什么是数据脱敏
数据脱敏是指对某些敏感信息通过脱敏规则进行数据的变形,实现敏感隐私数据的可靠保护。
为什么要进行数据脱敏
在涉及客户安全数据或者一些商业性敏感数据的情况下,在不违反系统规则条件下,对真实数据进行改造并提供测试使用,如身份证号、手机号、卡号、客户号等个人信息都需要进行数据脱敏。数据安全技术之一。
数据库安全技术主要包括:数据库漏扫、数据库加密、数据库防火墙、数据脱敏、数据库安全审计系统。数据库安全风险包括:拖库、刷库、撞库。
Java中对数据脱敏的一个例子
数据库中有人员信息表people如下
要求数据存储时对身份证号idcard以及手机号phone脱敏处理。
脱敏工具类DesensitizationUtil.java如下:
package com.cn.demo.common.utils;
import org.apache.commons.lang.StringUtils;
public class DesensitizationUtil {
/**
* 对手机号进行脱敏处理
* @param phone
* @return
*/
public static String phoneDesensitization(String phone) {
return StringUtils.substring(phone, 0, 3)+"****"+StringUtils.substring(phone, -4);
}
/**
* 对身份证号进行脱敏处理
* @param idcard
* @return
*/
public static String idcardDesensitization(String idcard) {
return StringUtils.substring(idcard, 0, 6)+"********"+StringUtils.substring(idcard, -4);
}
}
实体类People.java如下:
package com.cn.demo.people.entity;
import java.io.Serializable;
import javax.persistence.Entity;
import javax.persistence.GeneratedValue;
import javax.persistence.GenerationType;
import javax.persistence.Id;
import javax.persistence.Table;
import com.cn.demo.common.utils.DesensitizationUtil;
@Entity
@Table(name = "people")
public class People implements Serializable{
/**
*
*/
private static final long serialVersionUID = 1L;
@Id
@GeneratedValue(strategy = GenerationType.IDENTITY)
private Integer id;
private String name;
private String sex;
private String idcard;
private String phone;
public Integer getId() {
return id;
}
public void setId(Integer id) {
this.id = id;
}
public String getName() {
return name;
}
public void setName(String name) {
this.name = name;
}
public String getSex() {
return sex;
}
public void setSex(String sex) {
this.sex = sex;
}
public String getIdcard() {
return idcard;
}
public void setIdcard(String idcard) {
//对身份证号进行脱敏
this.idcard = DesensitizationUtil.idcardDesensitization(idcard);
}
public String getPhone() {
return phone;
}
public void setPhone(String phone) {
//对手机号进行脱敏
this.phone = DesensitizationUtil.phoneDesensitization(phone);
}
}
接口类PeopleRepository.java如下:
package com.cn.demo.people.repository;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import com.cn.demo.people.entity.People;
@Repository
public interface PeopleRepository extends JpaRepository<People, Integer>{
}
业务层PeopleService.java如下:
package com.cn.demo.people.service;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Service;
import com.cn.demo.people.entity.People;
import com.cn.demo.people.repository.PeopleRepository;
@Service
public class PeopleService {
@Autowired
private PeopleRepository peopleRepository;
public void addPeople(People people) {
peopleRepository.save(people);
}
public People getPeople(Integer id) {
return peopleRepository.findById(id).get();
}
}
控制器层PeopleController.java如下:
package com.cn.demo.people.controller;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import com.cn.demo.people.entity.People;
import com.cn.demo.people.service.PeopleService;
@RestController
@RequestMapping("/people")
public class PeopleController {
@Autowired
private PeopleService peopleService;
@RequestMapping(value = "/addPeople", method = RequestMethod.POST)
public void addPeople(@RequestBody People people) {
peopleService.addPeople(people);
}
@RequestMapping(value = "/getPeopleById/{id}", method = RequestMethod.GET)
public People getPeopleById(@PathVariable(value = "id")String id) {
return peopleService.getPeople(Integer.valueOf(id));
}
}
数据库现有信息如下:
1、向数据库中添加人员信息
可以看到数据库中多了一条记录
2、获取数据库中id为1的人员信息
结果如下: