Data Masking

Data Masking #

The data masking Java API rule configuration allows users to create objects directly by writing Java code. The Java API configuration method is very flexible and can integrate various types of business systems without dependence on additional jar packages.

Parameter Explanation #

Configuration Entry #

Class name: org.apache.shardingsphere.mask.api.config.MaskRuleConfiguration

configurable properties:

Name	Data type	Description	Default value
tables (+)	Collection<MaskTableRuleConfiguration>	Mask table rule configuration
maskAlgorithms (+)	Map<String, AlgorithmConfiguration>	Mask algorithm name and configuration

Mask Table Rule Configuration #

Class name: org.apache.shardingsphere.mask.api.config.rule.MaskTableRuleConfiguration

configurable properties:

Name	Data type	Description
name	String	Table name
columns (+)	Collection<MaskColumnRuleConfiguration>	Mask column rule configuration list

Mask Column Rule Configuration #

Class name: org.apache.shardingsphere.mask.api.config.rule.MaskColumnRuleConfiguration

configurable properties:

Name	Data type	Description
logicColumn	String	Logic column name
maskAlgorithm	String	Mask algorithm name

Mask Algorithm Configuration #

Class name: org.apache.shardingsphere.infra.config.algorithm.AlgorithmConfiguration

configurable properties:

Name	Data type	Description
name	String	Mask algorithm name
type	String	Mask algorithm type
properties	Properties	Mask algorithm properties configuration

For details of shadow algorithm types, please refer to Built-in mask algorithm list.

Operation Steps #

Create a real data source mapping relationship, the key is the logical data source name, and the value is the DataSource object;
Create mask rule object MaskRuleConfiguration, And initialize the masking table object MaskTableRuleConfiguration, masking algorithm and other parameters in the object;

Configuration Example #

import java.util.Collections;
import java.util.LinkedHashMap;
import java.util.Properties;

public final class MaskDatabasesConfiguration implements ExampleConfiguration {
    
    @Override
    public DataSource getDataSource() {
        MaskColumnRuleConfiguration passwordColumn = new MaskColumnRuleConfiguration("password", "md5_mask");
        MaskColumnRuleConfiguration emailColumn = new MaskColumnRuleConfiguration("email", "mask_before_special_chars_mask");
        MaskColumnRuleConfiguration telephoneColumn = new MaskColumnRuleConfiguration("telephone", "keep_first_n_last_m_mask");
        MaskTableRuleConfiguration maskTableRuleConfig = new MaskTableRuleConfiguration("t_user", Arrays.asList(passwordColumn, emailColumn, telephoneColumn));
        Map<String, AlgorithmConfiguration> maskAlgorithmConfigs = new LinkedHashMap<>(3, 1);
        maskAlgorithmConfigs.put("md5_mask", new AlgorithmConfiguration("MD5", new Properties()));
        Properties beforeSpecialCharsProps = new Properties();
        beforeSpecialCharsProps.put("special-chars", "@");
        beforeSpecialCharsProps.put("replace-char", "*");
        maskAlgorithmConfigs.put("mask_before_special_chars_mask", new AlgorithmConfiguration("MASK_BEFORE_SPECIAL_CHARS", beforeSpecialCharsProps));
        Properties keepFirstNLastMProps = new Properties();
        keepFirstNLastMProps.put("first-n", "3");
        keepFirstNLastMProps.put("last-m", "4");
        keepFirstNLastMProps.put("replace-char", "*");
        maskAlgorithmConfigs.put("keep_first_n_last_m_mask", new AlgorithmConfiguration("KEEP_FIRST_N_LAST_M", keepFirstNLastMProps));
        MaskRuleConfiguration maskRuleConfig = new MaskRuleConfiguration(Collections.singleton(maskTableRuleConfig), maskAlgorithmConfigs);
        try {
            return ShardingSphereDataSourceFactory.createDataSource(DataSourceUtil.createDataSource("demo_ds"), Collections.singleton(maskRuleConfig), new Properties());
        } catch (final SQLException ex) {
            ex.printStackTrace();
            return null;
        }
    }
}