CN114239051A - Method, device and storage medium for desensitizing information based on Java reflection - Google Patents

Method, device and storage medium for desensitizing information based on Java reflection Download PDF

Info

Publication number
CN114239051A
CN114239051A CN202111368226.3A CN202111368226A CN114239051A CN 114239051 A CN114239051 A CN 114239051A CN 202111368226 A CN202111368226 A CN 202111368226A CN 114239051 A CN114239051 A CN 114239051A
Authority
CN
China
Prior art keywords
desensitization
field
annotation
attribute
class
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN202111368226.3A
Other languages
Chinese (zh)
Inventor
唐健
高文钟
袁孔华
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Shenzhen Kemanda Intelligent Management Science & Technology Co ltd
Original Assignee
Shenzhen Kemanda Intelligent Management Science & Technology Co ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Shenzhen Kemanda Intelligent Management Science & Technology Co ltd filed Critical Shenzhen Kemanda Intelligent Management Science & Technology Co ltd
Priority to CN202111368226.3A priority Critical patent/CN114239051A/en
Publication of CN114239051A publication Critical patent/CN114239051A/en
Pending legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6245Protecting personal data, e.g. for financial or medical purposes
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/602Providing cryptographic facilities or services

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Computer Hardware Design (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • General Physics & Mathematics (AREA)
  • Databases & Information Systems (AREA)
  • Medical Informatics (AREA)
  • Storage Device Security (AREA)

Abstract

The application discloses a method, a device and a storage medium for desensitizing information based on Java reflection, which are used for encrypting key information and reducing the risk of key information leakage. The method comprises the following steps: creating a tool class, wherein the tool class comprises a field encryption method and an assembly desensitization field annotation; obtaining annotations on the attributes of the data source through Java reflection; comparing annotations on attributes of the data source with the assembly desensitization field annotations; and when the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field, calling the field encryption method to encrypt the value of the attribute.

Description

Method, device and storage medium for desensitizing information based on Java reflection
Technical Field
The present application relates to the field of information security management technologies, and in particular, to a method, an apparatus, and a storage medium for information desensitization based on Java reflection.
Background
With the rise of Internet and e-commerce services, global development of Internet of Things and Internet of everything (IOT) is achieved, various industries, large and small systems are adopted, services processed every day are thousands of services, it is inevitable that which service chains are processed and have problems, in order to clearly locate where the services are processed, in order to facilitate later maintenance and production location problems, service logs and key information are printed in the service systems, and an inevitable processing means is formed. However, in the current society, the privacy of the client is particularly important, so that the enterprise needs a security technical problem urgently solved by technical personnel in the field at present, how to not reveal private sensitive information of the client, and how to facilitate technical personnel of the enterprise without disclosing the disclosed information, and the later positioning problem of operation and maintenance personnel becomes the key point for most enterprise consideration.
In these business systems, it is common practice to print out both the key information and the general information in the log directly.
The key information in the log is not encrypted and is not filtered and output by using the conventional operation, and the key information comprises objective private information and sensitive information such as relevant account numbers, passwords, order property and the like, so that certain risk of key information leakage exists.
Disclosure of Invention
In order to solve the technical problem, the application provides a method, a device and a storage medium for desensitizing information based on Java reflection, which are used for encrypting key information and reducing the risk of key information leakage.
A first aspect of the present application provides a method for information desensitization based on Java reflection, including:
creating a tool class, wherein the tool class comprises a field encryption method and an assembly desensitization field annotation;
obtaining annotations on the attributes of the data source through Java reflection;
comparing annotations on attributes of the data source with the assembly desensitization field annotations;
and when the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field, calling the field encryption method to encrypt the value of the attribute.
Optionally, the creating tool class includes:
creating an enumeration class, wherein a desensitization type field is defined in the enumeration class;
creating an annotation class, wherein an enumeration variable is defined in the annotation class, and the enumeration variable is a desensitization data type;
creating a basic data template class, wherein fields to be desensitized and desensitization field annotations are defined in the basic data template class;
and creating the tool class according to the enumeration class, the annotation class and the basic data template class.
Optionally, the obtaining annotations on attributes of the data source through Java reflection includes:
acquiring the attribute of a data source through Java reflection;
when the attribute of the data source is an object or a set, determining the minimum attribute by recursively calling a desensitization processing method, wherein the desensitization processing method is contained in the tool class;
obtaining an annotation of the minimum attribute;
the comparing annotations on properties of the data source to the assembly desensitization field annotations includes:
comparing the minimum attribute annotation to the assembly desensitization field annotation.
Optionally, the invoking the field encryption method to encrypt the value of the attribute includes:
and calling a field encryption method to replace the value of the attribute with a preset character for encryption processing to obtain the ciphertext information.
Optionally, the invoking the field encryption method to encrypt the value of the attribute includes:
and calling a field encryption method to carry out hash encryption processing on the value of the attribute to obtain the ciphertext information.
Optionally, the invoking the field encryption method to encrypt the value of the attribute includes:
and calling a desensitization field encryption method to encrypt the field needing desensitization through a key to obtain the ciphertext information.
Optionally, the method further comprises:
and returning the ciphertext information to the data source.
A second aspect of the present application provides an apparatus for information desensitization based on Java reflection, comprising:
the system comprises a creating unit, a processing unit and a processing unit, wherein the creating unit is used for creating a tool class which contains a field encryption method and assembly desensitization field annotation;
an acquisition unit for acquiring annotations on attributes of the data source through Java reflection;
a comparison unit for comparing annotations on properties of the data source with the assembly desensitization field annotations;
and the encryption unit is used for calling the field encryption method to encrypt the value of the attribute when the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field.
Optionally, the creating unit includes:
the device comprises a first creating module, a second creating module and a third creating module, wherein the first creating module is used for creating an enumeration class, and desensitization type fields are defined in the enumeration class;
the second creating module is used for creating an annotation class, wherein an enumeration variable is defined in the annotation class, and the enumeration variable is a desensitization data type;
the third creates the module, is used for creating the basic data template class, define the field to desensitize and desensitize field note in the said basic data template class;
and the fourth creating module is used for creating the tool class according to the enumeration class, the annotation class and the basic data template class.
Optionally, the obtaining unit includes:
the first acquisition module is used for acquiring the attribute of the data source through Java reflection;
a determining module, configured to determine a minimum attribute by recursively invoking a desensitization processing method when the attribute of the data source is an object or a set, where the desensitization processing method is included in the tool class;
the second acquisition module is used for acquiring the annotation of the minimum attribute;
the comparison unit includes:
a comparison module for comparing the minimum attribute annotation with the assembly desensitization field annotation.
Optionally, the encryption unit includes:
and the first encryption module is used for calling a field encryption method to replace the value of the attribute with a preset character for encryption processing to obtain the ciphertext information.
Optionally, the encryption unit includes:
and the second encryption module is used for calling a field encryption method to carry out hash encryption processing on the value of the attribute to obtain the ciphertext information.
Optionally, the encryption unit includes:
and the third encryption module is used for calling a desensitization field encryption method to encrypt the field needing desensitization through a key to obtain the ciphertext information.
Optionally, the apparatus further comprises:
and the return unit is used for returning the ciphertext information to the data source.
A third aspect of the present application provides an apparatus for information desensitization based on Java reflection, comprising:
the system comprises a central processing unit, a memory, an input/output interface, a wired or wireless network interface and a power supply;
the memory is a transient memory or a persistent memory;
the central processor is configured to communicate with the memory and execute the operations of the instructions in the memory to perform the method of the first aspect.
A fourth aspect of the present application is a computer-readable storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method of the first aspect.
According to the technical scheme, the embodiment of the application has the following advantages:
the invention firstly creates a tool class which comprises a field encryption method and is provided with desensitization field annotation, acquires the attribute of a data source through Java reflection, then acquires the annotation of the attribute, compares the annotation in the attribute with the desensitization field annotation after acquiring the annotation in the attribute, and encrypts the value of the attribute when the annotation in the attribute is the same as the desensitization field annotation. Through the Java reflection technology, sensitive information is encrypted, and the risk of key information leakage can be reduced.
Drawings
In order to more clearly illustrate the technical solutions in the present application, the drawings needed to be used in the description of the embodiments will be briefly introduced below, and it is obvious that the drawings in the following description are only some embodiments of the present application, and it is obvious for those skilled in the art to obtain other drawings without creative efforts.
FIG. 1 is a schematic diagram of a method for desensitizing information based on Java reflection in an embodiment of the present application;
FIG. 2 is another schematic diagram of a method for desensitizing information based on Java reflection in an embodiment of the present application;
FIG. 3 is a schematic diagram of an apparatus for desensitizing information based on Java reflection in an embodiment of the present application;
FIG. 4 is another schematic diagram of an apparatus for desensitizing information based on Java reflection in an embodiment of the present application;
fig. 5 is another schematic diagram of an apparatus for desensitizing information based on Java reflection in the embodiment of the present application.
Detailed Description
The application provides a method, a device and a storage medium for desensitizing information based on Java reflection, which are used for encrypting key information and reducing the risk of key information leakage.
The method and the device are generally used for encryption processing of key information of the service log, and in practical application, due to the fact that the service volume is huge, the service processing needs to be located, and for convenience of later maintenance, the service log and the key information generally need to be printed in a service system. However, if the key information in the log is leaked, potential safety hazards exist, and unpredictable risks are caused to individuals and companies, so that the key information in the log needs to be encrypted, and cannot be acquired by others. The service may include a personal service, a company service, and the like, and the key information may include information such as an account password and an order property, which is not limited herein.
The following briefly describes the method for information desensitization based on Java reflection in the present application:
referring to fig. 1, fig. 1 is a diagram illustrating an embodiment of a method for desensitizing information based on Java reflection according to the present application, and the method is specifically described as applied to a system, and includes:
101. system creation tool class, tool class containing field encryption method and assembly desensitization field annotation
In this embodiment, a tool class is first created, which is to provide some common methods in some non-business domain, and does not need member variables, but is used as a tool method. Generally, a static method is suitable, and can acquire and call the definition of the method without instantiation, a desensitization field annotation is assembled in the tool class in the embodiment through a static code block, and the assembled desensitization field annotation is mainly used for finding out a field in a data source, which needs desensitization processing, and is executed along with the loading of the class and is executed only once. And the tool class also defines the encryption method of the field needing desensitization, such as character replacement method, hash encryption and encryption using key, which is not limited herein.
102. System for obtaining annotations on attributes of data sources through Java reflection
Reflection is one of the features of the Java program development language that allows a running Java program to inspect itself, or "self-examine," and to directly manipulate the program's internal properties and methods. In general, reflexes are used to let developers know what members are in this class and what members are in other classes, and reflexes let developers create objects by full pathnames of external classes and use these classes to implement extended functions. Reflection allows developers to enumerate all members of a class, including constructors, attributes, methods. In this embodiment, annotations on attributes of a data source may be obtained through Java reflection, where the data source mainly originates from a service log.
Annotations can be used generally to create documents, track dependencies in code, and even perform basic compile-time checks. The annotation exists in the code with the '@ annotation name', does not directly influence the semantics of the program, only exists as an identifier, and can be obtained by accessing the metadata, namely the data for describing the data, through the reflection mechanism programming.
103. The system compares annotations on attributes of the data source with assembly desensitization field annotations
In this embodiment, the annotations on the data source attributes are obtained and compared with the assembly desensitization field annotations. The assembly desensitization field annotation includes desensitization types, i.e. desensitization rules, for example, the desensitization types in the assembly desensitization field annotation are PHONE and USER _ NAME, i.e. the desensitization types of the data are a mobile PHONE number and a USER NAME, and the annotation is added to the entity class to indicate the type requiring desensitization, and the entity class is mainly added to encapsulate attributes of parameter entities in the simulation call process, for example: private String name, meaning desensitization by name; the private String phone indicates desensitization according to a mobile phone number, and it is understood that the desensitization type may be a String type field, or may be other types, such as BigDecimal, Date, and the like, which is not limited herein. Then, acquiring attribute values in all data sources, wherein the acquired attribute values are user.setname ("sponge baby") and user.setphone ("13344556666"); and (4) acquiring the annotation types on the attributes, namely the acquired annotation types comprise the mobile Phone number Phone and the user Name, comparing the acquired annotation types with the loaded desensitization field annotation types, and executing the step 104 if the matching results are consistent.
104. When the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field, the system calls a field encryption method to encrypt the value of the attribute
In this embodiment, the annotation type of the acquired data source attribute is compared with the loaded desensitization field annotation type, and when the comparison result is consistent, the field to be desensitized can be determined, for example, the acquired attribute values are user.setname ("spongo"), user.setphon ("13344556666"), the type of the annotation is consistent with the assembled desensitization field annotation type, the attribute values are acquired by a get method, the fields to be desensitized are determined to be "spongo" and "13344556666," field encryption methods in the tool class are called to "spongo" and "13344556666," and when the method is to be replaced with a preset character for encryption, even if the field is encrypted by ". about.
Optionally, it may be further defined that which segment of the value of the attribute is encrypted and which segment is displayed, for example, only the first chinese character is displayed for the user name, the others are hidden by 3 asterisks, the processing result is "hai × 6666", the first three bits and the last four bits are displayed for the mobile phone number, and the others are hidden by "133 × 6666".
In this embodiment, a tool class is created, which includes a field encryption method and is equipped with a desensitization field annotation, an attribute of a data source is obtained through Java reflection, then an annotation of the attribute is obtained, after an annotation in the attribute is obtained, the annotation in the attribute is compared with the desensitization field annotation, and when the annotation in the attribute is the same as the desensitization field annotation, a value of the attribute is encrypted. Through the Java reflection technology, sensitive information is encrypted, and the risk of key information leakage can be reduced.
In this embodiment, the tool class may be created according to an enumeration class, an annotation class, and a basic data template class, and when the attribute of the acquired data source is an object or a set, the system determines the minimum attribute by recursively invoking a desensitization processing method, which will be described in detail below with reference to the drawings.
Referring to fig. 2, fig. 2 is another embodiment of the method for desensitizing information based on Java reflection in the present application, and the following detailed description is provided for the system according to the method:
201. the system creates an enumeration class in which a desensitization type field is defined
In this embodiment, different types of sensitive fields need to be desensitized in different ways, so an enumerated attribute value is added for definition, and enumeration is used to specify a comment type, that is, fields of the same type are defined in an enumerated class, which facilitates uniform processing. For example: the types of desensitization that may be required for enumeration include PHONE, USER _ NAME, ID-CARD, ADDRESS, EMAIL, PASSSWORD, etc., and are not specifically limited herein.
202. The system creates an annotation class, and an enumerated variable is defined in the annotation class and is a desensitized data type
In this embodiment, an enumeration class is used to specify an annotation type, i.e., a desensitization data type, which may also be referred to as a desensitization data rule, and then an annotation is added to an entity class to indicate the type requiring desensitization. In general, desensitization is required to be performed on the display of sensitive information, desensitization is normally issued and written into a tool class, then the tool class is called at a place where desensitization is required to perform desensitization, when a lot of desensitization fields in an entity appear to be relatively redundant in codes for calling the desensitization tool class, and the annotation class is used, so that development is more concise and convenient.
203. The system creates a primitive data template class in which fields to be desensitized and desensitization field annotations are defined
In this embodiment, a basic data template class is created to identify fields that need desensitization, and those fields that need desensitization processing are defined, i.e. desensitization field annotations are defined, for example: fields that require desensitization are defined as PHONE, USER _ NAME, ID-CARD, ADDRESS, EMAIL, PASSSWORD, etc.
204. The system creates tool classes based on enumerated classes, annotation classes, and basic data template classes, the tool classes including field encryption method and assembly desensitization field annotation
In this embodiment, a tool class is created, in which desensitization field annotations in the basic data template class are assembled, and a field encryption method is written, where the field encryption method may be a character replacement method, hash encryption, and encryption using a key, and is not limited herein. When field desensitization is required, because the enumeration class is used to specify the annotation type, the field with desensitization annotation can be uniformly encrypted by using a field encryption method. Through creating tool classes according to enumeration classes, annotation classes and basic data template classes, development can be more concise and convenient, and various encryption methods can better adapt to the requirements of desensitization of different business log data.
205. System for obtaining data source attribute through Java reflection
Step 205 in this embodiment is similar to step 102 in the embodiment shown in fig. 1, and is not described here again.
206. When the attribute of the data source is an object or a set, the system determines the minimum attribute by recursively calling a desensitization processing method, wherein the desensitization processing method is contained in a tool class
In this embodiment, when all attributes in the data source are acquired, it is determined whether the attribute is an object or a set, and when the attribute is an object or a set, a desensitization processing method is recursively called to determine a minimum attribute, that is, the attribute does not include an object or a set, and is an encapsulation class of a basic data type and a basic data type. The method can be used for circularly traversing the fields after all the attributes are obtained, obtaining the attribute values corresponding to the fields, traversing the set attributes and carrying out recursive filtering on the fields of the group type.
207. System for obtaining annotation of minimum attributes
208. The system compares the minimum attribute annotation to the assembly desensitization field annotation
Steps 207 to 208 in this embodiment are similar to steps 102 to 103 in the embodiment shown in fig. 1, and are not repeated here.
209. When the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field, the system calls a field encryption method to encrypt the value of the attribute
Step 209 in this embodiment is similar to step 104 in the embodiment shown in fig. 1, and is not described herein again.
Optionally, in addition to the above method of performing encryption processing by replacing with a preset character, the encryption method may also use hash encryption and encryption using a key to obtain ciphertext information, and is not limited herein.
210. The system returns the ciphertext information to the data source
In the embodiment, the encryption method is used for encrypting the sensitive information in the data source to obtain the ciphertext information, and the obtained ciphertext information is returned to the data source, namely the service log, so that the safety of the key information in the log is ensured while the worker can check and operate the log.
In this embodiment, a tool class may be created according to an enumeration class, an annotation class, and a basic data template class, where the tool class includes a field encryption method and is equipped with a desensitization field annotation, and acquires an attribute of a data source through Java reflection, and when the acquired attribute of the data source is an object or an aggregate, the system determines a minimum attribute by recursively calling a desensitization processing method, and then acquires an annotation of the minimum attribute, and after acquiring an annotation in the minimum attribute, compares the annotation in the attribute with the desensitization field annotation, and when the annotation in the attribute is the same as the desensitization field annotation, encrypts a value of the attribute, and returns obtained ciphertext information to the data source after encryption. Through the Java reflection technology, sensitive information is encrypted, and the risk of key information leakage can be reduced.
The above describes a method for performing information desensitization based on Java reflection, and an apparatus for performing information desensitization based on Java reflection is described below:
referring to fig. 3, an apparatus for desensitizing information based on Java reflection in the present application includes:
a creating unit 301, configured to create a tool class, where the tool class includes a field encryption method and an assembly desensitization field annotation;
an obtaining unit 302, configured to obtain annotations on attributes of a data source through Java reflection;
a comparison unit 303 for comparing annotations on properties of the data source with assembly desensitization field annotations;
and the encryption unit 304 calls a field encryption method to encrypt the value of the attribute when the annotation on the attribute of the data source is the same as the assembly desensitization field annotation.
In this embodiment, the creating unit 301 creates a tool class including a field encryption method and equipped with a desensitization field annotation, the obtaining unit 302 obtains an attribute of a data source through Java reflection, then obtains an annotation of the attribute, after obtaining an annotation in the attribute, the comparing unit 303 compares the annotation in the attribute with the desensitization field annotation, and when the annotation in the attribute is the same as the desensitization field annotation, the encrypting unit 304 encrypts a value of the attribute. Through the Java reflection technology, sensitive information is encrypted, and the risk of key information leakage can be reduced.
Referring to fig. 4, another apparatus for desensitizing information based on Java reflection in the present application includes:
the creating unit 401 includes:
a first creating module 4011, configured to create an enumeration class, where a desensitization type field is defined in the enumeration class;
a second creating module 4012, configured to create an annotation class, where an enumerated variable is defined in the annotation class, and the enumerated variable is a desensitized data type;
a third creating module 4013, configured to create a basic data template class, where fields to be desensitized and desensitized field annotations are defined in the basic data template class;
a fourth creating unit 4014, configured to create a tool class according to the enumeration class, the annotation class, and the basic data template class, where the tool class includes a field encryption method and an assembly desensitization field annotation;
the acquisition unit 402 includes:
a first obtaining module 4021, configured to obtain an attribute of a data source through Java reflection;
a determining module 4022, configured to determine a minimum attribute by recursively invoking a desensitization processing method when an attribute of a data source is an object or a set, where the desensitization processing method is included in a tool class;
a second obtaining module 4023, configured to obtain an annotation with a minimum attribute;
the comparison unit 403 includes:
a comparison module 4031 for comparing the annotation of the minimum attribute with the assembly desensitization field annotation;
an encryption unit 404, configured to invoke a field encryption method to encrypt the value of the attribute when the annotation on the attribute of the data source is the same as the assembly desensitization field annotation;
and a returning unit 405, configured to return the ciphertext information to the data source.
In this embodiment, the fourth creating unit 4014 may create a tool class according to an enumerated class, an annotation class, and a basic data template class, where the tool class includes a field encryption method and is equipped with a desensitization field annotation, the first obtaining module 4021 obtains an attribute of a data source through Java reflection, when the obtained attribute of the data source is an object or a set, the determining module 4022 determines a minimum attribute by recursively calling a desensitization processing method, then the second obtaining module 4023 obtains an annotation of the minimum attribute, after obtaining the annotation in the minimum attribute, the comparing module 4031 compares the annotation in the minimum attribute with the desensitization field annotation, and when the annotation in the attribute is the same as the desensitization field annotation, the encrypting unit 404 encrypts a value of the attribute, and the returning unit 405 returns the obtained ciphertext information to the data source after encryption. Through the Java reflection technology, sensitive information is encrypted, and the risk of key information leakage can be reduced.
Referring to fig. 5, a schematic diagram of information desensitization based on Java reflection in the embodiment of the present application includes:
a central processing unit 502, a memory 501, an input/output interface 503, a wired or wireless network interface 504 and a power supply 505;
the memory 501 is a transient storage memory or a persistent storage memory;
the central processor 502 is configured to communicate with the memory 501 and execute the instruction operations in the memory 501 to perform the steps in any of the embodiments shown in fig. 1-2.
The embodiment of the application provides a computer-readable storage medium, which comprises instructions, and when the instructions are executed on a computer, the instructions cause the computer to execute a method corresponding to any one of the embodiments in fig. 1 to fig. 2.
It is clear to those skilled in the art that, for convenience and brevity of description, the specific working processes of the above-described systems, apparatuses and units may refer to the corresponding processes in the foregoing method embodiments, and are not described herein again.
In the several embodiments provided in the present application, it should be understood that the disclosed system, apparatus and method may be implemented in other manners. For example, the above-described apparatus embodiments are merely illustrative, and for example, the division of the units is only one logical division, and other divisions may be realized in practice, for example, a plurality of units or components may be combined or integrated into another system, or some features may be omitted, or not executed. In addition, the shown or discussed mutual coupling or direct coupling or communication connection may be an indirect coupling or communication connection through some interfaces, devices or units, and may be in an electrical, mechanical or other form.
The units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one place, or may be distributed on a plurality of network units. Some or all of the units can be selected according to actual needs to achieve the purpose of the solution of the embodiment.
In addition, functional units in the embodiments of the present application may be integrated into one processing unit, or each unit may exist alone physically, or two or more units are integrated into one unit. The integrated unit can be realized in a form of hardware, and can also be realized in a form of a software functional unit.
The integrated unit, if implemented in the form of a software functional unit and sold or used as a stand-alone product, may be stored in a computer readable storage medium. Based on such understanding, the technical solution of the present application may be substantially implemented or contributed to by the prior art, or all or part of the technical solution may be embodied in a software product, which is stored in a storage medium and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present application. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a read-only memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and the like.

Claims (10)

1. A method for information desensitization based on Java reflection, comprising:
creating a tool class, wherein the tool class comprises a field encryption method and an assembly desensitization field annotation;
obtaining annotations on the attributes of the data source through Java reflection;
comparing annotations on attributes of the data source with the assembly desensitization field annotations;
and when the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field, calling the field encryption method to encrypt the value of the attribute.
2. The method for information desensitization based on Java reflection according to claim 1, wherein said creating tool classes comprises:
creating an enumeration class, wherein a desensitization type field is defined in the enumeration class;
creating an annotation class, wherein an enumeration variable is defined in the annotation class, and the enumeration variable is a desensitization data type;
creating a basic data template class, wherein fields to be desensitized and desensitization field annotations are defined in the basic data template class;
and creating the tool class according to the enumeration class, the annotation class and the basic data template class.
3. The method for information desensitization based on Java reflection according to claim 1, wherein said obtaining annotations on properties of data sources via Java reflection comprises:
acquiring the attribute of a data source through Java reflection;
when the attribute of the data source is an object or a set, determining the minimum attribute by recursively calling a desensitization processing method, wherein the desensitization processing method is contained in the tool class;
obtaining an annotation of the minimum attribute;
the comparing annotations on properties of the data source to the assembly desensitization field annotations includes:
comparing the minimum attribute annotation to the assembly desensitization field annotation.
4. The method for information desensitization based on Java reflection according to claim 1, wherein said invoking said field encryption method to encrypt the value of said attribute comprises:
and calling a field encryption method to replace the value of the attribute with a preset character for encryption processing to obtain the ciphertext information.
5. The method for information desensitization based on Java reflection according to claim 1, wherein said invoking said field encryption method to encrypt the value of said attribute comprises:
and calling a field encryption method to carry out hash encryption processing on the value of the attribute to obtain the ciphertext information.
6. The method for information desensitization based on Java reflection according to claim 1, wherein said invoking said field encryption method to encrypt the value of said attribute comprises:
and calling a desensitization field encryption method to encrypt the field needing desensitization through a key to obtain the ciphertext information.
7. A method for information desensitization based on Java reflections according to any of claims 4 to 6, wherein said method further comprises:
and returning the ciphertext information to the data source.
8. An apparatus for information desensitization based on Java reflection, comprising:
the system comprises a creating unit, a processing unit and a processing unit, wherein the creating unit is used for creating a tool class which contains a field encryption method and assembly desensitization field annotation;
an acquisition unit for acquiring annotations on attributes of the data source through Java reflection;
a comparison unit for comparing annotations on properties of the data source with the assembly desensitization field annotations;
and the encryption unit is used for calling the field encryption method to encrypt the value of the attribute when the annotation on the attribute of the data source is the same as the annotation of the assembly desensitization field.
9. An apparatus for information desensitization based on Java reflection, comprising:
the system comprises a central processing unit, a memory, an input/output interface, a wired or wireless network interface and a power supply;
the memory is a transient memory or a persistent memory;
the central processor is configured to communicate with the memory and execute the instructions in the memory to perform the method of any of claims 1 to 7.
10. A computer-readable storage medium comprising instructions that, when executed on a computer, cause the computer to perform the method of any of claims 1 to 7.
CN202111368226.3A 2021-11-18 2021-11-18 Method, device and storage medium for desensitizing information based on Java reflection Pending CN114239051A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN202111368226.3A CN114239051A (en) 2021-11-18 2021-11-18 Method, device and storage medium for desensitizing information based on Java reflection

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN202111368226.3A CN114239051A (en) 2021-11-18 2021-11-18 Method, device and storage medium for desensitizing information based on Java reflection

Publications (1)

Publication Number Publication Date
CN114239051A true CN114239051A (en) 2022-03-25

Family

ID=80749926

Family Applications (1)

Application Number Title Priority Date Filing Date
CN202111368226.3A Pending CN114239051A (en) 2021-11-18 2021-11-18 Method, device and storage medium for desensitizing information based on Java reflection

Country Status (1)

Country Link
CN (1) CN114239051A (en)

Similar Documents

Publication Publication Date Title
CN110727954B (en) Data authorization desensitization automation method, device and storage medium
CN106778288B (en) A kind of method and system of data desensitization
US7974942B2 (en) Data masking system and method
US20120259877A1 (en) Methods and systems for runtime data anonymization
US9323948B2 (en) De-identification of data
EP2653984A1 (en) Method and system for anonymizing data during export
EP2660719A1 (en) On-demand database service system, method, and computer program product for verifying that a developed application will operate properly with at least one other application
US7676470B2 (en) Self discovering adaptive security system and method
US20190205869A1 (en) Anonymization of data fields in transactions
WO2019071967A1 (en) Method and program for masking sensitive information, application server, and computer readable storage medium
CN111737746A (en) Method for desensitizing dynamic configuration data based on java annotation
CN114297704A (en) Data desensitization method and device, storage medium and electronic equipment
CN110795741A (en) Method and device for carrying out security processing on data
CN114925338A (en) Compiling method, device, equipment, medium and product
CA3023737C (en) Processing application programming interface (api) queries based on variable schemas
US20220019687A1 (en) Systems for and methods of data obfuscation
US20230334160A1 (en) Systems and methods for software security analysis
CN114239051A (en) Method, device and storage medium for desensitizing information based on Java reflection
CN116226921A (en) Desensitization processing method and device
WO2022233236A1 (en) Secure data analytics
CN114444028B (en) Method, device, computer equipment and storage medium for improving code security
US11748458B2 (en) Systems and methods for a governance engine
US11176275B2 (en) De-identifying source entity data
CN113297622A (en) Log desensitization method, system, electronic equipment and storage medium
TWI620134B (en) Integration device and integration method thereof

Legal Events

Date Code Title Description
PB01 Publication
PB01 Publication
SE01 Entry into force of request for substantive examination
SE01 Entry into force of request for substantive examination