표 형식 데이터 익명화 예시

Cloud Data Loss Prevention(DLP)는 구조화된 데이터 내에서 민감한 정보를 감지하고 분류, 익명화할 수 있습니다. 콘텐츠를 테이블을 익명화할 때 구조 및 열은 Cloud DLP에 일부 사용 사례에 더 나은 결과를 제공하는 데 사용할 수 있는 추가 정보를 제공합니다. 예를 들어 전체 테이블 구조 대신 단일 열에서 특정 데이터 유형을 스캔할 수 있습니다.

이 주제에서는 구조화된 텍스트 내에서 민감한 정보의 익명화를 구성하는 방법을 예시로 제공합니다. 익명화는 레코드 변환을 통해 사용 설정됩니다. 이러한 변환은 표 형식 텍스트 데이터에서 특정 infoType으로 식별되는 값 또는 표 형식 데이터의 전체 열에 적용됩니다.

이 주제에서는 암호화 해시 방법을 사용하는 표 형식 데이터 변환도 예시로 제공합니다. 암호화 변환 메서드는 암호화 키 요구 사항으로 인해 고유합니다.

다음 예시에서 제공된 JSON은 "deidentifyConfig"(DeidentifyConfig) 속성 내에서 모든 익명화 요청에 삽입할 수 있습니다. 'API 탐색기 예시' 링크를 클릭하여 API 탐색기의 JSON 예시를 사용해 보세요.

검사 없이 열 변환

콘텐츠가 이미 알려진 특정 열을 변환하려면 검사를 건너 뛰고 변환을 직접 지정할 수 있습니다. 표 다음에 나오는 예시에서 버킷은 '행복 점수' 열을 10씩 증가시킵니다.

입력 변환된 테이블
연령 환자 행복 점수
101 찰스 디킨스 95
22 제인 오스틴 21
55 마크 트웨인 75
연령 환자 행복 점수
101 찰스 디킨스 90:100
22 제인 오스틴 20:30
55 마크 트웨인 70:80

자바


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.FixedSizeBucketingConfig;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;

public class DeIdentifyTableBucketing {

  public static void deIdentifyTableBucketing() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    Table tableToDeIdentify = Table.newBuilder()
        .addHeaders(FieldId.newBuilder().setName("AGE").build())
        .addHeaders(FieldId.newBuilder().setName("PATIENT").build())
        .addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("101").build())
            .addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
            .addValues(Value.newBuilder().setStringValue("95").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("22").build())
            .addValues(Value.newBuilder().setStringValue("Jane Austen").build())
            .addValues(Value.newBuilder().setStringValue("21").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("55").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain").build())
            .addValues(Value.newBuilder().setStringValue("75").build())
            .build())
        .build();

    deIdentifyTableBucketing(projectId, tableToDeIdentify);
  }

  public static Table deIdentifyTableBucketing(String projectId, Table tableToDeIdentify)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      // Specify how the content should be de-identified.
      FixedSizeBucketingConfig fixedSizeBucketingConfig =
          FixedSizeBucketingConfig.newBuilder()
              .setBucketSize(10)
              .setLowerBound(Value.newBuilder().setIntegerValue(0).build())
              .setUpperBound(Value.newBuilder().setIntegerValue(100).build())
              .build();
      PrimitiveTransformation primitiveTransformation =
          PrimitiveTransformation.newBuilder()
              .setFixedSizeBucketingConfig(fixedSizeBucketingConfig)
              .build();

      // Specify field to be encrypted.
      FieldId fieldId = FieldId.newBuilder().setName("HAPPINESS SCORE").build();

      // Associate the encryption with the specified field.
      FieldTransformation fieldTransformation =
          FieldTransformation.newBuilder()
              .setPrimitiveTransformation(primitiveTransformation)
              .addFields(fieldId)
              .build();
      RecordTransformations transformations =
          RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();

      DeidentifyConfig deidentifyConfig =
          DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();

      // Combine configurations into a request for the service.
      DeidentifyContentRequest request =
          DeidentifyContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setDeidentifyConfig(deidentifyConfig)
              .build();

      // Send the request and receive response from the service.
      DeidentifyContentResponse response = dlp.deidentifyContent(request);

      // Print the results.
      System.out.println(
          "Table after de-identification: " + response.getItem().getTable());

      return response.getItem().getTable();
    }
  }
}

API 탐색기 예시

"deidentifyConfig":{
  "recordTransformations":{
    "fieldTransformations":[
      {
        "fields":[
          {
            "name":"HAPPINESS SCORE"
          }
        ],
        "primitiveTransformation":{
          "fixedSizeBucketingConfig":{
            "bucketSize":10,
            "lowerBound":{
              "integerValue":"0"
            },
            "upperBound":{
              "integerValue":"100"
            }
          }
        }
      }
    ]
  }
}

다른 열의 값에 따라 열 변환

다른 열의 값에 따라 열을 변환할 수 있습니다. 이 예시에서는 만 89세 이상 모든 환자에 대해 '해당 점수'를 수정합니다.

입력 변환된 테이블
연령 환자 행복 점수
101 찰스 디킨스 95
22 제인 오스틴 21
55 마크 트웨인 75
연령 환자 행복 점수
101 찰스 디킨스 **
22 제인 오스틴 21
55 마크 트웨인 75

자바


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.CharacterMaskConfig;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;

public class DeIdentifyTableConditionMasking {

  public static void deIdentifyTableConditionMasking() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    Table tableToDeIdentify = Table.newBuilder()
        .addHeaders(FieldId.newBuilder().setName("AGE").build())
        .addHeaders(FieldId.newBuilder().setName("PATIENT").build())
        .addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("101").build())
            .addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
            .addValues(Value.newBuilder().setStringValue("95").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("22").build())
            .addValues(Value.newBuilder().setStringValue("Jane Austen").build())
            .addValues(Value.newBuilder().setStringValue("21").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("55").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain").build())
            .addValues(Value.newBuilder().setStringValue("75").build())
            .build())
        .build();

    deIdentifyTableConditionMasking(projectId, tableToDeIdentify);
  }

  public static Table deIdentifyTableConditionMasking(String projectId, Table tableToDeIdentify)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      // Specify how the content should be de-identified.
      CharacterMaskConfig characterMaskConfig =
          CharacterMaskConfig.newBuilder()
              .setMaskingCharacter("*")
              .build();
      PrimitiveTransformation primitiveTransformation =
          PrimitiveTransformation.newBuilder()
              .setCharacterMaskConfig(characterMaskConfig)
              .build();

      // Specify field to be de-identified.
      FieldId fieldId = FieldId.newBuilder().setName("HAPPINESS SCORE").build();

      // Specify when the above field should be de-identified.
      Condition condition = Condition.newBuilder()
          .setField(FieldId.newBuilder().setName("AGE").build())
          .setOperator(RelationalOperator.GREATER_THAN)
          .setValue(Value.newBuilder().setIntegerValue(89).build())
          .build();
      // Apply the condition to records
      RecordCondition recordCondition = RecordCondition.newBuilder()
          .setExpressions(Expressions.newBuilder()
              .setConditions(Conditions.newBuilder()
                  .addConditions(condition)
                  .build())
              .build())
          .build();

      // Associate the de-identification and conditions with the specified field.
      FieldTransformation fieldTransformation =
          FieldTransformation.newBuilder()
              .setPrimitiveTransformation(primitiveTransformation)
              .addFields(fieldId)
              .setCondition(recordCondition)
              .build();
      RecordTransformations transformations =
          RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();

      DeidentifyConfig deidentifyConfig =
          DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();

      // Combine configurations into a request for the service.
      DeidentifyContentRequest request =
          DeidentifyContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setDeidentifyConfig(deidentifyConfig)
              .build();

      // Send the request and receive response from the service.
      DeidentifyContentResponse response = dlp.deidentifyContent(request);

      // Print the results.
      System.out.println(
          "Table after de-identification: " + response.getItem().getTable());

      return response.getItem().getTable();
    }
  }
}

API 탐색기 예시

"deidentifyConfig":{
  "recordTransformations":{
    "fieldTransformations":[
      {
        "fields":[
          {
            "name":"HAPPINESS SCORE"
          }
        ],
        "primitiveTransformation":{
          "characterMaskConfig":{
            "maskingCharacter":"*"
          }
        },
        "condition":{
          "expressions":{
            "conditions":{
              "conditions":[
                {
                  "field":{
                    "name":"AGE"
                  },
                  "operator":"GREATER_THAN",
                  "value":{
                    "integerValue":"89"
                  }
                }
              ]
            }
          }
        }
      }
    ]
  }
}

열에서 확인된 발견 항목 변환

셀 콘텐츠의 일부 또는 전체를 구성하는 발견 항목을 변환할 수 있습니다. 이 예시에서는 PERSON_NAME의 모든 인스턴스가 익명처리됩니다.

입력 변환된 테이블
연령 환자 행복 점수 FACTOID
101 찰스 디킨스 95 찰스 디킨스 이름은 셰익스피어가 발명한 저주였습니다.
22 제인 오스틴 21 제인 오스틴의 소설에는 14개의 입맞춤이 있습니다.
55 마크 트웨인 75 마크 트웨인은 고양이를 사랑했습니다.
연령 환자 행복 점수 FACTOID
101 [PERSON_NAME] 95 [PERSON_NAME]의 이름은 저주였으며 셰익스피어가 발명했을 가능성이 있습니다.
22 [PERSON_NAME] 21 [PERSON_NAME]의 소설에는 14번의 입맞춤이 나옵니다.
55 [PERSON_NAME] 75 [PERSON_NAME]은(는) 고양이를 사랑했습니다.

자바


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.ReplaceWithInfoTypeConfig;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;

public class DeIdentifyTableInfoTypes {

  public static void deIdentifyTableInfoTypes() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    Table tableToDeIdentify = Table.newBuilder()
        .addHeaders(FieldId.newBuilder().setName("AGE").build())
        .addHeaders(FieldId.newBuilder().setName("PATIENT").build())
        .addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
        .addHeaders(FieldId.newBuilder().setName("FACTOID").build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("101").build())
            .addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
            .addValues(Value.newBuilder().setStringValue("95").build())
            .addValues(Value.newBuilder().setStringValue(
                "Charles Dickens name was a curse, possibly invented by Shakespeare.").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("22").build())
            .addValues(Value.newBuilder().setStringValue("Jane Austen").build())
            .addValues(Value.newBuilder().setStringValue("21").build())
            .addValues(Value.newBuilder().setStringValue(
                "There are 14 kisses in Jane Austen's novels.").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("55").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain").build())
            .addValues(Value.newBuilder().setStringValue("75").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain loved cats.").build())
            .build())
        .build();

    deIdentifyTableInfoTypes(projectId, tableToDeIdentify);
  }

  public static Table deIdentifyTableInfoTypes(String projectId, Table tableToDeIdentify)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      // Specify how the content should be de-identified.
      // Select type of info to be replaced.
      InfoType infoType = InfoType.newBuilder().setName("PERSON_NAME").build();
      // Specify that findings should be replaced with corresponding info type name.
      ReplaceWithInfoTypeConfig replaceWithInfoTypeConfig =
          ReplaceWithInfoTypeConfig.getDefaultInstance();
      PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder()
          .setReplaceWithInfoTypeConfig(replaceWithInfoTypeConfig).build();
      // Associate info type with the replacement strategy
      InfoTypeTransformation infoTypeTransformation =
          InfoTypeTransformation.newBuilder()
              .addInfoTypes(infoType)
              .setPrimitiveTransformation(primitiveTransformation)
              .build();
      InfoTypeTransformations infoTypeTransformations =
          InfoTypeTransformations.newBuilder()
              .addTransformations(infoTypeTransformation)
              .build();

      // Specify fields to be de-identified.
      List<FieldId> fieldIds = Stream.of("PATIENT", "FACTOID")
          .map(id -> FieldId.newBuilder().setName(id).build())
          .collect(Collectors.toList());

      // Associate the de-identification and conditions with the specified field.
      FieldTransformation fieldTransformation =
          FieldTransformation.newBuilder()
              .setInfoTypeTransformations(infoTypeTransformations)
              .addAllFields(fieldIds)
              .build();
      RecordTransformations transformations =
          RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();

      DeidentifyConfig deidentifyConfig =
          DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();

      // Combine configurations into a request for the service.
      DeidentifyContentRequest request =
          DeidentifyContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setDeidentifyConfig(deidentifyConfig)
              .build();

      // Send the request and receive response from the service.
      DeidentifyContentResponse response = dlp.deidentifyContent(request);

      // Print the results.
      System.out.println(
          "Table after de-identification: " + response.getItem().getTable());

      return response.getItem().getTable();
    }
  }
}

API 탐색기 예시

"deidentifyConfig":{
  "recordTransformations":{
    "fieldTransformations":[
      {
        "infoTypeTransformations":{
          "transformations":[
            {
              "infoTypes":[
                {
                  "name":"PERSON_NAME"
                }
              ],
              "primitiveTransformation":{
                "replaceWithInfoTypeConfig":{

                }
              }
            }
          ]
        },
        "fields":[
          {
            "name":"PATIENT"
          },
          {
            "name":"FACTOID"
          }
        ]
      }
    ]
  }
}

열의 콘텐츠에 따라 행 표시 제한

열에 표시되는 콘텐츠를 기반으로 행을 완전히 삭제할 수 있습니다. 이 예시는 환자가 만 89세 이상이므로 '찰스 디킨스'의 레코드를 표시하지 않습니다.

입력 변환된 테이블
연령 환자 행복 점수
101 찰스 디킨스 95
22 제인 오스틴 21
55 마크 트웨인 75
연령 환자 행복 점수
22 제인 오스틴 21
55 마크 트웨인 75

자바


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordSuppression;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;

public class DeIdentifyTableRowSuppress {

  public static void deIdentifyTableRowSuppress() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    Table tableToDeIdentify = Table.newBuilder()
        .addHeaders(FieldId.newBuilder().setName("AGE").build())
        .addHeaders(FieldId.newBuilder().setName("PATIENT").build())
        .addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("101").build())
            .addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
            .addValues(Value.newBuilder().setStringValue("95").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("22").build())
            .addValues(Value.newBuilder().setStringValue("Jane Austen").build())
            .addValues(Value.newBuilder().setStringValue("21").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("55").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain").build())
            .addValues(Value.newBuilder().setStringValue("75").build())
            .build())
        .build();

    deIdentifyTableRowSuppress(projectId, tableToDeIdentify);
  }

  public static Table deIdentifyTableRowSuppress(String projectId, Table tableToDeIdentify)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      // Specify when the content should be de-identified.
      Condition condition = Condition.newBuilder()
          .setField(FieldId.newBuilder().setName("AGE").build())
          .setOperator(RelationalOperator.GREATER_THAN)
          .setValue(Value.newBuilder().setIntegerValue(89).build()).build();
      // Apply the condition to record suppression.
      RecordSuppression recordSuppressions =
          RecordSuppression.newBuilder()
              .setCondition(RecordCondition.newBuilder()
                  .setExpressions(Expressions.newBuilder()
                      .setConditions(Conditions.newBuilder().addConditions(condition).build())
                      .build())
                  .build())
              .build();
      // Use record suppression as the only transformation
      RecordTransformations transformations =
          RecordTransformations.newBuilder()
              .addRecordSuppressions(recordSuppressions)
              .build();

      DeidentifyConfig deidentifyConfig =
          DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();

      // Combine configurations into a request for the service.
      DeidentifyContentRequest request =
          DeidentifyContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setDeidentifyConfig(deidentifyConfig)
              .build();

      // Send the request and receive response from the service.
      DeidentifyContentResponse response = dlp.deidentifyContent(request);

      // Print the results.
      System.out.println(
          "Table after de-identification: " + response.getItem().getTable());

      return response.getItem().getTable();
    }
  }
}

API 탐색기 예시

"deidentifyConfig":{
  "recordTransformations":{
    "recordSuppressions":[
      {
        "condition":{
          "expressions":{
            "conditions":{
              "conditions":[
                {
                  "field":{
                    "name":"AGE"
                  },
                  "operator":"GREATER_THAN",
                  "value":{
                    "integerValue":"89"
                  }
                }
              ]
            }
          }
        }
      }
    ]
  }
}

다른 필드에서 특정 조건이 충족될 떄만 발견 항목을 변환합니다.

이 예시에서 PERSON_NAME 발견 항목은 '연령' 열에 환자의 연령이 만 89세 이상이라고 표시되는 경우에만 수정됩니다.

입력 변환된 테이블
연령 환자 행복 점수 FACTOID
101 찰스 디킨스 95 찰스 디킨스 이름은 셰익스피어가 발명한 저주였습니다.
22 제인 오스틴 21 제인 오스틴의 소설에는 14개의 입맞춤이 있습니다.
55 마크 트웨인 75 마크 트웨인은 고양이를 사랑했습니다.
연령 환자 행복 점수 FACTOID
101 [PERSON_NAME] 95 [PERSON_NAME] 이름은 [PERSON_NAME]이(가) 발명한 저주였습니다.
22 제인 오스틴 21 제인 오스틴의 소설에는 14개의 입맞춤이 있습니다.
55 마크 트웨인 75 마크 트웨인은 고양이를 사랑했습니다.

자바


import com.google.cloud.dlp.v2.DlpServiceClient;
import com.google.privacy.dlp.v2.ContentItem;
import com.google.privacy.dlp.v2.DeidentifyConfig;
import com.google.privacy.dlp.v2.DeidentifyContentRequest;
import com.google.privacy.dlp.v2.DeidentifyContentResponse;
import com.google.privacy.dlp.v2.FieldId;
import com.google.privacy.dlp.v2.FieldTransformation;
import com.google.privacy.dlp.v2.InfoType;
import com.google.privacy.dlp.v2.InfoTypeTransformations;
import com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation;
import com.google.privacy.dlp.v2.LocationName;
import com.google.privacy.dlp.v2.PrimitiveTransformation;
import com.google.privacy.dlp.v2.RecordCondition;
import com.google.privacy.dlp.v2.RecordCondition.Condition;
import com.google.privacy.dlp.v2.RecordCondition.Conditions;
import com.google.privacy.dlp.v2.RecordCondition.Expressions;
import com.google.privacy.dlp.v2.RecordTransformations;
import com.google.privacy.dlp.v2.RelationalOperator;
import com.google.privacy.dlp.v2.ReplaceWithInfoTypeConfig;
import com.google.privacy.dlp.v2.Table;
import com.google.privacy.dlp.v2.Table.Row;
import com.google.privacy.dlp.v2.Value;
import java.io.IOException;
import java.util.List;
import java.util.stream.Collectors;
import java.util.stream.Stream;

public class DeIdentifyTableConditionInfoTypes {

  public static void deIdentifyTableConditionInfoTypes() throws IOException {
    // TODO(developer): Replace these variables before running the sample.
    String projectId = "your-project-id";
    Table tableToDeIdentify = Table.newBuilder()
        .addHeaders(FieldId.newBuilder().setName("AGE").build())
        .addHeaders(FieldId.newBuilder().setName("PATIENT").build())
        .addHeaders(FieldId.newBuilder().setName("HAPPINESS SCORE").build())
        .addHeaders(FieldId.newBuilder().setName("FACTOID").build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("101").build())
            .addValues(Value.newBuilder().setStringValue("Charles Dickens").build())
            .addValues(Value.newBuilder().setStringValue("95").build())
            .addValues(Value.newBuilder().setStringValue(
                "Charles Dickens name was a curse, possibly invented by Shakespeare.").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("22").build())
            .addValues(Value.newBuilder().setStringValue("Jane Austen").build())
            .addValues(Value.newBuilder().setStringValue("21").build())
            .addValues(Value.newBuilder().setStringValue(
                "There are 14 kisses in Jane Austen's novels.").build())
            .build())
        .addRows(Row.newBuilder()
            .addValues(Value.newBuilder().setStringValue("55").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain").build())
            .addValues(Value.newBuilder().setStringValue("75").build())
            .addValues(Value.newBuilder().setStringValue("Mark Twain loved cats.").build())
            .build())
        .build();

    deIdentifyTableConditionInfoTypes(projectId, tableToDeIdentify);
  }

  public static Table deIdentifyTableConditionInfoTypes(String projectId, Table tableToDeIdentify)
      throws IOException {
    // Initialize client that will be used to send requests. This client only needs to be created
    // once, and can be reused for multiple requests. After completing all of your requests, call
    // the "close" method on the client to safely clean up any remaining background resources.
    try (DlpServiceClient dlp = DlpServiceClient.create()) {
      // Specify what content you want the service to de-identify.
      ContentItem contentItem = ContentItem.newBuilder().setTable(tableToDeIdentify).build();

      // Specify how the content should be de-identified.
      // Select type of info to be replaced.
      InfoType infoType = InfoType.newBuilder().setName("PERSON_NAME").build();
      // Specify that findings should be replaced with corresponding info type name.
      ReplaceWithInfoTypeConfig replaceWithInfoTypeConfig =
          ReplaceWithInfoTypeConfig.getDefaultInstance();
      PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder()
          .setReplaceWithInfoTypeConfig(replaceWithInfoTypeConfig).build();
      // Associate info type with the replacement strategy
      InfoTypeTransformation infoTypeTransformation =
          InfoTypeTransformation.newBuilder()
              .addInfoTypes(infoType)
              .setPrimitiveTransformation(primitiveTransformation)
              .build();
      InfoTypeTransformations infoTypeTransformations =
          InfoTypeTransformations.newBuilder()
              .addTransformations(infoTypeTransformation)
              .build();

      // Specify fields to be de-identified.
      List<FieldId> fieldIds = Stream.of("PATIENT", "FACTOID")
          .map(id -> FieldId.newBuilder().setName(id).build())
          .collect(Collectors.toList());

      // Specify when the above fields should be de-identified.
      Condition condition = Condition.newBuilder()
          .setField(FieldId.newBuilder().setName("AGE").build())
          .setOperator(RelationalOperator.GREATER_THAN)
          .setValue(Value.newBuilder().setIntegerValue(89).build())
          .build();
      // Apply the condition to records
      RecordCondition recordCondition = RecordCondition.newBuilder()
          .setExpressions(Expressions.newBuilder()
              .setConditions(Conditions.newBuilder()
                  .addConditions(condition)
                  .build())
              .build())
          .build();

      // Associate the de-identification and conditions with the specified fields.
      FieldTransformation fieldTransformation =
          FieldTransformation.newBuilder()
              .setInfoTypeTransformations(infoTypeTransformations)
              .addAllFields(fieldIds)
              .setCondition(recordCondition)
              .build();
      RecordTransformations transformations =
          RecordTransformations.newBuilder().addFieldTransformations(fieldTransformation).build();

      DeidentifyConfig deidentifyConfig =
          DeidentifyConfig.newBuilder().setRecordTransformations(transformations).build();

      // Combine configurations into a request for the service.
      DeidentifyContentRequest request =
          DeidentifyContentRequest.newBuilder()
              .setParent(LocationName.of(projectId, "global").toString())
              .setItem(contentItem)
              .setDeidentifyConfig(deidentifyConfig)
              .build();

      // Send the request and receive response from the service.
      DeidentifyContentResponse response = dlp.deidentifyContent(request);

      // Print the results.
      System.out.println(
          "Table after de-identification: " + response.getItem().getTable());

      return response.getItem().getTable();
    }
  }
}

API 탐색기 예시

"deidentifyConfig":{
  "recordTransformations":{
    "fieldTransformations":[
      {
        "infoTypeTransformations":{
          "transformations":[
            {
              "infoTypes":[
                {
                  "name":"PERSON_NAME"
                }
              ],
              "primitiveTransformation":{
                "replaceWithInfoTypeConfig":{

                }
              }
            }
          ]
        },
        "fields":[
          {
            "name":"PATIENT"
          },
          {
            "name":"FACTOID"
          }
        ],
        "condition":{
          "expressions":{
            "conditions":{
              "conditions":[
                {
                  "field":{
                    "name":"AGE"
                  },
                  "operator":"GREATER_THAN",
                  "value":{
                    "integerValue":"89"
                  }
                }
              ]
            }
          }
        }
      }
    ]
  }
}

암호화 해시 변환을 사용하여 발견 항목 변환

다음 JSON 예시에서는 infoType 변환을 사용하여 Cloud DLP API가 전체 테이블 구조에서 특정 infoType을 검사한 다음 일시적인 CryptoKey를 사용하여 일치하는 값을 암호화하도록 지시합니다.

다음 예시에서는 암호화 해시 변환을 사용하여 두 개의 infoType을 익명화하는 방법을 보여줍니다.

입력:

사용자 ID 댓글
user1@example.org 내 이메일은 user1@example.org이고 전화번호는 858-555-0222입니다.
user2@example.org 내 이메일은 user2@example.org이고 전화번호는 858-555-0223입니다.
user3@example.org 내 이메일은 user3@example.org이고 전화 번호는 858-555-0224입니다.

변환된 테이블:

사용자 ID 댓글
1kSfj3Op64MH1BiznupEpX0BdQrHMm62X6abgsPH5zM= 내 이메일는 1kSfj3Op64MH1BiznupEpX0BdQrHMm62X6abgsPH5zM=이고 전화번호는 hYXPcsJNBCe1rr51sHiVw2KhtoyMe4HEFKNHWFcDVm0=입니다.
4ESy7+rEN8NVaUJ6J7kwvcgW8wcm0cm5gbBAcu6SfdM= 내 이메일은 4ESy7+rEN8NVaUJ6J7kwvcgW8wcm0cm5gbBAcu6SfdM=이고 전화번호는 KKqW1tQwgvGiC6iWJHhLiz2enNSEFRzhmLOf9fSTxRw=입니다.
bu1blyd/mbjLmpF2Rdi6zpgsLatSwpJLVki2fMeudM0= 내 이메일은 bu1blyd/mbjLmpF2Rdi6zpgsLatSwpJLVki2fMeudM0=이고 전화번호는 eNt7qtZVLmxRb8z8NBR/+z00In07CI3hEMStbwofWoc=입니다.

API 탐색기 예시

{
  "inspectConfig":{
    "infoTypes":[
      {
        "name":"EMAIL_ADDRESS"
      },
      {
        "name":"PHONE_NUMBER"
      }
    ]
  },
  "deidentifyConfig":{
    "infoTypeTransformations":{
      "transformations":[
        {
          "infoTypes":[
            {
              "name":"EMAIL_ADDRESS"
            },
            {
              "name":"PHONE_NUMBER"
            }
          ],
          "primitiveTransformation":{
            "cryptoHashConfig":{
              "cryptoKey":{
                "transient":{
                  "name":"[TRANSIENT-CRYPTO-KEY]"
                }
              }
            }
          }
        }
      ]
    }
  },
  "item":{
    "table":{
      "headers":[
        {
          "name":"userid"
        },
        {
          "name":"comments"
        }
      ],
      "rows":[
        {
          "values":[
            {
              "stringValue":"abby_abernathy@example.org"
            },
            {
              "stringValue":"my email is abby_abernathy@example.org and phone is 858-555-0222"
            }
          ]
        },
        {
          "values":[
            {
              "stringValue":"bert_beauregard@example.org"
            },
            {
              "stringValue":"my email is bert_beauregard@example.org and phone is 858-555-0223"
            }
          ]
        },
        {
          "values":[
            {
              "stringValue":"cathy_crenshaw@example.org"
            },
            {
              "stringValue":"my email is cathy_crenshaw@example.org and phone is 858-555-0224"
            }
          ]
        }
      ]
    }
  }
}

서로 다른 두 개의 암호화 해시 변환을 사용하여 발견 항목 변환

이 예시에서는 단일 익명화 구성 내에서 다양한 변환에 서로 다른 암호화 키를 사용하는 방법을 보여줍니다. 먼저 '사용자 ID' 필드의 필드 변환이 선언됩니다. 이 변환에는 infoType 변환이 포함되지 않으므로 데이터 유형에 관계없이 각 행의 '사용자 ID' 필드가 변환됩니다. 그런 다음 다른 필드 변환이 선언됩니다.이 변환은 '댓글' 필드에 있습니다.

입력:

사용자 ID 댓글
user1@example.org 내 이메일은 user1@example.org이고 전화번호는 858-555-0222입니다.
abbyabernathy1 내 사용자 ID는 abbyabernathy1이고 이메일은 aabernathy@example.com입니다.

변환된 테이블:

사용자 ID 댓글
5WvS4+aJtCCwWWG79cmRNamDgyvJ+CkuwNpA2gaR1VQ= 내 이메일은 vjqGLaA6+NUUnZAWXpI72lU1GfwQdOKu7XqWaJPcvQQ=이고 전화번호는 phone is BY+mSXXTu6mOoX5pr0Xbse60uelsSHmwRCq6HcscKtk=입니다.
t0dOmHvkT0VsM++SVmESVKHenLkmhBmFezH3hSDldDg= 내 사용자 ID는 abbyabernathy1이고 이메일은 TQ3ancdUn9zgwO5qe6ahkmVrBuNhvlMknxjPjIt0N2w=입니다.

API 탐색기 예시

{
  "inspectConfig":{
    "infoTypes":[
      {
        "name":"EMAIL_ADDRESS"
      },
      {
        "name":"PHONE_NUMBER"
      }
    ]
  },
  "deidentifyConfig":{
    "recordTransformations":{
      "fieldTransformations":[
        {
          "fields":[
            {
              "name":"userid"
            }
          ],
          "primitiveTransformation":{
            "cryptoHashConfig":{
              "cryptoKey":{
                "transient":{
                  "name":"[TRANSIENT-CRYPTO-KEY-1]"
                }
              }
            }
          }
        },
        {
          "fields":[
            {
              "name":"comments"
            }
          ],
          "infoTypeTransformations":{
            "transformations":[
              {
                "infoTypes":[
                  {
                    "name":"PHONE_NUMBER"
                  },
                  {
                    "name":"EMAIL_ADDRESS"
                  }
                ],
                "primitiveTransformation":{
                  "cryptoHashConfig":{
                    "cryptoKey":{
                      "transient":{
                        "name":"[TRANSIENT-CRYPTO-KEY-2]"
                      }
                    }
                  }
                }
              }
            ]
          }
        }
      ]
    }
  },
  "item":{
    "table":{
      "headers":[
        {
          "name":"userid"
        },
        {
          "name":"comments"
        }
      ],
      "rows":[
        {
          "values":[
            {
              "stringValue":"user1@example.org"
            },
            {
              "stringValue":"my email is user1@example.org and phone is 858-333-2222"
            }
          ]
        },
        {
          "values":[
            {
              "stringValue":"abbyabernathy1"
            },
            {
              "stringValue":"my userid is abbyabernathy1 and my email is aabernathy@example.com"
            }
          ]
        }
      ]
    }
  }
}