Identify sensitive data with sample libraries

Updated at:
Copy as MD

DataWorks allows you to generate a sample library from a sample file you provide. You can then configure the sample library as a sensitive data identification rule. A match occurs if target data contains an entry from the sample library. This feature is useful for identifying data that can be enumerated, such as employee names or user addresses. This topic describes how to create and manage sample libraries.

Limitations

DataWorks supports only UTF-8-encoded .txt text files up to 500 KB as sample files. Each entry in the sample file must be on a new line.

Note

A sensitive data identification rule can identify only one type of data. Therefore, store data of the same type in each sample library. To identify multiple types of data using sample libraries, configure multiple sample libraries. For example, if you need to identify employee names and home addresses, you must configure a sample library for names and another for home addresses.

Create a sample library

  1. Go to Data Security Guard.

    1. Log on to the DataWorks console. In the target region, click Data Governance > Security Center in the left-side navigation pane. On the page that appears, click Go to Security Center.

    2. In the left-side navigation pane, click Data Security > Sensitive Data Management and then click Try Now to access Data Security Guard.

      Note
      • If your Alibaba Cloud account is already authorized, you are directed to the Data Security Guard homepage.

      • If your Alibaba Cloud account is not authorized, you are redirected to the Data Security Guard authorization page. To use Data Security Guard features for the first time, go to Data Security > Sensitive Data Management, select Data Security Guard in the pop-up dialog, and then complete the authorization.

  2. In the left-side navigation pane, choose Rule Setting > Sensitive Data Identification to open the Sensitive Data Identification page.

  3. Create a sample library.

    1. On the Sample Data Management tab, click Create Sample Library.

    2. In the Create Sample Library dialog box, enter a name for the sample library and upload a sample file.

      DataWorks supports only UTF-8-encoded .txt text files up to 500 KB as sample files. Each entry in the sample file must be on a new line.

      Note

      A sensitive data identification rule can identify only one type of data. Therefore, store data of the same type in each sample library. To identify multiple types of data using sample libraries, configure multiple sample libraries. For example, if you need to identify employee names and home addresses, you must configure a sample library for names and another for home addresses.

  4. Click Save to create the sample library.

After you create a sample library, you can configure it as a sensitive data identification rule. A match occurs if target data contains an entry from the sample library. For more information about how to use a sample library in a sensitive data identification rule, see Configure sensitive data identification rules and run identification tasks.

Manage sample libraries

On the Sample Data Management page, you can manage existing sample libraries:

  • View sample libraries: You can view the number of samples and the associated sensitive data identification rules for each library. To view a library's data details, click the 查看 icon in the Actions column.

  • Modify a sample file: To replace a library's sample file, click the 修改 icon in the Actions column.

  • Delete a sample library: To delete a library, click the 删除样本库 icon in the Actions column.

    Note

    You cannot delete a sample library if a sensitive data identification rule references it. You can view the associated rule in the sample library list. You must first remove the reference from the rule's configuration page. After you remove the reference, you can delete the library. For more information about how to configure a sensitive data identification rule, see Configure sensitive data identification rules and run identification tasks.