This project is read-only.

Anonymization method numeqlen is easily cracked


Currently there's an easy to crack anonymization method for numbers called numeqlen which basically exchanges a 1 for a 9, a 2 for an 8 etc. This was a workaround for the implementation of the real requirement:

What's required is a replacement list that is managed by a system administrator who's allowed to see production data and who will provide the anonymized data to the development team. This system administrator will use this project's utilities to anonymize the data and provide it to a developer team.

The replacement list is a simple from=to translation list and can be implemented as either a file or a database table.


FrankvdnThillart wrote May 7, 2015 at 2:50 PM

My solution is to make a new descendant AnonymizationCachePersistent from the AnonymizationCache classes that can be configured by XML files that have the same name as the anonymization method used. For example, for the numeqlen method, the configuration filename is 'numeqlen.xml'.
An instance of the new anonymizationcachePersistent class will be filled from a datasource, either a file or a database table.
If there's a value that's not in the list, an exception will be raised that logs the unknown value or stops the anonymization based on the configuration file

this means new anonymizationMethods will be added:
  • NumReplace
  • DateReplace
  • TextReplace
Each will use the new class.

FrankvdnThillart wrote May 28, 2015 at 2:01 PM

Assigned this workitem to Korkramaa