3種常見的數(shù)據(jù)脫敏方案
目錄
SQL數(shù)據(jù)脫敏實現(xiàn)
JAVA數(shù)據(jù)脫敏實現(xiàn)
mybatis-mate-sensitive-jackson
1.SQL數(shù)據(jù)脫敏實現(xiàn)
MYSQL(電話號碼,身份證)數(shù)據(jù)脫敏的實現(xiàn)
--?CONCAT()、LEFT()和RIGHT()字符串函數(shù)組合使用,請看下面具體實現(xiàn)
?
-- CONCAT(str1,str2,…):返回結(jié)果為連接參數(shù)產(chǎn)生的字符串
-- LEFT(str,len):返回從字符串str 開始的len 最左字符
-- RIGHT(str,len):從字符串str 開始,返回最右len 字符
?
--?電話號碼脫敏sql:
?
SELECT?mobilePhone?AS?脫敏前電話號碼,CONCAT(LEFT(mobilePhone,3),?'********'?)?AS?脫敏后電話號碼?FROM?t_s_user
?
--?身份證號碼脫敏sql:
?
SELECT?idcard?AS?未脫敏身份證,?CONCAT(LEFT(idcard,3),?'****'?,RIGHT(idcard,4))?AS?脫敏后身份證號?FROM?t_s_user
2.JAVA數(shù)據(jù)脫敏實現(xiàn)
可參考:海強 / sensitive-plus
https://gitee.com/strong_sea/sensitive-plus
數(shù)據(jù)脫敏插件,目前支持地址脫敏、銀行卡號脫敏、中文姓名脫敏、固話脫敏、身份證號脫敏、手機號脫敏、密碼脫敏 一個是正則脫敏、另外一個根據(jù)顯示長度脫敏,默認(rèn)是正則脫敏,可以根據(jù)自己的需要配置自己的規(guī)則。
3.mybatis-mate-sensitive-jackson
mybatisplus 的新作,可以測試使用,生產(chǎn)需要收費。
根據(jù)定義的策略類型,對數(shù)據(jù)進行脫敏,當(dāng)然策略可以自定義。
#?目前已有
package?mybatis.mate.strategy;
?
public?interface?SensitiveType?{
????String?chineseName?=?"chineseName";
????String?idCard?=?"idCard";
????String?phone?=?"phone";
????String?mobile?=?"mobile";
????String?address?=?"address";
????String?email?=?"email";
????String?bankCard?=?"bankCard";
????String?password?=?"password";
????String?carNumber?=?"carNumber";
}
Demo 代碼目錄
1、pom.xml
<project?xmlns="http://maven.apache.org/POM/4.0.0"?xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
?????????xsi:schemaLocation="http://maven.apache.org/POM/4.0.0?http://maven.apache.org/xsd/maven-4.0.0.xsd">
????<parent>
????????<groupId>com.baomidougroupId>
????????<artifactId>mybatis-mate-examplesartifactId>
????????<version>0.0.1-SNAPSHOTversion>
????parent>
????<modelVersion>4.0.0modelVersion>
????<artifactId>mybatis-mate-sensitive-jacksonartifactId>
????<dependencies>
????????<dependency>
????????????<groupId>mysqlgroupId>
????????????<artifactId>mysql-connector-javaartifactId>
????????dependency>
????dependencies>
?
project>
2、appliation.yml
#?DataSource?Config
spring:
??datasource:
#????driver-class-name:?org.h2.Driver
#????schema:?classpath:db/schema-h2.sql
#????data:?classpath:db/data-h2.sql
#????url:?jdbc:h2:mem:test
#????username:?root
#????password:?test
????driver-class-name:?com.mysql.cj.jdbc.Driver
????url:?jdbc:mysql://localhost:3306/mybatis_mate?useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC
????username:?root
????password:?123456
#?Mybatis?Mate?配置
mybatis-mate:
??cert:
????#?請?zhí)砑游⑿舧x153666購買授權(quán),不白嫖從我做起!?測試證書會失效,請勿正式環(huán)境使用
????grant:?thisIsTestLicense
????license:?as/bsBaSVrsA9FfjC/N77ruEt2/QZDrW+MHETNuEuZBra5mlaXZU+DE1ZvF8UjzlLCpH3TFVH3WPV+Ya7Ugiz1Rx4wSh/FK6Ug9lhos7rnsNaRB/+mR30aXqtlLt4dAmLAOCT56r9mikW+t1DDJY8TVhERWMjEipbqGO9oe1fqYCegCEX8tVCpToKr5J1g1V86mNsNnEGXujnLlEw9jBTrGxAyQroD7Ns1Dhwz1K4Y188mvmRQp9t7OYrpgsC7N9CXq1s1c2GtvfItHArkqHE4oDrhaPjpbMjFWLI5/XqZDtW3D+AVcH7pTcYZn6vzFfDZEmfDFV5fQlT3Rc+GENEg==
?
#?Logger?Config
logging:
??level:
????mybatis.mate:?debug
3、Appliation啟動類
package?mybatis.mate.sensitive.jackson;
?
import?org.springframework.boot.SpringApplication;
import?org.springframework.boot.autoconfigure.SpringBootApplication;
?
@SpringBootApplication
public?class?SensitiveJacksonApplication?{
?
????//?測試訪問?http://localhost:8080/info?,http://localhost:8080/list
????public?static?void?main(String[]?args)?{
????????SpringApplication.run(SensitiveJacksonApplication.class,?args);
????}
}
4、配置類,自定義脫敏策略
package?mybatis.mate.sensitive.jackson.config;
?
import?mybatis.mate.databind.ISensitiveStrategy;
import?mybatis.mate.strategy.SensitiveStrategy;
import?org.springframework.context.annotation.Bean;
import?org.springframework.context.annotation.Configuration;
?
@Configuration
public?class?SensitiveStrategyConfig?{
?
????/**
?????*?注入脫敏策略
?????*/
????@Bean
????public?ISensitiveStrategy?sensitiveStrategy()?{
????????//?自定義?testStrategy?類型脫敏處理
????????return?new?SensitiveStrategy().addStrategy("testStrategy",?t?->?t?+?"***test***");
????}
}
5、業(yè)務(wù)類
User,注解標(biāo)識脫敏字段,及選用脫敏策略
package?mybatis.mate.sensitive.jackson.entity;
?
import?lombok.Getter;
import?lombok.Setter;
import?mybatis.mate.annotation.FieldSensitive;
import?mybatis.mate.sensitive.jackson.config.SensitiveStrategyConfig;
import?mybatis.mate.strategy.SensitiveType;
?
@Getter
@Setter
public?class?User?{
????private?Long?id;
????/**
?????*?這里是一個自定義的策略?{@link?SensitiveStrategyConfig}?初始化注入
?????*/
????@FieldSensitive("testStrategy")
????private?String?username;
????/**
?????*?默認(rèn)支持策略?{@link?SensitiveType?}
?????*/
????@FieldSensitive(SensitiveType.mobile)
????private?String?mobile;
????@FieldSensitive(SensitiveType.email)
????private?String?email;
?
}
UserController
package?mybatis.mate.sensitive.jackson.controller;
?
import?mybatis.mate.databind.ISensitiveStrategy;
import?mybatis.mate.databind.RequestDataTransfer;
import?mybatis.mate.sensitive.jackson.entity.User;
import?mybatis.mate.sensitive.jackson.mapper.UserMapper;
import?mybatis.mate.strategy.SensitiveType;
import?org.springframework.beans.factory.annotation.Autowired;
import?org.springframework.web.bind.annotation.GetMapping;
import?org.springframework.web.bind.annotation.RestController;
?
import?javax.servlet.http.HttpServletRequest;
import?java.util.HashMap;
import?java.util.List;
import?java.util.Map;
?
@RestController
public?class?UserController?{
????@Autowired
????private?UserMapper?userMapper;
????@Autowired
????private?ISensitiveStrategy?sensitiveStrategy;
?
????//?測試訪問?http://localhost:8080/info
????@GetMapping("/info")
????public?User?info()?{
????????return?userMapper.selectById(1L);
????}
?
????//?測試返回?map?訪問?http://localhost:8080/map
????@GetMapping("/map")
????public?Map?map()? {
????????//?測試嵌套對象脫敏
????????Map?userMap?=?new?HashMap<>();
????????userMap.put("user",?userMapper.selectById(1L));
????????userMap.put("test",?123);
????????userMap.put("userMap",?new?HashMap()?{{
????????????put("user2",?userMapper.selectById(2L));
????????????put("test2",?"hi?china");
????????}});
????????//?手動調(diào)用策略脫敏
????????userMap.put("mobile",?sensitiveStrategy.getStrategyFunctionMap()
????????????????.get(SensitiveType.mobile).apply("15315388888"));
????????return?userMap;
????}
?
????//?測試訪問?http://localhost:8080/list
????//?不脫敏?http://localhost:8080/list?skip=1
????@GetMapping("/list")
????public?List?list(HttpServletRequest?request)? {
????????if?("1".equals(request.getParameter("skip")))?{
????????????//?跳過脫密處理
????????????RequestDataTransfer.skipSensitive();
????????}
????????return?userMapper.selectList(null);
????}
}
UserMapper
package?mybatis.mate.sensitive.jackson.mapper;
?
import?com.baomidou.mybatisplus.core.mapper.BaseMapper;
import?mybatis.mate.sensitive.jackson.entity.User;
import?org.apache.ibatis.annotations.Mapper;
?
@Mapper
public?interface?UserMapper?extends?BaseMapper<User>?{
?
}
6、測試
GET http://localhost:8080/list
[
??{
????"id":?1,
????"username":?"Jone***test***",
????"mobile":?"153******81",
????"email":?"t****@baomidou.com"
??},
??{
????"id":?2,
????"username":?"Jack***test***",
????"mobile":?"153******82",
????"email":?"t****@baomidou.com"
??},
??{
????"id":?3,
????"username":?"Tom***test***",
????"mobile":?"153******83",
????"email":?"t****@baomidou.com"
??}
]
GET http://localhost:8080/list?skip=1
[
??{
????"id":?1,
????"username":?"Jone",
????"mobile":?"15315388881",
????"email":?"[email protected]"
??},
??{
????"id":?2,
????"username":?"Jack",
????"mobile":?"15315388882",
????"email":?"[email protected]"
??},
??{
????"id":?3,
????"username":?"Tom",
????"mobile":?"15315388883",
????"email":?"[email protected]"
??}
]
來源:https://blog.csdn.net/weixin_61594803
推薦閱讀:
不是你需要中臺,而是一名合格的架構(gòu)師(附各大廠中臺建設(shè)PPT)
論數(shù)字化轉(zhuǎn)型——轉(zhuǎn)什么,如何轉(zhuǎn)?
企業(yè)10大管理流程圖,數(shù)字化轉(zhuǎn)型從業(yè)者必備!
【中臺實踐】華為大數(shù)據(jù)中臺架構(gòu)分享.pdf
評論
圖片
表情