이 요청은 정규 표현식 [0-9]{3}-[0-9]{1}-[0-9]{5}와 일치하는 문자열의 감지기인 C_MRN 커스텀 infoType을 정의합니다.
  • 정규 표현식 (?i)(mrn|medical)(?-i)는 핫워드를 정의합니다. 민감한 정보 보호는 proximity 필드에 정의된 문자 범위 내에서 이 핫워드를 검색합니다.
  • proximity 집합 내에서 핫워드가 있는 각 C_MRN 발견 항목에 대해 민감한 정보 보호는 가능성 수준을 VERY_LIKELY로 설정합니다.

C#

민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.


using System;
using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
using static Google.Cloud.Dlp.V2.CustomInfoType.Types;

public class InspectDataWithHotwordRule
{
    public static InspectContentResponse InspectDataHotwordRule(
        string projectId,
        string text,
        string customRegex,
        string hotwordRegex,
        InfoType infoType = null)
    {
        // Instantiate dlp client.
        var dlp = DlpServiceClient.Create();

        // Construct the content item.
        var contentItem = new ContentItem
        {
            ByteItem = new ByteContentItem
            {
                Type = ByteContentItem.Types.BytesType.TextUtf8,
                Data = Google.Protobuf.ByteString.CopyFromUtf8(text)
            }
        };

        // Construct the info type if null.
        var infotype = infoType ?? new InfoType { Name = "C_MRN" };

        // Construct the custom regex detector.
        var customInfoType = new CustomInfoType
        {
            InfoType = infotype,
            Regex = new Regex { Pattern = customRegex },
            Likelihood = Likelihood.Possible
        };

        // Construct hotword rule.
        var hotwordRule = new DetectionRule.Types.HotwordRule
        {
            HotwordRegex = new Regex { Pattern = hotwordRegex },
            LikelihoodAdjustment = new DetectionRule.Types.LikelihoodAdjustment
            {
                FixedLikelihood = Likelihood.VeryLikely
            },
            Proximity = new DetectionRule.Types.Proximity
            {
                WindowBefore = 10
            }
        };

        // Construct the rule set for the inspect config.
        var inspectionRuleSet = new InspectionRuleSet
        {
            InfoTypes = { infotype },
            Rules =
            {
                new InspectionRule
                {
                    HotwordRule = hotwordRule
                }
            }
        };

        // Construct the inspect config.
        var inspectConfig = new InspectConfig
        {
            CustomInfoTypes = { customInfoType },
            IncludeQuote = true,
            RuleSet = { inspectionRuleSet },
        };

        // Construct the request.
        var request = new InspectContentRequest
        {
            ParentAsLocationName = new LocationName(projectId, "global"),
            Item = contentItem,
            InspectConfig = inspectConfig
        };

        // Call the API.
        var response = dlp.InspectContent(request);

        // Inspect the response.
        Console.WriteLine($"Findings: {response.Result.Findings.Count}");
        foreach (var f in response.Result.Findings)
        {
            Console.WriteLine("Quote: " + f.Quote);
            Console.WriteLine("Info type: " + f.InfoType.Name);
            Console.WriteLine("Likelihood: " + f.Likelihood);
        }
        return response;
    }
}

Go

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

import (
	"context"
	"fmt"
	"io"

	dlp "cloud.google.com/go/dlp/apiv2"
	"cloud.google.com/go/dlp/apiv2/dlppb"
)

// inspectWithHotWordRules inspects data with hot word rule, it uses custom
// regex with a hot word rule to increase the likelihood match
func inspectWithHotWordRules(w io.Writer, projectID, textToInspect string) error {
	// projectID := "my-project-id"
	// textToInspect := "Patient's MRN 444-5-22222 and just a number 333-2-33333"

	ctx := context.Background()

	// Initialize a client once and reuse it to send multiple requests. Clients
	// are safe to use across goroutines. When the client is no longer needed,
	// call the Close method to cleanup its resources.
	client, err := dlp.NewClient(ctx)
	if err != nil {
		return err
	}

	// Closing the client safely cleans up background resources.
	defer client.Close()

	// Specify the type and content to be inspected.
	contentItem := &dlppb.ContentItem{
		DataItem: &dlppb.ContentItem_ByteItem{
			ByteItem: &dlppb.ByteContentItem{
				Type: dlppb.ByteContentItem_TEXT_UTF8,
				Data: []byte(textToInspect),
			},
		},
	}

	// Construct the custom regex detectors
	customInfoType := &dlppb.CustomInfoType{
		InfoType: &dlppb.InfoType{
			Name: "C_MRN",
		},
		Type: &dlppb.CustomInfoType_Regex_{
			Regex: &dlppb.CustomInfoType_Regex{
				Pattern: "[1-9]{3}-[1-9]{1}-[1-9]{5}",
			},
		},
		Likelihood: dlppb.Likelihood_POSSIBLE,
	}

	// Construct hotword rule.
	hotWordRule := &dlppb.CustomInfoType_DetectionRule_HotwordRule{
		HotwordRegex: &dlppb.CustomInfoType_Regex{
			Pattern: "(?i)(mrn|medical)(?-i)",
		},
		Proximity: &dlppb.CustomInfoType_DetectionRule_Proximity{
			WindowBefore: int32(10),
		},
		LikelihoodAdjustment: &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment{
			Adjustment: &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment_FixedLikelihood{
				FixedLikelihood: dlppb.Likelihood_VERY_LIKELY,
			},
		},
	}

	inspectionRuleSet := &dlppb.InspectionRuleSet{
		Rules: []*dlppb.InspectionRule{
			{
				Type: &dlppb.InspectionRule_HotwordRule{
					HotwordRule: hotWordRule,
				},
			},
		},
		InfoTypes: []*dlppb.InfoType{
			customInfoType.InfoType,
		},
	}

	// Construct the Inspect request to be sent by the client.
	req := &dlppb.InspectContentRequest{
		Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
		Item:   contentItem,
		InspectConfig: &dlppb.InspectConfig{
			CustomInfoTypes: []*dlppb.CustomInfoType{
				customInfoType,
			},
			RuleSet: []*dlppb.InspectionRuleSet{
				inspectionRuleSet,
			},
			IncludeQuote: true,
		},
	}

	// Send the request.
	resp, err := client.InspectContent(ctx, req)
	if err != nil {
		return err
	}

	// Parse the response and process results
	fmt.Fprintf(w, "Findings: %v\n", len(resp.Result.Findings))
	for _, v := range resp.GetResult().Findings {
		fmt.Fprintf(w, "Quote: %v\n", v.GetQuote())
		fmt.Fprintf(w, "InfoType Name: %v\n", v.GetInfoType().GetName())
		fmt.Fprintf(w, "Likelihood: %v\n", v.GetLikelihood())
	}
	return nil
}

Java

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ByteContentItem;
import com.google.privacy.dlp.v2.ByteContentItem.BytesType;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.CustomInfoType.DetectionRule.HotwordRule;
import com.google.privacy.dlp.v2.CustomInfoType.DetectionRule.LikelihoodAdjustment;
import com.google.privacy.dlp.v2.CustomInfoType.DetectionRule.Proximity;
import com.google.privacy.dlp.v2.CustomInfoType.Regex;
import com.google.privacy.dlp.v2.Finding;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectContentRequest;
import com.google.privacy.dlp.v2.InspectContentResponse;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.Likelihood;
import com.google.privacy.dlp.v2.LocationName;
import com.google.protobuf.ByteString;
import java.io.IOException;

public class InspectWithHotwordRules {

  public static void main(String[] args) throws Exception {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    String textToInspect = "Patient's MRN 444-5-22222 and just a number 333-2-33333";
    String customRegexPattern = "[1-9]{3}-[1-9]{1}-[1-9]{5}";
    String hotwordRegexPattern = "(?i)(mrn|medical)(?-i)";
    inspectWithHotwordRules(projectId, textToInspect, customRegexPattern, hotwordRegexPattern);
  }

  // Inspects a BigQuery Table
  public static void inspectWithHotwordRules(
      String projectId, String textToInspect, String customRegexPattern, String hotwordRegexPattern)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify the type and content to be inspected.
      ByteContentItem byteItem =
          ByteContentItem.newBuilder()
              .setType(BytesType.TEXT_UTF8)
              .setData(ByteString.copyFromUtf8(textToInspect))
              .build();
      ContentItem item = ContentItem.newBuilder().setByteItem(byteItem).build();

      // Specify the regex pattern the inspection will look for.
      Regex regex = Regex.newBuilder().setPattern(customRegexPattern).build();

      // Construct the custom regex detector.
      InfoType infoType = InfoType.newBuilder().setName("C_MRN").build();
      CustomInfoType customInfoType =
          CustomInfoType.newBuilder().setInfoType(infoType).setRegex(regex).build();

      // Specify hotword likelihood adjustment.
      LikelihoodAdjustment likelihoodAdjustment =
          LikelihoodAdjustment.newBuilder().setFixedLikelihood(Likelihood.VERY_LIKELY).build();

      // Specify a window around a finding to apply a detection rule.
      Proximity proximity = Proximity.newBuilder().setWindowBefore(10).build();

      // Construct hotword rule.
      HotwordRule hotwordRule =
          HotwordRule.newBuilder()
              .setHotwordRegex(Regex.newBuilder().setPattern(hotwordRegexPattern).build())
              .setLikelihoodAdjustment(likelihoodAdjustment)
              .setProximity(proximity)
              .build();

      // Construct rule set for the inspect config.
      InspectionRuleSet inspectionRuleSet =
          InspectionRuleSet.newBuilder()
              .addInfoTypes(infoType)
              .addRules(InspectionRule.newBuilder().setHotwordRule(hotwordRule))
              .build();

      // Construct the configuration for the Inspect request.
      InspectConfig config =
          InspectConfig.newBuilder()
              .addCustomInfoTypes(customInfoType)
              .setIncludeQuote(true)
              .setMinLikelihood(Likelihood.POSSIBLE)
              .addRuleSet(inspectionRuleSet)
              .build();

      // Construct the Inspect request to be sent by the client.
      InspectContentRequest request =
          InspectContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(item)
              .setInspectConfig(config)
              .build();

      // Use the client to send the API request.
      InspectContentResponse response = dlp.inspectContent(request);

      // Parse the response and process results
      System.out.println("Findings: " + response.getResult().getFindingsCount());
      for (Finding f : response.getResult().getFindingsList()) {
        System.out.println("\tQuote: " + f.getQuote());
        System.out.println("\tInfo type: " + f.getInfoType().getName());
        System.out.println("\tLikelihood: " + f.getLikelihood());
      }
    }
  }
}

Node.js

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');

// Instantiates a client
const dlp = new DLP.DlpServiceClient();

// The project ID to run the API call under
// const projectId = 'my-project';

// The string to inspect
// const string = 'Patients MRN 444-5-22222';

// The minimum likelihood required before returning a match
// const minLikelihood = DLP.protos.google.privacy.dlp.v2.Likelihood.POSSIBLE;

// The maximum number of findings to report per request (0 = server maximum)
// const maxFindings = 0;

// The infoTypes of information to match
// See https://cloud.google.com/dlp/docs/concepts-infotypes for more information
// about supported infoTypes.
// const infoTypes = [{ name: 'EMAIL_ADDRESS' }];

// The customInfoTypes of information to match
// const customInfoTypes = [{ infoType: { name: 'DICT_TYPE' }, dictionary: { wordList: { words: ['foo', 'bar', 'baz']}}},
//   { infoType: { name: 'REGEX_TYPE' }, regex: {pattern: '\\(\\d{3}\\) \\d{3}-\\d{4}'}}];

// Whether to include the matching string
// const includeQuote = true;

// Custom hotword regex patten
// const hotwordRegexPattern = '(?i)(mrn|medical)(?-i)';

async function inspectWithHotwordRule() {
  // Construct item to inspect
  const item = {
    byteItem: {
      type: DLP.protos.google.privacy.dlp.v2.ByteContentItem.BytesType
        .TEXT_UTF8,
      data: Buffer.from(string, 'utf-8'),
    },
  };

  // Construct a hot word rule
  const hotwordRule = {
    hotwordRegex: {
      pattern: hotwordRegexPattern,
    },
    proximity: {
      windowBefore: 10,
    },
    likelihoodAdjustment: {
      fixedLikelihood:
        DLP.protos.google.privacy.dlp.v2.Likelihood.VERY_LIKELY,
    },
  };

  // Construct a hotword inspection rule
  const inpectionRuleSet = [
    {
      infoTypes: customInfoTypes.map(
        customInfoType => customInfoType.infoType
      ),
      rules: [{hotwordRule: hotwordRule}],
    },
  ];

  // Assigns likelihood to each match
  customInfoTypes = customInfoTypes.map(customInfoType => {
    customInfoType.likelihood =
      DLP.protos.google.privacy.dlp.v2.Likelihood.POSSIBLE;
    return customInfoType;
  });

  // Construct request
  const request = {
    parent: `projects/${projectId}/locations/global`,
    inspectConfig: {
      infoTypes: infoTypes,
      customInfoTypes: customInfoTypes,
      minLikelihood: minLikelihood,
      includeQuote: includeQuote,
      limits: {
        maxFindingsPerRequest: maxFindings,
      },
      ruleSet: inpectionRuleSet,
    },
    item: item,
  };

  // Run request
  const [response] = await dlp.inspectContent(request);
  const findings = response.result.findings;
  if (findings.length > 0) {
    console.log('Findings:');
    findings.forEach(finding => {
      if (includeQuote) {
        console.log(`\tQuote: ${finding.quote}`);
      }
      console.log(`\tInfo type: ${finding.infoType.name}`);
      console.log(`\tLikelihood: ${finding.likelihood}`);
    });
  } else {
    console.log('No findings.');
  }
}
inspectWithHotwordRule();

PHP

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\HotwordRule;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\LikelihoodAdjustment;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\Proximity;
use Google\Cloud\Dlp\V2\CustomInfoType\Regex;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectContentRequest;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\Likelihood;

/**
 * Inspect data with a hotword rule
 * This sample uses a custom regex with a hotword rule to increase the likelihood of match.
 *
 * @param string $projectId         The Google Cloud project id to use as a parent resource.
 * @param string $textToInspect     The string to inspect.
 */
function inspect_hotword_rule(
    // TODO(developer): Replace sample parameters before running the code.
    string $projectId,
    string $textToInspect = "Patient's MRN 444-5-22222 and just a number 333-2-33333"
): void {
    // Instantiate a client.
    $dlp = new DlpServiceClient();

    $parent = "projects/$projectId/locations/global";

    // Specify what content you want the service to Inspect.
    $item = (new ContentItem())
        ->setValue($textToInspect);

    // Specify the regex pattern the inspection will look for.
    $customRegexPattern = '[1-9]{3}-[1-9]{1}-[1-9]{5}';
    $hotwordRegexPattern = '(?i)(mrn|medical)(?-i)';

    // Construct the custom regex detector.
    $cMrnDetector = (new InfoType())
        ->setName('C_MRN');
    $customInfoType = (new CustomInfoType())
        ->setInfoType($cMrnDetector)
        ->setLikelihood(Likelihood::POSSIBLE)
        ->setRegex((new Regex())
            ->setPattern($customRegexPattern));

    // Specify hotword likelihood adjustment.
    $likelihoodAdjustment = (new LikelihoodAdjustment())
        ->setFixedLikelihood(Likelihood::VERY_LIKELY);

    // Specify a window around a finding to apply a detection rule.
    $proximity = (new Proximity())
        ->setWindowBefore(10);

    $hotwordRule = (new HotwordRule())
        ->setHotwordRegex((new Regex())
            ->setPattern($hotwordRegexPattern))
        ->setLikelihoodAdjustment($likelihoodAdjustment)
        ->setProximity($proximity);

    // Construct rule set for the inspect config.
    $inspectionRuleSet = (new InspectionRuleSet())
        ->setInfoTypes([$cMrnDetector])
        ->setRules([
            (new InspectionRule())
                ->setHotwordRule($hotwordRule)
        ]);

    // Construct the configuration for the Inspect request.
    $inspectConfig = (new InspectConfig())
        ->setCustomInfoTypes([$customInfoType])
        ->setIncludeQuote(true)
        ->setRuleSet([$inspectionRuleSet]);

    // Run request
    $inspectContentRequest = (new InspectContentRequest())
        ->setParent($parent)
        ->setInspectConfig($inspectConfig)
        ->setItem($item);
    $response = $dlp->inspectContent($inspectContentRequest);

    // Print the results
    $findings = $response->getResult()->getFindings();
    if (count($findings) == 0) {
        printf('No findings.' . PHP_EOL);
    } else {
        printf('Findings:' . PHP_EOL);
        foreach ($findings as $finding) {
            printf('  Quote: %s' . PHP_EOL, $finding->getQuote());
            printf('  Info type: %s' . PHP_EOL, $finding->getInfoType()->getName());
            printf('  Likelihood: %s' . PHP_EOL, Likelihood::name($finding->getLikelihood()));
        }
    }
}

Python

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

import google.cloud.dlp

def inspect_data_w_custom_hotwords(
    project: str,
    content_string: str,
) -> None:
    """Uses the Data Loss Prevention API to analyze string with medical record
       number custom regex detector, with custom hotwords rules to boost finding
       certainty under some circumstances.

    Args:
        project: The Google Cloud project id to use as a parent resource.
        content_string: The string to inspect.

    Returns:
        None; the response from the API is printed to the terminal.
    """

    # Instantiate a client.
    dlp = google.cloud.dlp_v2.DlpServiceClient()

    # Construct a custom regex detector info type called "C_MRN",
    # with ###-#-##### pattern, where each # represents a digit from 1 to 9.
    # The detector has a detection likelihood of POSSIBLE.
    custom_info_types = [
        {
            "info_type": {"name": "C_MRN"},
            "regex": {"pattern": "[1-9]{3}-[1-9]{1}-[1-9]{5}"},
            "likelihood": google.cloud.dlp_v2.Likelihood.POSSIBLE,
        }
    ]

    # Construct a rule set with hotwords "mrn" and "medical", with a likelohood
    # boost to VERY_LIKELY when hotwords are present within the 10 character-
    # window preceding the PII finding.
    hotword_rule = {
        "hotword_regex": {"pattern": "(?i)(mrn|medical)(?-i)"},
        "likelihood_adjustment": {
            "fixed_likelihood": google.cloud.dlp_v2.Likelihood.VERY_LIKELY
        },
        "proximity": {"window_before": 10},
    }

    rule_set = [
        {"info_types": [{"name": "C_MRN"}], "rules": [{"hotword_rule": hotword_rule}]}
    ]

    # Construct the configuration dictionary with the custom regex info type.
    inspect_config = {
        "custom_info_types": custom_info_types,
        "rule_set": rule_set,
        "include_quote": True,
    }

    # Construct the `item`.
    item = {"value": content_string}

    # Convert the project id into a full resource id.
    parent = f"projects/{project}"

    # Call the API.
    response = dlp.inspect_content(
        request={"parent": parent, "inspect_config": inspect_config, "item": item}
    )

    # Print out the results.
    if response.result.findings:
        for finding in response.result.findings:
            print(f"Quote: {finding.quote}")
            print(f"Info type: {finding.info_type.name}")
            print(f"Likelihood: {finding.likelihood}")
    else:
        print("No findings.")

REST

JSON과 함께 DLP API를 사용하는 데 대한 자세한 내용은 JSON 빠른 시작을 참조하세요.

HTTP 메소드 및 URL:

POST https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect

PROJECT_ID프로젝트 ID로 바꿉니다.

JSON 입력:

{
  "item":{
    "value":"Patient's MRN 444-5-22222 and just a number 333-2-33333"
  },
  "inspectConfig":{
    "customInfoTypes":[
      {
        "infoType":{
          "name":"C_MRN"
        },
        "regex":{
          "pattern":"[0-9]{3}-[0-9]{1}-[0-9]{5}"
        },
        "likelihood":"POSSIBLE",
      }
    ],
    "ruleSet":[
        {
        "infoTypes": [{"name" : "C_MRN"}],
        "rules":[
          {
            "hotwordRule":{
              "hotwordRegex":{
                "pattern":"(?i)(mrn|medical)(?-i)"
              },
              "likelihoodAdjustment":{
                "fixedLikelihood":"VERY_LIKELY"
              },
              "proximity":{
                "windowBefore":10
              }
            }
          }
        ]
      }
    ]
  }
}

JSON 출력(축약형):

{
  "result": {
    "findings": [
      {
        "infoType": {
          "name": "C_MRN"
        },
        "likelihood": "VERY_LIKELY",
        "location": {
          "byteRange": {
            "start": "14",
            "end": "25"
          },
          "codepointRange": { ... }
        }
      },
      {
        "infoType": {
          "name": "C_MRN"
        },
        "likelihood": "POSSIBLE",
          "byteRange": {
            "start": "44",
            "end": "55"
          },
          "codepointRange": { ... }
        }
      }
    ]
  }
}

출력에는 민감한 정보 보호가 C_MRN 커스텀 infoType 감지기를 사용하여 의료 기록 번호를 올바르게 식별한 것으로 표시됩니다. 또한 핫워드 규칙에 사용된 컨텍스트 일치로 인해 민감한 정보 보호에서 proximity 집합 내에 MRN이 있는 첫 번째 결과에 구성된 대로 VERY_LIKELY 가능성을 할당했습니다. 두 번째 결과는 컨텍스트가 부족하므로 likelihoodPOSSIBLE로 유지되었습니다.

핫워드 예시: 테이블 열의 일치 가능성 설정

이 예시에서는 전체 데이터 열의 일치 가능성을 설정하는 방법을 보여줍니다. 예를 들어 검사 결과에서 데이터 열을 제외하려면 이 접근 방법이 유용합니다.

다음 테이블을 참조하세요. 한 열에는 자리표시자 사회 보장 번호(SSN)이 포함되고 다른 열에는 실제 SSN이 포함됩니다.

가짜 사회 보장 번호 실제 사회 보장 번호
111-11-1111 222-22-2222

검사 결과에서 노이즈를 최소화하려면 Fake Social Security Number 열에서 결과를 제외할 수 있습니다. 이 열에 낮은 가능성 수준을 할당합니다. 그런 후 해당 가능성 수준과 일치 항목이 결과에서 제외되도록 요청을 구성합니다.

이 예시에서는 다음에 주의하세요.

  • 핫워드 규칙은 US_SOCIAL_SECURITY_NUMBER infoType에 적용됩니다.
  • 핫워드 정규 표현식 (Fake Social Security Number)에는 자리표시자 값이 있는 열의 이름이 포함됩니다.
  • windowBefore 속성은 1로 설정됩니다. 즉, 핫워드는 열 헤더에 있고 발견 항목은 열에 있어야 함을 의미합니다.
  • 이 열의 각 US_SOCIAL_SECURITY_NUMBER 발견 항목에 대해 민감한 정보 보호는 가능성 수준을 VERY_UNLIKELY로 설정합니다.
  • minLikelihood 속성은 POSSIBLE로 설정됩니다. 즉, POSSIBLE보다 낮은 가능성 수준의 결과가 검사 결과에서 제외됩니다.

JSON과 함께 DLP API를 사용하는 데 대한 자세한 내용은 JSON 빠른 시작을 참조하세요.

HTTP 메소드 및 URL:

POST https://dlp.googleapis.com/v2/projects/PROJECT_ID/content:inspect

PROJECT_ID프로젝트 ID로 바꿉니다.

C#

민감한 정보 보호의 클라이언트 라이브러리를 설치하고 사용하는 방법은 민감한 정보 보호 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.



using Google.Api.Gax.ResourceNames;
using Google.Cloud.Dlp.V2;
using System;
using System.Collections.Generic;
using static Google.Cloud.Dlp.V2.CustomInfoType.Types;

public class InspectTableWithCustomHotwords
{
    public static InspectResult InspectTable(
        string projectId,
        Table tableToInspect = null,
        IEnumerable<InfoType> infoTypes = null)
    {
        // Instantiate the dlp client.
        var dlp = DlpServiceClient.Create();

        // Construct the table if null.
        if (tableToInspect == null)
        {
            var row1 = new Value[]
            {
                new Value{ StringValue = "111-11-1111" },
                new Value { StringValue = "222-22-2222" }
            };
            tableToInspect = new Table
            {
                Headers =
                {
                    new FieldId { Name = "Fake Social Security Number" },
                    new FieldId { Name = "Real Social Security Number" }
                },
                Rows =
                {
                    new Table.Types.Row { Values = { row1 } }
                }
            };
        }

        // Specify the table and construct the content item.
        var contentItem = new ContentItem { Table = tableToInspect };

        // Specify the type of info to be inspected.
        var infotypes = infoTypes ?? new InfoType[] { new InfoType { Name = "US_SOCIAL_SECURITY_NUMBER" } };

        // Construct the Inspection Rule Set by specifying the hotword rule as detection rule.
        var ruleSet = new InspectionRuleSet[]
        {
            new InspectionRuleSet
            {
                InfoTypes = { infotypes },
                Rules =
                {
                    new InspectionRule
                    {
                        HotwordRule = new DetectionRule.Types.HotwordRule
                        {
                            HotwordRegex = new Regex
                            {
                                Pattern = "(Fake Social Security Number)"
                            },
                            LikelihoodAdjustment = new DetectionRule.Types.LikelihoodAdjustment
                            {
                                FixedLikelihood = Likelihood.VeryUnlikely
                            },
                            Proximity = new DetectionRule.Types.Proximity
                            {
                                WindowBefore = 1
                            }
                        }
                    }
                }
            }
        };

        // Construct the request.
        var request = new InspectContentRequest
        {
            InspectConfig = new InspectConfig
            {
                InfoTypes = { infotypes },
                IncludeQuote = true,
                MinLikelihood = Likelihood.Possible,
                RuleSet = { ruleSet }
            },
            ParentAsLocationName = new LocationName(projectId, "global"),
            Item = contentItem
        };

        // Call the API.
        InspectContentResponse response = dlp.InspectContent(request);

        // Inspect the results.
        var resultFindings = response.Result.Findings;

        Console.WriteLine($"Findings: {resultFindings.Count}");

        foreach (var f in resultFindings)
        {
            Console.WriteLine("\tQuote: " + f.Quote);
            Console.WriteLine("\tInfo type: " + f.InfoType.Name);
            Console.WriteLine("\tLikelihood: " + f.Likelihood);
        }

        return response.Result;
    }
}

Go

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.


import (
	"context"
	"fmt"
	"io"

	dlp "cloud.google.com/go/dlp/apiv2"
	"cloud.google.com/go/dlp/apiv2/dlppb"
)

// inspectTableWithCustomHotword Sets the match likelihood of a table column to customize data inspection results.
// This example showcases how you can adjust the match likelihood for an entire column of data, enabling the
// exclusion of specific columns from inspection if needed.
func inspectTableWithCustomHotword(w io.Writer, projectID, hotwordRegexPattern string) error {
	// projectID := "your-project-id"
	// hotwordRegexPattern := "(Fake Social Security Number)"

	tableToInspect := &dlppb.Table{
		Headers: []*dlppb.FieldId{
			{Name: "Fake Social Security Number"},
			{Name: "Real Social Security Number"},
		},
		Rows: []*dlppb.Table_Row{
			{
				Values: []*dlppb.Value{
					{
						Type: &dlppb.Value_StringValue{StringValue: "111-11-1111"},
					},
					{
						Type: &dlppb.Value_StringValue{StringValue: "222-22-2222"},
					},
				},
			},
		},
	}

	ctx := context.Background()

	// Initialize a client once and reuse it to send multiple requests. Clients
	// are safe to use across goroutines. When the client is no longer needed,
	// call the Close method to cleanup its resources.
	client, err := dlp.NewClient(ctx)
	if err != nil {
		return err
	}

	// Closing the client safely cleans up background resources.
	defer client.Close()

	// Specify what content you want the service to de-identify.
	contentItem := &dlppb.ContentItem_Table{
		Table: tableToInspect,
	}

	// Specify the likelihood adjustment to adjust the match likelihood for your detection rule
	// based on your needs and desired level of sensitivity in data analysis.
	likelihoodAdjustment := &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment{
		Adjustment: &dlppb.CustomInfoType_DetectionRule_LikelihoodAdjustment_FixedLikelihood{
			FixedLikelihood: dlppb.Likelihood_VERY_UNLIKELY,
		},
	}

	// Specify the type of info the inspection will look for.
	// See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types.
	infoTypes := []*dlppb.InfoType{
		{Name: "US_SOCIAL_SECURITY_NUMBER"},
	}

	// Specify the proximity so that It helps identify sensitive information
	// occurring near other data points, enabling more context-aware analysis.
	proximity := &dlppb.CustomInfoType_DetectionRule_Proximity{
		WindowBefore: 5,
	}

	// Construct hotWord rule.
	hotwordRule := &dlppb.CustomInfoType_DetectionRule_HotwordRule{
		HotwordRegex: &dlppb.CustomInfoType_Regex{
			Pattern: hotwordRegexPattern,
		},
		Proximity:            proximity,
		LikelihoodAdjustment: likelihoodAdjustment,
	}

	// Construct rule set for the inspect config.
	inspectionRuleSet := &dlppb.InspectionRuleSet{
		InfoTypes: infoTypes,
		Rules: []*dlppb.InspectionRule{
			{
				Type: &dlppb.InspectionRule_HotwordRule{
					HotwordRule: hotwordRule,
				},
			},
		},
	}

	// Construct the configuration for the Inspect request.
	config := &dlppb.InspectConfig{
		IncludeQuote:  true,
		InfoTypes:     infoTypes,
		MinLikelihood: dlppb.Likelihood_POSSIBLE,
		RuleSet: []*dlppb.InspectionRuleSet{
			inspectionRuleSet,
		},
	}

	// Construct the Inspect request to be sent by the client.
	req := &dlppb.InspectContentRequest{
		Parent: fmt.Sprintf("projects/%s/locations/global", projectID),
		Item: &dlppb.ContentItem{
			DataItem: contentItem,
		},
		InspectConfig: config,
	}
	// Send the request.
	resp, err := client.InspectContent(ctx, req)
	if err != nil {
		return err
	}

	// Parse the response and process results.
	fmt.Fprintf(w, "Findings: %v\n", len(resp.Result.Findings))
	for _, v := range resp.GetResult().Findings {
		fmt.Fprintf(w, "Quote: %v\n", v.GetQuote())
		fmt.Fprintf(w, "Infotype Name: %v\n", v.GetInfoType().GetName())
		fmt.Fprintf(w, "Likelihood: %v\n", v.GetLikelihood())
	}
	return nil
}

Java

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.CustomInfoType;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.Finding;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InspectConfig;
import com.google.privacy.dlp.v2.InspectContentRequest;
import com.google.privacy.dlp.v2.InspectContentResponse;
import com.google.privacy.dlp.v2.InspectionRule;
import com.google.privacy.dlp.v2.InspectionRuleSet;
import com.google.privacy.dlp.v2.Likelihood;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;

public class InspectTableWithCustomHotword {

  public static void main(String[] args) throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    // The Google Cloud project id to use as a parent resource.
    String projectId = "your-project-id";
    // Specify the table to be considered for de-identification.
    Table tableToDeIdentify =
        Table.newBuilder()
            .addHeaders(FieldId.newBuilder().setName("Some Social Security Number").build())
            .addHeaders(FieldId.newBuilder().setName("Real Social Security Number").build())
            .addRows(
                Table.Row.newBuilder()
                    .addValues(Value.newBuilder().setStringValue("111-11-1111").build())
                    .addValues(Value.newBuilder().setStringValue("222-22-2222").build())
                    .build())
            .build();
    // Specify the regex pattern to be detected.
    // Refer https://github.com/google/re2/wiki/Syntax for creating regular expression.
    String hotwordRegexPattern = "Some Social Security Number";
    inspectDemotingFindingsWithHotwords(projectId, tableToDeIdentify, hotwordRegexPattern);
  }

  //  Inspects the provided table, excluding the findings of entire column matching regular
  // expression.
  public static void inspectDemotingFindingsWithHotwords(
      String projectId, Table tableToDeIdentify, String hotwordRegexPattern) throws IOException {

    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      CustomInfoType.DetectionRule.LikelihoodAdjustment likelihoodAdjustment =
          CustomInfoType.DetectionRule.LikelihoodAdjustment.newBuilder()
              .setFixedLikelihood(Likelihood.VERY_UNLIKELY)
              .build();

      // Specify the type of info the inspection will look for.
      // See https://cloud.google.com/dlp/docs/infotypes-reference for complete list of info types
      List<InfoType> infoTypes =
          Stream.of("US_SOCIAL_SECURITY_NUMBER")
              .map(it -> InfoType.newBuilder().setName(it).build())
              .collect(Collectors.toList());

      CustomInfoType.DetectionRule.Proximity proximity =
          CustomInfoType.DetectionRule.Proximity.newBuilder().setWindowBefore(1).build();

      // Construct hotword rule.
      CustomInfoType.DetectionRule.HotwordRule hotwordRule =
          CustomInfoType.DetectionRule.HotwordRule.newBuilder()
              .setHotwordRegex(
                  CustomInfoType.Regex.newBuilder().setPattern(hotwordRegexPattern).build())
              .setLikelihoodAdjustment(likelihoodAdjustment)
              .setProximity(proximity)
              .build();

      // Construct rule set for the inspect config.
      InspectionRuleSet inspectionRuleSet =
          InspectionRuleSet.newBuilder()
              .addAllInfoTypes(infoTypes)
              .addRules(InspectionRule.newBuilder().setHotwordRule(hotwordRule))
              .build();

      // Construct the configuration for the Inspect request.
      InspectConfig config =
          InspectConfig.newBuilder()
              .setIncludeQuote(true)
              .setMinLikelihood(Likelihood.POSSIBLE)
              .addRuleSet(inspectionRuleSet)
              .addAllInfoTypes(infoTypes)
              .build();

      // Construct the Inspect request to be sent by the client.
      InspectContentRequest request =
          InspectContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setInspectConfig(config)
              .build();

      InspectContentResponse response = dlp.inspectContent(request);
      // Parse the response and process results.
      System.out.println("Findings: " + response.getResult().getFindingsCount());
      for (Finding f : response.getResult().getFindingsList()) {
        System.out.println("\tQuote: " + f.getQuote());
        System.out.println("\tInfo type: " + f.getInfoType().getName());
        System.out.println("\tLikelihood: " + f.getLikelihood());
      }
    }
  }
}

Node.js

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

// Imports the Google Cloud Data Loss Prevention library
const DLP = require('@google-cloud/dlp');

// Instantiates a client
const dlp = new DLP.DlpServiceClient();

// The project ID to run the API call under.
// const projectId = "your-project-id";

// Table to inspect
const tableToInspect = {
  headers: [
    {name: 'Fake Social Security Number'},
    {name: 'Real Social Security Number'},
  ],
  rows: [
    {
      values: [{stringValue: '111-11-1111'}, {stringValue: '222-22-2222'}],
    },
  ],
};

async function inspectWithCustomHotwords() {
  // Specify the regex pattern to be detected.
  const hotwordRegexPattern = '(Fake Social Security Number)';

  // Specify what content you want the service to de-identify.
  const contentItem = {
    table: tableToInspect,
  };

  // Specify the type of info the inspection will look for.
  const infoTypes = [{name: 'US_SOCIAL_SECURITY_NUMBER'}];

  // Construct hotword rule.
  const hotwordRule = {
    hotwordRegex: {
      pattern: hotwordRegexPattern,
    },
    likelihoodAdjustment: {
      fixedLikelihood:
        DLP.protos.google.privacy.dlp.v2.Likelihood.VERY_UNLIKELY,
    },
    proximity: {
      windowBefore: 1,
    },
  };

  // Construct rule set for the inspect configuration.
  const inspectionRuleSet = {
    infoTypes: infoTypes,
    rules: [
      {
        hotwordRule: hotwordRule,
      },
    ],
  };

  // Construct the configuration for the Inspect request.
  const config = {
    infoTypes: infoTypes,
    ruleSet: [inspectionRuleSet],
    minLikelihood: DLP.protos.google.privacy.dlp.v2.Likelihood.POSSIBLE,
    includeQuote: true,
  };

  // Construct the Inspect request to be sent by the client.
  const request = {
    parent: `projects/${projectId}/locations/global`,
    item: contentItem,
    inspectConfig: config,
  };

  // Use the client to send the API request.
  const [response] = await dlp.inspectContent(request);

  // Print Findings.
  const findings = response.result.findings;
  if (findings.length > 0) {
    console.log(`Findings: ${findings.length}\n`);
    findings.forEach(finding => {
      console.log(`InfoType: ${finding.infoType.name}`);
      console.log(`\tQuote: ${finding.quote}`);
      console.log(`\tLikelihood: ${finding.likelihood} \n`);
    });
  } else {
    console.log('No findings.');
  }
}
inspectWithCustomHotwords();

PHP

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

use Google\Cloud\Dlp\V2\Client\DlpServiceClient;
use Google\Cloud\Dlp\V2\ContentItem;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\HotwordRule;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\LikelihoodAdjustment;
use Google\Cloud\Dlp\V2\CustomInfoType\DetectionRule\Proximity;
use Google\Cloud\Dlp\V2\CustomInfoType\Regex;
use Google\Cloud\Dlp\V2\FieldId;
use Google\Cloud\Dlp\V2\InfoType;
use Google\Cloud\Dlp\V2\InspectConfig;
use Google\Cloud\Dlp\V2\InspectContentRequest;
use Google\Cloud\Dlp\V2\InspectionRule;
use Google\Cloud\Dlp\V2\InspectionRuleSet;
use Google\Cloud\Dlp\V2\Likelihood;
use Google\Cloud\Dlp\V2\Table;
use Google\Cloud\Dlp\V2\Table\Row;
use Google\Cloud\Dlp\V2\Value;

/**
 * Hotword example: Set the match likelihood of a table column.
 * This example demonstrates how you can set the match likelihood of an entire column of data.
 * This approach is helpful, for example, if you want to exclude a column of data from inspection
 * results.
 *
 * @param string $projectId         The Google Cloud project id to use as a parent resource.
 */
function inspect_column_values_w_custom_hotwords(string $projectId): void
{
    // Instantiate a client.
    $dlp = new DlpServiceClient();

    $parent = "projects/$projectId/locations/global";

    // Specify the table to be inspected.
    $tableToDeIdentify = (new Table())
        ->setHeaders([
            (new FieldId())
                ->setName('Fake Social Security Number'),
            (new FieldId())
                ->setName('Real Social Security Number'),
        ])
        ->setRows([
            (new Row())->setValues([
                (new Value())
                    ->setStringValue('111-11-1111'),
                (new Value())
                    ->setStringValue('222-22-2222')
            ])
        ]);

    $item = (new ContentItem())
        ->setTable($tableToDeIdentify);

    // Specify the regex pattern the inspection will look for.
    $hotwordRegexPattern = 'Fake Social Security Number';

    // Specify hotword likelihood adjustment.
    $likelihoodAdjustment = (new LikelihoodAdjustment())
        ->setFixedLikelihood(Likelihood::VERY_UNLIKELY);

    // Specify a window around a finding to apply a detection rule.
    $proximity = (new Proximity())
        ->setWindowBefore(1);

    // Construct the hotword rule.
    $hotwordRule = (new HotwordRule())
        ->setHotwordRegex((new Regex())
            ->setPattern($hotwordRegexPattern))
        ->setLikelihoodAdjustment($likelihoodAdjustment)
        ->setProximity($proximity);

    // Construct rule set for the inspect config.
    $infotype = (new InfoType())
        ->setName('US_SOCIAL_SECURITY_NUMBER');
    $inspectionRuleSet = (new InspectionRuleSet())
        ->setInfoTypes([$infotype])
        ->setRules([
            (new InspectionRule())
                ->setHotwordRule($hotwordRule)
        ]);

    // Construct the configuration for the Inspect request.
    $inspectConfig = (new InspectConfig())
        ->setInfoTypes([$infotype])
        ->setIncludeQuote(true)
        ->setRuleSet([$inspectionRuleSet])
        ->setMinLikelihood(Likelihood::POSSIBLE);

    // Run request.
    $inspectContentRequest = (new InspectContentRequest())
        ->setParent($parent)
        ->setInspectConfig($inspectConfig)
        ->setItem($item);
    $response = $dlp->inspectContent($inspectContentRequest);

    // Print the results.
    $findings = $response->getResult()->getFindings();
    if (count($findings) == 0) {
        printf('No findings.' . PHP_EOL);
    } else {
        printf('Findings:' . PHP_EOL);
        foreach ($findings as $finding) {
            printf('  Quote: %s' . PHP_EOL, $finding->getQuote());
            printf('  Info type: %s' . PHP_EOL, $finding->getInfoType()->getName());
            printf('  Likelihood: %s' . PHP_EOL, Likelihood::name($finding->getLikelihood()));
        }
    }
}

Python

Sensitive Data Protection의 클라이언트 라이브러리를 설치하고 사용하는 방법은 Sensitive Data Protection 클라이언트 라이브러리를 참조하세요.

Sensitive Data Protection에 인증하려면 애플리케이션 기본 사용자 인증 정보를 설정합니다. 자세한 내용은 로컬 개발 환경의 인증 설정을 참조하세요.

from typing import List

import google.cloud.dlp

def inspect_column_values_w_custom_hotwords(
    project: str,
    table_header: List[str],
    table_rows: List[List[str]],
    info_types: List[str],
    custom_hotword: str,
) -> None:
    """Uses the Data Loss Prevention API to inspect table data using built-in
    infoType detectors, excluding columns that match a custom hot-word.
    Args:
        project: The Google Cloud project id to use as a parent resource.
        table_header: List of strings representing table field names.
        table_rows: List of rows representing table values.
        info_types: The infoType for which hot-word rule is applied.
        custom_hotword: The custom regular expression used for likelihood boosting.
    """

    # Instantiate a client
    dlp = google.cloud.dlp_v2.DlpServiceClient()

    # Construct the `table`. For more details on the table schema, please see
    # https://cloud.google.com/dlp/docs/reference/rest/v2/ContentItem#Table
    headers = [{"name": val} for val in table_header]
    rows = []
    for row in table_rows:
        rows.append({"values": [{"string_value": cell_val} for cell_val in row]})
    table = {"headers": headers, "rows": rows}

    # Construct the `item` for table to be inspected.
    item = {"table": table}

    # Prepare info_types by converting the list of strings into a list of
    # dictionaries.
    info_types = [{"name": info_type} for info_type in info_types]

    # Construct a rule set with caller provided hot-word, with a likelihood
    # boost to VERY_UNLIKELY when the hot-word are present
    hotword_rule = {
        "hotword_regex": {"pattern": custom_hotword},
        "likelihood_adjustment": {
            "fixed_likelihood": google.cloud.dlp_v2.Likelihood.VERY_UNLIKELY
        },
        "proximity": {"window_before": 1},
    }

    rule_set = [
        {
            "info_types": info_types,
            "rules": [{"hotword_rule": hotword_rule}],
        }
    ]

    # Construct the configuration dictionary, which defines the entire inspect content task.
    inspect_config = {
        "info_types": info_types,
        "rule_set": rule_set,
        "min_likelihood": google.cloud.dlp_v2.Likelihood.POSSIBLE,
        "include_quote": True,
    }

    # Convert the project id into a full resource id.
    parent = f"projects/{project}/locations/global"

    # Call the API
    response = dlp.inspect_content(
        request={
            "parent": parent,
            "inspect_config": inspect_config,
            "item": item,
        }
    )

    # Print out the results.
    if response.result.findings:
        for finding in response.result.findings:
            try:
                if finding.quote:
                    print(f"Quote: {finding.quote}")
            except AttributeError:
                pass
            print(f"Info type: {finding.info_type.name}")
            print(f"Likelihood: {finding.likelihood}")
    else:
        print("No findings.")

REST

JSON 입력:

{
  "item": {
    "table": {
      "headers": [
        {
          "name": "Fake Social Security Number"
        },
        {
          "name": "Real Social Security Number"
        }
      ],
      "rows": [
        {
          "values": [
            {
              "stringValue": "111-11-1111"
            },
            {
              "stringValue": "222-22-2222"
            }
          ]
        }
      ]
    }
  },
  "inspectConfig": {
    "infoTypes": [
      {
        "name": "US_SOCIAL_SECURITY_NUMBER"
      }
    ],
    "includeQuote": true,
    "ruleSet": [
      {
        "infoTypes": [
          {
            "name": "US_SOCIAL_SECURITY_NUMBER"
          }
        ],
        "rules": [
          {
            "hotwordRule": {
              "hotwordRegex": {
                "pattern": "(Fake Social Security Number)"
              },
              "likelihoodAdjustment": {
                "fixedLikelihood": "VERY_UNLIKELY"
              },
              "proximity": {
                "windowBefore": 1
              }
            }
          }
        ]
      }
    ],
    "minLikelihood": "POSSIBLE"
  }
}

JSON 출력:

{
  "result": {
    "findings": [
      {
        "quote": "222-22-2222",
        "infoType": {
          "name": "US_SOCIAL_SECURITY_NUMBER"
        },
        "likelihood": "VERY_LIKELY",
        "location": {
          "byteRange": {
            "end": "11"
          },
          "codepointRange": {
            "end": "11"
          },
          "contentLocations": [
            {
              "recordLocation": {
                "fieldId": {
                  "name": "Real Social Security Number"
                },
                "tableLocation": {}
              }
            }
          ]
        },
        "createTime": "TIMESTAMP",
        "findingId": "TIMESTAMP"
      }
    ]
  }
}

Fake Social Security Number 열에 있는 111-11-1111 값이 핫워드 규칙과 일치하므로 민감한 정보 보호가 VERY_UNLIKELY 가능성 수준에 할당됩니다. 이 수준은 검사 구성(POSSIBLE)에 설정된 최소 가능성보다 낮으므로, 이 결과가 검사 결과에 제외됩니다.

규칙 집합을 삭제하여 이 예시로 실험할 수 있습니다. 민감한 정보 보호 결과에는 111-11-1111이 포함됩니다.