All Products
Document Center

Data masking

Last Updated: Mar 27, 2018

Description of data masking integration

  • Currently, SDKs in the Java language are available for the integration with the Java platform systems.

  • Download the required SDK on the page by selecting the masking method.

  • Steps to separate masking SDK integration in the Java system are as follows:

    1. Call class at any part of the text to be masked:
      1. @Test
      2. public
      3. void
      4. testEmail
      5. (
      6. )
      7. {
      8. List
      9. <
      10. Content
      11. >
      12. ctts
      13. =
      14. new
      15. ArrayList
      16. <
      17. Content
      18. >
      19. (
      20. )
      21. ;
      22. TextContent emailTxt
      23. =
      24. new
      25. TextContent
      26. (
      27. "My email is Send emails to me! My another email is^_^"
      28. )
      29. ;
      30. ctts
      31. .
      32. add
      33. (
      34. emailTxt
      35. )
      36. ;
      37. System
      38. .
      39. out
      40. .
      41. println
      42. (
      43. DesensService
      44. .
      45. desens
      46. (
      47. null
      48. ,
      49. ctts
      50. ,
      51. null
      52. )
      53. )
      54. ;
      55. }

      The APIs in DesensService may require the information such as: tenant ID (optional), content to be masked (required), data meta (optional), and command context (optional).

      1. Tenant ID: The corresponding tenant ID on the cloud when you connect to the DSG product. The tenant ID corresponds to the user-defined scanning and masking rules, and the results of the offline DSG scanning, making the masking call more specific and accurate. If you pass null, the data masking is based on default rules, so no results of offline DSG scanning are available.

      2. Content to be masked: The text to be masked. SDKs provide multiple functions such as individual masking and batch masking.

      3. Meta data: Optional. If you set a value, data masking can be more accurate. This parameter also indicates the source of the content to be masked (storage platform, project, table, or column).

      4. Command context: It is used to control the masking in this call. For example, you may not want to mask the sensitive data in a certain position (TODO).

    2. Configuration files of the masking SDK:

      1. By default, masking SDKs can be used directly without any configuration. It also provides configuration files for you to customize masking.
      2. Place ‘’ under the root of classpath. The current available configuration items include:

        • The logger name of the slf4j log of the host application available to SDKs.
        • dsg.scan.rule.hit.rate: The effective rule hit threshold for DSG local scanning. Value range [0,100]. If the hit rate is higher than the hit threshold, it is counted as a successful hit. Otherwise, it is counted as a false hit, which is removed from the hit results. The default value is 0, namely, 0% hit threshold. That is, any hit can be included.

        • dsg.desens.debug.on: Determine whether to enable the debug mode (true/false). If true, this prints a lot of logs. The default is false.

        • dsg.desens.tmp.dir: The temporary file workspace path for the SDK local masking. The default is the ‘dsg’ subfolder under the tmp folder in the operating system.

      3. All configurations and documents can be found in the class.