Re: [protobuf] Re: Google Cloud Security - Redact Keyword?

[Josh Humphries]

There is no built-in way to do this.

However, you can create your own custom options and use those to annotate
sensitive fields/messages whose contents should be redacted.

Related: https://github.com/protocolbuffers/protobuf/issues/1160


*Josh Humphries*
jh...@bluegosling.com


On Thu, Oct 28, 2021 at 3:27 PM 'Mike Vacirca' via Protocol Buffers <
protobuf@googlegroups.com> wrote:

> Pinging again on this item - is this the right forum to ask this type of
> question?
>
> On Tue, Oct 19, 2021 at 10:20 AM Mike Vacirca  wrote:
>
>> Hello,
>>
>> I was curious if there was ever discussion on extending Protocol Buffers
>> to include coverage for redaction of a data field?
>>
>> Specifically, we are looking at the use case of a developer having a
>> keyword available to them that would allow data classification services,
>> logging services, et. al. to be able to read a particular data field as
>> requiring redaction due to core customer content (or other data
>> classification state) and filtering out the contents during
>> archival/transmission/etc.
>>
>> Or if this would be the wrong approach, are there areas that may be the
>> right technical approach to "shift left" the annotation of parameters
>> earlier in the cycle during coding?
>>
>> We are looking at ways to improve the current workflow in GCP which
>> requires us to  track and annotate data between RPC services in production
>> using manual annotation from engineers post-development.
>>
>
>
> --
>
> *Michael Vacirca*
>
> 718-938-9424
>
> Senior Engineering Manager, Regulated Cloud
>
> Google Cloud
>
> --
> You received this message because you are subscribed to the Google Groups
> "Protocol Buffers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to protobuf+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/protobuf/CAPvXYq1eGgNpf2KF%3D68wO4mLMwwRHMGe-%3DzE4fq4yCzTLOkGXA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Protocol Buffers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to protobuf+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/protobuf/CAO78j%2BLtWBNXRbbAdnRD_-mJHJeENk3-i%2B7-HEMXey-Y0zf%3D9g%40mail.gmail.com.

Re: [protobuf] Re: Google Cloud Security - Redact Keyword?

[Austin Bennett]

Does protobuf really need to be extended to accommodate this?  This seems
potentially/reasonably straightforwardly handled via annotations (as I
currently understand your needs).

Separately, i think I recall seeing something in a golang package
sometimein the last ~year (which had also existed in java).  I'd have to
look up the specifics (currently on my phone).

@mike - dm me at aus...@bamboozoology.org if you want to schedule a time to
discuss this in the next week or so.



On Thu, Oct 28, 2021, 12:27 PM 'Mike Vacirca' via Protocol Buffers <
protobuf@googlegroups.com> wrote:

> Pinging again on this item - is this the right forum to ask this type of
> question?
>
> On Tue, Oct 19, 2021 at 10:20 AM Mike Vacirca  wrote:
>
>> Hello,
>>
>> I was curious if there was ever discussion on extending Protocol Buffers
>> to include coverage for redaction of a data field?
>>
>> Specifically, we are looking at the use case of a developer having a
>> keyword available to them that would allow data classification services,
>> logging services, et. al. to be able to read a particular data field as
>> requiring redaction due to core customer content (or other data
>> classification state) and filtering out the contents during
>> archival/transmission/etc.
>>
>> Or if this would be the wrong approach, are there areas that may be the
>> right technical approach to "shift left" the annotation of parameters
>> earlier in the cycle during coding?
>>
>> We are looking at ways to improve the current workflow in GCP which
>> requires us to  track and annotate data between RPC services in production
>> using manual annotation from engineers post-development.
>>
>
>
> --
>
> *Michael Vacirca*
>
> 718-938-9424
>
> Senior Engineering Manager, Regulated Cloud
>
> Google Cloud
>
> --
> You received this message because you are subscribed to the Google Groups
> "Protocol Buffers" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to protobuf+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/protobuf/CAPvXYq1eGgNpf2KF%3D68wO4mLMwwRHMGe-%3DzE4fq4yCzTLOkGXA%40mail.gmail.com
> 
> .
>

-- 
You received this message because you are subscribed to the Google Groups 
"Protocol Buffers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to protobuf+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/protobuf/CAEbFGqtb-2Trehcocnobfz9S3FTj9miyfvNbN4VPgbGQd-0Jkg%40mail.gmail.com.

[protobuf] Re: Google Cloud Security - Redact Keyword?

['Mike Vacirca' via Protocol Buffers]

Pinging again on this item - is this the right forum to ask this type of
question?

On Tue, Oct 19, 2021 at 10:20 AM Mike Vacirca  wrote:

> Hello,
>
> I was curious if there was ever discussion on extending Protocol Buffers
> to include coverage for redaction of a data field?
>
> Specifically, we are looking at the use case of a developer having a
> keyword available to them that would allow data classification services,
> logging services, et. al. to be able to read a particular data field as
> requiring redaction due to core customer content (or other data
> classification state) and filtering out the contents during
> archival/transmission/etc.
>
> Or if this would be the wrong approach, are there areas that may be the
> right technical approach to "shift left" the annotation of parameters
> earlier in the cycle during coding?
>
> We are looking at ways to improve the current workflow in GCP which
> requires us to  track and annotate data between RPC services in production
> using manual annotation from engineers post-development.
>


-- 

*Michael Vacirca*

718-938-9424

Senior Engineering Manager, Regulated Cloud

Google Cloud

-- 
You received this message because you are subscribed to the Google Groups 
"Protocol Buffers" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to protobuf+unsubscr...@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/protobuf/CAPvXYq1eGgNpf2KF%3D68wO4mLMwwRHMGe-%3DzE4fq4yCzTLOkGXA%40mail.gmail.com.