Search in sources :

Example 1 with SurrogateType

use of com.google.privacy.dlp.v2.CustomInfoType.SurrogateType in project java-docs-samples by GoogleCloudPlatform.

the class DeIdentification method main.

// [END dlp_deidentify_date_shift]
/**
 * Command line application to de-identify data using the Data Loss Prevention API. Supported data
 * format: strings
 */
public static void main(String[] args) throws Exception {
    OptionGroup optionsGroup = new OptionGroup();
    optionsGroup.setRequired(true);
    Option deidentifyMaskingOption = new Option("m", "mask", true, "Deidentify with character masking.");
    optionsGroup.addOption(deidentifyMaskingOption);
    Option deidentifyFpeOption = new Option("f", "fpe", true, "Deidentify with format-preserving encryption.");
    optionsGroup.addOption(deidentifyFpeOption);
    Option reidentifyFpeOption = new Option("r", "reid", true, "Reidentify with format-preserving encryption.");
    optionsGroup.addOption(reidentifyFpeOption);
    Option deidentifyDateShiftOption = new Option("d", "date", false, "Deidentify dates in a CSV file.");
    optionsGroup.addOption(deidentifyDateShiftOption);
    Options commandLineOptions = new Options();
    commandLineOptions.addOptionGroup(optionsGroup);
    Option maskingCharacterOption = Option.builder("maskingCharacter").hasArg(true).required(false).build();
    commandLineOptions.addOption(maskingCharacterOption);
    Option surrogateTypeOption = Option.builder("surrogateType").hasArg(true).required(false).build();
    commandLineOptions.addOption(surrogateTypeOption);
    Option numberToMaskOption = Option.builder("numberToMask").hasArg(true).required(false).build();
    commandLineOptions.addOption(numberToMaskOption);
    Option alphabetOption = Option.builder("commonAlphabet").hasArg(true).required(false).build();
    commandLineOptions.addOption(alphabetOption);
    Option wrappedKeyOption = Option.builder("wrappedKey").hasArg(true).required(false).build();
    commandLineOptions.addOption(wrappedKeyOption);
    Option keyNameOption = Option.builder("keyName").hasArg(true).required(false).build();
    commandLineOptions.addOption(keyNameOption);
    Option inputCsvPathOption = Option.builder("inputCsvPath").hasArg(true).required(false).build();
    commandLineOptions.addOption(inputCsvPathOption);
    Option outputCsvPathOption = Option.builder("outputCsvPath").hasArg(true).required(false).build();
    commandLineOptions.addOption(outputCsvPathOption);
    Option dateFieldsOption = Option.builder("dateFields").hasArg(true).required(false).build();
    commandLineOptions.addOption(dateFieldsOption);
    Option lowerBoundDaysOption = Option.builder("lowerBoundDays").hasArg(true).required(false).build();
    commandLineOptions.addOption(lowerBoundDaysOption);
    Option upperBoundDaysOption = Option.builder("upperBoundDays").hasArg(true).required(false).build();
    commandLineOptions.addOption(upperBoundDaysOption);
    Option contextFieldNameOption = Option.builder("contextField").hasArg(true).required(false).build();
    commandLineOptions.addOption(contextFieldNameOption);
    Option projectIdOption = Option.builder("projectId").hasArg(true).required(false).build();
    commandLineOptions.addOption(projectIdOption);
    CommandLineParser parser = new DefaultParser();
    HelpFormatter formatter = new HelpFormatter();
    CommandLine cmd;
    try {
        cmd = parser.parse(commandLineOptions, args);
    } catch (ParseException e) {
        System.out.println(e.getMessage());
        formatter.printHelp(DeIdentification.class.getName(), commandLineOptions);
        System.exit(1);
        return;
    }
    // default to auto-detected project id when not explicitly provided
    String projectId = cmd.getOptionValue(projectIdOption.getOpt(), ServiceOptions.getDefaultProjectId());
    if (cmd.hasOption("m")) {
        // deidentification with character masking
        int numberToMask = Integer.parseInt(cmd.getOptionValue(numberToMaskOption.getOpt(), "0"));
        char maskingCharacter = cmd.getOptionValue(maskingCharacterOption.getOpt(), "*").charAt(0);
        String val = cmd.getOptionValue(deidentifyMaskingOption.getOpt());
        deIdentifyWithMask(val, maskingCharacter, numberToMask, projectId);
    } else if (cmd.hasOption("f")) {
        // deidentification with FPE
        String wrappedKey = cmd.getOptionValue(wrappedKeyOption.getOpt());
        String keyName = cmd.getOptionValue(keyNameOption.getOpt());
        String val = cmd.getOptionValue(deidentifyFpeOption.getOpt());
        String surrogateType = cmd.getOptionValue(surrogateTypeOption.getOpt());
        FfxCommonNativeAlphabet alphabet = FfxCommonNativeAlphabet.valueOf(cmd.getOptionValue(alphabetOption.getOpt(), FfxCommonNativeAlphabet.ALPHA_NUMERIC.name()));
        deIdentifyWithFpe(val, alphabet, keyName, wrappedKey, projectId, surrogateType);
    } else if (cmd.hasOption("d")) {
        // deidentify with date shift
        String inputCsv = cmd.getOptionValue(inputCsvPathOption.getOpt());
        String outputCsv = cmd.getOptionValue(outputCsvPathOption.getOpt());
        String contextField = cmd.getOptionValue(contextFieldNameOption.getOpt(), null);
        String wrappedKey = cmd.getOptionValue(wrappedKeyOption.getOpt(), null);
        String keyName = cmd.getOptionValue(keyNameOption.getOpt(), null);
        String[] dateFields = cmd.getOptionValue(dateFieldsOption.getOpt(), "").split(",");
        int lowerBoundsDay = Integer.valueOf(cmd.getOptionValue(lowerBoundDaysOption.getOpt()));
        int upperBoundsDay = Integer.valueOf(cmd.getOptionValue(upperBoundDaysOption.getOpt()));
        deidentifyWithDateShift(Paths.get(inputCsv), Paths.get(outputCsv), dateFields, lowerBoundsDay, upperBoundsDay, contextField, wrappedKey, keyName, projectId);
    } else if (cmd.hasOption("r")) {
        // reidentification with FPE
        String wrappedKey = cmd.getOptionValue(wrappedKeyOption.getOpt());
        String keyName = cmd.getOptionValue(keyNameOption.getOpt());
        String val = cmd.getOptionValue(reidentifyFpeOption.getOpt());
        String surrogateType = cmd.getOptionValue(surrogateTypeOption.getOpt());
        FfxCommonNativeAlphabet alphabet = FfxCommonNativeAlphabet.valueOf(cmd.getOptionValue(alphabetOption.getOpt(), FfxCommonNativeAlphabet.ALPHA_NUMERIC.name()));
        reIdentifyWithFpe(val, alphabet, keyName, wrappedKey, projectId, surrogateType);
    }
}
Also used : Options(org.apache.commons.cli.Options) ServiceOptions(com.google.cloud.ServiceOptions) ByteString(com.google.protobuf.ByteString) HelpFormatter(org.apache.commons.cli.HelpFormatter) CommandLine(org.apache.commons.cli.CommandLine) OptionGroup(org.apache.commons.cli.OptionGroup) Option(org.apache.commons.cli.Option) CommandLineParser(org.apache.commons.cli.CommandLineParser) DateTimeParseException(java.time.format.DateTimeParseException) ParseException(org.apache.commons.cli.ParseException) FfxCommonNativeAlphabet(com.google.privacy.dlp.v2.CryptoReplaceFfxFpeConfig.FfxCommonNativeAlphabet) DefaultParser(org.apache.commons.cli.DefaultParser)

Example 2 with SurrogateType

use of com.google.privacy.dlp.v2.CustomInfoType.SurrogateType in project java-docs-samples by GoogleCloudPlatform.

the class DeIdentification method reIdentifyWithFpe.

// [END dlp_deidentify_fpe]
// [START dlp_reidentify_fpe]
/**
 * Reidentify a string by encrypting sensitive information while preserving format.
 *
 * @param string The string to reidentify.
 * @param alphabet The set of characters used when encrypting the input. For more information, see
 *     cloud.google.com/dlp/docs/reference/rest/v2/content/deidentify
 * @param keyName The name of the Cloud KMS key to use when decrypting the wrapped key.
 * @param wrappedKey The encrypted (or "wrapped") AES-256 encryption key.
 * @param projectId ID of Google Cloud project to run the API under.
 * @param surrogateType The name of the surrogate custom info type to used during the encryption
 *     process.
 */
private static void reIdentifyWithFpe(String string, FfxCommonNativeAlphabet alphabet, String keyName, String wrappedKey, String projectId, String surrogateType) {
    // instantiate a client
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        ContentItem contentItem = ContentItem.newBuilder().setValue(string).build();
        InfoType surrogateTypeObject = InfoType.newBuilder().setName(surrogateType).build();
        // Create the format-preserving encryption (FPE) configuration
        KmsWrappedCryptoKey kmsWrappedCryptoKey = KmsWrappedCryptoKey.newBuilder().setWrappedKey(ByteString.copyFrom(BaseEncoding.base64().decode(wrappedKey))).setCryptoKeyName(keyName).build();
        CryptoKey cryptoKey = CryptoKey.newBuilder().setKmsWrapped(kmsWrappedCryptoKey).build();
        CryptoReplaceFfxFpeConfig cryptoReplaceFfxFpeConfig = CryptoReplaceFfxFpeConfig.newBuilder().setCryptoKey(cryptoKey).setCommonAlphabet(alphabet).setSurrogateInfoType(surrogateTypeObject).build();
        // Create the deidentification transformation configuration
        PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder().setCryptoReplaceFfxFpeConfig(cryptoReplaceFfxFpeConfig).build();
        InfoTypeTransformation infoTypeTransformationObject = InfoTypeTransformation.newBuilder().setPrimitiveTransformation(primitiveTransformation).addInfoTypes(surrogateTypeObject).build();
        InfoTypeTransformations infoTypeTransformationArray = InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformationObject).build();
        // Create the inspection config
        CustomInfoType customInfoType = CustomInfoType.newBuilder().setInfoType(surrogateTypeObject).setSurrogateType(SurrogateType.newBuilder().build()).build();
        InspectConfig inspectConfig = InspectConfig.newBuilder().addCustomInfoTypes(customInfoType).build();
        // Create the reidentification request object
        DeidentifyConfig reidentifyConfig = DeidentifyConfig.newBuilder().setInfoTypeTransformations(infoTypeTransformationArray).build();
        ReidentifyContentRequest request = ReidentifyContentRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setReidentifyConfig(reidentifyConfig).setInspectConfig(inspectConfig).setItem(contentItem).build();
        // Execute the deidentification request
        ReidentifyContentResponse response = dlpServiceClient.reidentifyContent(request);
        // Print the reidentified input value
        // e.g. "My SSN is 7261298621" --> "My SSN is 123456789"
        String result = response.getItem().getValue();
        System.out.println(result);
    } catch (Exception e) {
        System.out.println("Error in reidentifyWithFpe: " + e.getMessage());
    }
}
Also used : InfoTypeTransformations(com.google.privacy.dlp.v2.InfoTypeTransformations) ReidentifyContentRequest(com.google.privacy.dlp.v2.ReidentifyContentRequest) PrimitiveTransformation(com.google.privacy.dlp.v2.PrimitiveTransformation) CryptoKey(com.google.privacy.dlp.v2.CryptoKey) KmsWrappedCryptoKey(com.google.privacy.dlp.v2.KmsWrappedCryptoKey) ByteString(com.google.protobuf.ByteString) ReidentifyContentResponse(com.google.privacy.dlp.v2.ReidentifyContentResponse) InspectConfig(com.google.privacy.dlp.v2.InspectConfig) DateTimeParseException(java.time.format.DateTimeParseException) ParseException(org.apache.commons.cli.ParseException) CustomInfoType(com.google.privacy.dlp.v2.CustomInfoType) CryptoReplaceFfxFpeConfig(com.google.privacy.dlp.v2.CryptoReplaceFfxFpeConfig) DlpServiceClient(com.google.cloud.dlp.v2.DlpServiceClient) DeidentifyConfig(com.google.privacy.dlp.v2.DeidentifyConfig) KmsWrappedCryptoKey(com.google.privacy.dlp.v2.KmsWrappedCryptoKey) InfoTypeTransformation(com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation) InfoType(com.google.privacy.dlp.v2.InfoType) CustomInfoType(com.google.privacy.dlp.v2.CustomInfoType) ContentItem(com.google.privacy.dlp.v2.ContentItem)

Example 3 with SurrogateType

use of com.google.privacy.dlp.v2.CustomInfoType.SurrogateType in project java-docs-samples by GoogleCloudPlatform.

the class DeIdentification method deIdentifyWithFpe.

// [END dlp_deidentify_mask]
// [START dlp_deidentify_fpe]
/**
 * Deidentify a string by encrypting sensitive information while preserving format.
 *
 * @param string The string to deidentify.
 * @param alphabet The set of characters to use when encrypting the input. For more information,
 *     see cloud.google.com/dlp/docs/reference/rest/v2/content/deidentify
 * @param keyName The name of the Cloud KMS key to use when decrypting the wrapped key.
 * @param wrappedKey The encrypted (or "wrapped") AES-256 encryption key.
 * @param projectId ID of Google Cloud project to run the API under.
 */
private static void deIdentifyWithFpe(String string, FfxCommonNativeAlphabet alphabet, String keyName, String wrappedKey, String projectId, String surrogateType) {
    // instantiate a client
    try (DlpServiceClient dlpServiceClient = DlpServiceClient.create()) {
        ContentItem contentItem = ContentItem.newBuilder().setValue(string).build();
        // Create the format-preserving encryption (FPE) configuration
        KmsWrappedCryptoKey kmsWrappedCryptoKey = KmsWrappedCryptoKey.newBuilder().setWrappedKey(ByteString.copyFrom(BaseEncoding.base64().decode(wrappedKey))).setCryptoKeyName(keyName).build();
        CryptoKey cryptoKey = CryptoKey.newBuilder().setKmsWrapped(kmsWrappedCryptoKey).build();
        CryptoReplaceFfxFpeConfig cryptoReplaceFfxFpeConfig = CryptoReplaceFfxFpeConfig.newBuilder().setCryptoKey(cryptoKey).setCommonAlphabet(alphabet).setSurrogateInfoType(InfoType.newBuilder().setName(surrogateType).build()).build();
        // Create the deidentification transformation configuration
        PrimitiveTransformation primitiveTransformation = PrimitiveTransformation.newBuilder().setCryptoReplaceFfxFpeConfig(cryptoReplaceFfxFpeConfig).build();
        InfoTypeTransformation infoTypeTransformationObject = InfoTypeTransformation.newBuilder().setPrimitiveTransformation(primitiveTransformation).build();
        InfoTypeTransformations infoTypeTransformationArray = InfoTypeTransformations.newBuilder().addTransformations(infoTypeTransformationObject).build();
        // Create the deidentification request object
        DeidentifyConfig deidentifyConfig = DeidentifyConfig.newBuilder().setInfoTypeTransformations(infoTypeTransformationArray).build();
        DeidentifyContentRequest request = DeidentifyContentRequest.newBuilder().setParent(ProjectName.of(projectId).toString()).setDeidentifyConfig(deidentifyConfig).setItem(contentItem).build();
        // Execute the deidentification request
        DeidentifyContentResponse response = dlpServiceClient.deidentifyContent(request);
        // Print the deidentified input value
        // e.g. "My SSN is 123456789" --> "My SSN is 7261298621"
        String result = response.getItem().getValue();
        System.out.println(result);
    } catch (Exception e) {
        System.out.println("Error in deidentifyWithFpe: " + e.getMessage());
    }
}
Also used : InfoTypeTransformations(com.google.privacy.dlp.v2.InfoTypeTransformations) DeidentifyContentRequest(com.google.privacy.dlp.v2.DeidentifyContentRequest) PrimitiveTransformation(com.google.privacy.dlp.v2.PrimitiveTransformation) CryptoKey(com.google.privacy.dlp.v2.CryptoKey) KmsWrappedCryptoKey(com.google.privacy.dlp.v2.KmsWrappedCryptoKey) ByteString(com.google.protobuf.ByteString) DateTimeParseException(java.time.format.DateTimeParseException) ParseException(org.apache.commons.cli.ParseException) CryptoReplaceFfxFpeConfig(com.google.privacy.dlp.v2.CryptoReplaceFfxFpeConfig) DlpServiceClient(com.google.cloud.dlp.v2.DlpServiceClient) DeidentifyConfig(com.google.privacy.dlp.v2.DeidentifyConfig) KmsWrappedCryptoKey(com.google.privacy.dlp.v2.KmsWrappedCryptoKey) InfoTypeTransformation(com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation) ContentItem(com.google.privacy.dlp.v2.ContentItem) DeidentifyContentResponse(com.google.privacy.dlp.v2.DeidentifyContentResponse)

Aggregations

ByteString (com.google.protobuf.ByteString)3 DateTimeParseException (java.time.format.DateTimeParseException)3 ParseException (org.apache.commons.cli.ParseException)3 DlpServiceClient (com.google.cloud.dlp.v2.DlpServiceClient)2 ContentItem (com.google.privacy.dlp.v2.ContentItem)2 CryptoKey (com.google.privacy.dlp.v2.CryptoKey)2 CryptoReplaceFfxFpeConfig (com.google.privacy.dlp.v2.CryptoReplaceFfxFpeConfig)2 DeidentifyConfig (com.google.privacy.dlp.v2.DeidentifyConfig)2 InfoTypeTransformations (com.google.privacy.dlp.v2.InfoTypeTransformations)2 InfoTypeTransformation (com.google.privacy.dlp.v2.InfoTypeTransformations.InfoTypeTransformation)2 KmsWrappedCryptoKey (com.google.privacy.dlp.v2.KmsWrappedCryptoKey)2 PrimitiveTransformation (com.google.privacy.dlp.v2.PrimitiveTransformation)2 ServiceOptions (com.google.cloud.ServiceOptions)1 FfxCommonNativeAlphabet (com.google.privacy.dlp.v2.CryptoReplaceFfxFpeConfig.FfxCommonNativeAlphabet)1 CustomInfoType (com.google.privacy.dlp.v2.CustomInfoType)1 DeidentifyContentRequest (com.google.privacy.dlp.v2.DeidentifyContentRequest)1 DeidentifyContentResponse (com.google.privacy.dlp.v2.DeidentifyContentResponse)1 InfoType (com.google.privacy.dlp.v2.InfoType)1 InspectConfig (com.google.privacy.dlp.v2.InspectConfig)1 ReidentifyContentRequest (com.google.privacy.dlp.v2.ReidentifyContentRequest)1