網(wǎng)易首頁 > 網(wǎng)易號 > 正文申請入駐

3種常見的數(shù)據(jù)脫敏方案

2025-01-06 18:49:51　來源: Meta

廣東舉報

分享至

點擊關(guān)注公眾號，實用技術(shù)文章及時了解

SQL數(shù)據(jù)脫敏實現(xiàn)
JAVA數(shù)據(jù)脫敏實現(xiàn)
mybatis-mate-sensitive-jackson

1.SQL數(shù)據(jù)脫敏實現(xiàn)

MYSQL(電話號碼,身份證)數(shù)據(jù)脫敏的實現(xiàn)

-- CONCAT()、LEFT()和RIGHT()字符串函數(shù)組合使用，請看下面具體實現(xiàn)
 
-- CONCAT(str1,str2,…)：返回結(jié)果為連接參數(shù)產(chǎn)生的字符串
-- LEFT(str,len)：返回從字符串str 開始的len 最左字符
-- RIGHT(str,len)：從字符串str 開始，返回最右len 字符
 
-- 電話號碼脫敏sql：
 
SELECT mobilePhone AS 脫敏前電話號碼,CONCAT(LEFT(mobilePhone,3), '********' ) AS 脫敏后電話號碼 FROM t_s_user
 
-- 身份證號碼脫敏sql:
 
SELECT idcard AS 未脫敏身份證, CONCAT(LEFT(idcard,3), '****' ,RIGHT(idcard,4)) AS 脫敏后身份證號 FROM t_s_user

2.JAVA數(shù)據(jù)脫敏實現(xiàn)

可參考：海強 / sensitive-plus

https://gitee.com/strong_sea/sensitive-plus

數(shù)據(jù)脫敏插件，目前支持地址脫敏、銀行卡號脫敏、中文姓名脫敏、固話脫敏、身份證號脫敏、手機號脫敏、密碼脫敏一個是正則脫敏、另外一個根據(jù)顯示長度脫敏，默認是正則脫敏，可以根據(jù)自己的需要配置自己的規(guī)則。

3.mybatis-mate-sensitive-jackson

mybatisplus 的新作，可以測試使用，生產(chǎn)需要收費。

根據(jù)定義的策略類型，對數(shù)據(jù)進行脫敏，當然策略可以自定義。

# 目前已有
package mybatis.mate.strategy;
 
public interface SensitiveType {
    String chineseName = "chineseName";
    String idCard = "idCard";
    String phone = "phone";
    String mobile = "mobile";
    String address = "address";
    String email = "email";
    String bankCard = "bankCard";
    String password = "password";
    String carNumber = "carNumber";
}

Demo 代碼目錄

1、pom.xml

             
     
                
         
                  
 com.baomidou groupId>         
                    
 mybatis-mate-examples artifactId>         
                      
 0.0.1-SNAPSHOT version>      parent>     
                        
 4.0.0 modelVersion>     
                          
 mybatis-mate-sensitive-jackson artifactId>     
                            
         
                              
             
                                
 mysql groupId>             
                                  
 mysql-connector-java artifactId>          dependency>      dependencies>   project>

2、appliation.yml

# DataSource Config
spring:
  datasource:
#    driver-class-name: org.h2.Driver
#    schema: classpath:db/schema-h2.sql
#    data: classpath:db/data-h2.sql
#    url: jdbc:h2:mem:test
#    username: root
#    password: test
    driver-class-name: com.mysql.cj.jdbc.Driver
    url: jdbc:mysql://localhost:3306/mybatis_mate?useSSL=false&useUnicode=true&characterEncoding=UTF-8&serverTimezone=UTC
    username: root
    password: 123456
# Mybatis Mate 配置
mybatis-mate:
  cert:
    # 請?zhí)砑游⑿舧x153666購買授權(quán)，不白嫖從我做起！ 測試證書會失效，請勿正式環(huán)境使用
    grant: thisIsTestLicense
    license: as/bsBaSVrsA9FfjC/N77ruEt2/QZDrW+MHETNuEuZBra5mlaXZU+DE1ZvF8UjzlLCpH3TFVH3WPV+Ya7Ugiz1Rx4wSh/FK6Ug9lhos7rnsNaRB/+mR30aXqtlLt4dAmLAOCT56r9mikW+t1DDJY8TVhERWMjEipbqGO9oe1fqYCegCEX8tVCpToKr5J1g1V86mNsNnEGXujnLlEw9jBTrGxAyQroD7Ns1Dhwz1K4Y188mvmRQp9t7OYrpgsC7N9CXq1s1c2GtvfItHArkqHE4oDrhaPjpbMjFWLI5/XqZDtW3D+AVcH7pTcYZn6vzFfDZEmfDFV5fQlT3Rc+GENEg==
 
# Logger Config
logging:
  level:
    mybatis.mate: debug

3、Appliation啟動類

package mybatis.mate.sensitive.jackson;
 
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
 
@SpringBootApplication
public class SensitiveJacksonApplication {
 
    // 測試訪問 http://localhost:8080/info ，http://localhost:8080/list
    public static void main(String[] args) {
        SpringApplication.run(SensitiveJacksonApplication.class, args);
    }
}

4、配置類，自定義脫敏策略

package mybatis.mate.sensitive.jackson.config;
 
import mybatis.mate.databind.ISensitiveStrategy;
import mybatis.mate.strategy.SensitiveStrategy;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
 
@Configuration
public class SensitiveStrategyConfig {
 
    /**      * 注入脫敏策略      */
    @Bean
    public ISensitiveStrategy sensitiveStrategy() {
        // 自定義 testStrategy 類型脫敏處理
        return new SensitiveStrategy().addStrategy("testStrategy", t -> t + "***test***");
    }
}

5、業(yè)務類

User，注解標識脫敏字段，及選用脫敏策略

package mybatis.mate.sensitive.jackson.entity;
 
import lombok.Getter;
import lombok.Setter;
import mybatis.mate.annotation.FieldSensitive;
import mybatis.mate.sensitive.jackson.config.SensitiveStrategyConfig;
import mybatis.mate.strategy.SensitiveType;
 
@Getter
@Setter
public class User {
    private Long id;
    /**      * 這里是一個自定義的策略 {@link SensitiveStrategyConfig} 初始化注入      */
    @FieldSensitive("testStrategy")
    private String username;
    /**      * 默認支持策略 {@link SensitiveType }      */
    @FieldSensitive(SensitiveType.mobile)
    private String mobile;
    @FieldSensitive(SensitiveType.email)
    private String email;
 
}

UserController

package mybatis.mate.sensitive.jackson.controller;
 
import mybatis.mate.databind.ISensitiveStrategy;
import mybatis.mate.databind.RequestDataTransfer;
import mybatis.mate.sensitive.jackson.entity.User;
import mybatis.mate.sensitive.jackson.mapper.UserMapper;
import mybatis.mate.strategy.SensitiveType;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RestController;
 
import javax.servlet.http.HttpServletRequest;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
 
@RestController
public class UserController {
    @Autowired
    private UserMapper userMapper;
    @Autowired
    private ISensitiveStrategy sensitiveStrategy;
 
    // 測試訪問 http://localhost:8080/info
    @GetMapping("/info")
    public User info() {
        return userMapper.selectById(1L);
    }
 
    // 測試返回 map 訪問 http://localhost:8080/map
    @GetMapping("/map")
    public Map   map ()  {
        // 測試嵌套對象脫敏
        Map
      
  userMap =  new HashMap<>();         userMap.put( "user", userMapper.selectById( 1L));         userMap.put( "test",  123);         userMap.put( "userMap",  new HashMap () {{             put("user2", userMapper.selectById(2L));             put("test2", "hi china");         }});          // 手動調(diào)用策略脫敏         userMap.put( "mobile", sensitiveStrategy.getStrategyFunctionMap()                 .get(SensitiveType.mobile).apply( "15315388888"));          return userMap;     }        // 測試訪問 http://localhost:8080/list      // 不脫敏 http://localhost:8080/list?skip=1      @GetMapping( "/list")      public List   list (HttpServletRequest request)  {          if ( "1".equals(request.getParameter( "skip"))) {              // 跳過脫密處理             RequestDataTransfer.skipSensitive();         }          return userMapper.selectList( null);     } }

UserMapper

package mybatis.mate.sensitive.jackson.mapper;
 
import com.baomidou.mybatisplus.core.mapper.BaseMapper;
import mybatis.mate.sensitive.jackson.entity.User;
import org.apache.ibatis.annotations.Mapper;
 
@Mapper
public interface UserMapper extends BaseMapper
             
  {   }

6、測試

GET http://localhost:8080/list

[
  {
    "id": 1,
    "username": "Jone***test***",
    "mobile": "153******81",
    "email": "t****@baomidou.com"
  },
  {
    "id": 2,
    "username": "Jack***test***",
    "mobile": "153******82",
    "email": "t****@baomidou.com"
  },
  {
    "id": 3,
    "username": "Tom***test***",
    "mobile": "153******83",
    "email": "t****@baomidou.com"
  }
]

GET http://localhost:8080/list?skip=1

[
  {
    "id": 1,
    "username": "Jone",
    "mobile": "15315388881",
    "email": "test1@baomidou.com"
  },
  {
    "id": 2,
    "username": "Jack",
    "mobile": "15315388882",
    "email": "test2@baomidou.com"
  },
  {
    "id": 3,
    "username": "Tom",
    "mobile": "15315388883",
    "email": "test3@baomidou.com"
  }
]

來源：https://blog.csdn.net/weixin_61594803

特別聲明：以上內(nèi)容(如有圖片或視頻亦包括在內(nèi))為自媒體平臺“網(wǎng)易號”用戶上傳并發(fā)布，本平臺僅提供信息存儲服務。

Notice: The content above (including the pictures and videos if any) is uploaded and posted by a user of NetEase Hao, which is a social media platform and only provides information storage services.