GLPI Network

# GLPI Network - Anonymization plugin

[README Français](https://services.glpi-network.com/documentation/1688/file/README_FR.md)

![GLPI Network Anonymization](https://services.glpi-network.com/documentation/1688/download_file/main/docs/screenshots/anonymize.png)

This plugin will allow the data anonymization in GLPI, directly from the web interface or with the command line, either unitarily or massively.

## Anonymization profiles

To choose which elements and attributes to anonymize, it's possible to configure "anonymization profiles".

Each profile determine:

1. The type of element to which it applies (e.g. "User", "Computer");

2. For each element fields (e.g.: "Name", "First name", "Serial number", "Place", "Status", etc ...), the strategy to apply among:
   - keep the value,
   - delete the value,
   - replace with a fixed value,
   - replace with a standard random value,
   - replace with a realistic random value;
3. The choice of the treatment to apply to the history of the element among:
   - delete the history,
   - deleting the history beyond a defined period and anonymization of the rest,
   - complete anonymization of the history;
4. The fields list for which the value must be searched for and replaced by third-party elements (e.g. descriptions of tickets and follow-ups, notes);

5. If this profile is the default profile to apply to the concerned type of element.

Default profiles are pre-configured when installing the plugin for the elements most likely to be anonymized: "User", "Computer".

## Anonymization in "Massive Action”

An "Anonymize" action is proposed within the massive actions in the various lists of GLPI.

If the selection of items to anonymize is greater than or equal to 5, a message is displayed advising to use command line anonymization (for better performance, or to have unlimited processing time).

This massive action is made up of the following steps:

1. choice of anonymization profile to use,

2. entry of values for the fields whose defined strategy is "replacement by a fixed value" (the default value entered in the profile is pre-filled).

## Anonymization in "Command Line" (CLI)

After installation and activation of the plugin, a command is added to the GLPI CLI console (bin / console) in order to be able to offer either a processing of one or more types of elements in a single operation, or a similar targeted processing to that proposed in massive actions.

Running all default profiles on all objects:
`glpi:plugin:anonymize --all`

Execution of profile X on all objects / on one object
`glpi:plugin:anonymize --profile=X`
`glpi:plugin:anonymize --profile=X --item-id=X`

Execution of the default profile of type X on all objects / on one object
`glpi:plugin:anonymize --itemtype=X`
`glpi:plugin:anonymize --itemtype=X --item-id=X` 

## Generate standard random values

For selected attributes choosing "random values" generate unrealistic data based on the data type on the database side.

Examples:

- If ```TINYINT```, a random boolean is generated;
- If ```INT``` in database, a random integer is generated;
- If ```VARCHAR``` in database, a (non-readable) sentence is generated;
- If ```TEXT``` in database, a text (non-readable) composed of one or more paragraphs is generated;
- If ```DATETIME``` in database, a date + time is generated;
- Etc.

## Generate realistic random values

The generation of "realistic" random values is based on the fzaninotto/Faker component that offers generation functions for a large number of data typologies, including names, addresses, e-mail, telephone, IP.

The plugin in its first version contains only the following realistic random typologies:

| Field | Typology |
| -------- | -------- |
| glpi_x.serial | Base.randomAscii |
| glpi_x.otherserial | Barcode.ean13 |
| glpi_x.uuid | Uuid.uuid |
| glpi_contacts.name | Person.name |
| glpi_contacts.firstname | Person.firstName |
| glpi_contacts.phone | PhoneNumber.e164PhoneNumber |
| glpi_contacts.phone2 | PhoneNumber.e164PhoneNumber |
| glpi_contacts.mobile | PhoneNumber.e164PhoneNumber |
| glpi_contacts.fax | PhoneNumber.e164PhoneNumber |
| glpi_contacts.email | Internet.email |
| glpi_contacts.address | Address.streetAddress |
| glpi_contacts.postcode | Address.postcode |
| glpi_contacts.town | Address.city |
| glpi_contacts.state | Address.state |
| glpi_contacts.country | Address.country |
| glpi_networkports.ip | Internet.ipv4 |
| glpi_networkports.mac | Internet.macAddress |
| glpi_phones.number_line | PhoneNumber.e164PhoneNumber |
| glpi_users.name | Internet.userName |
| glpi_users.password | Internet.password |
| glpi_users.phone | PhoneNumber.e164PhoneNumber |
| glpi_users.phone2 | PhoneNumber.e164PhoneNumber |
| glpi_users.mobile | PhoneNumber.e164PhoneNumber |
| glpi_users.realname | Person.name |
| glpi_users.firstname | Person.firstName |
| glpi_users.language | Miscellaneous.locale |
| glpi_useremails.email | Internet.email |

## Replacing values in third-party items

The usefulness, complexity and reliability of the replacement values in third-party elements differs greatly according to the typology of the fields, so the processing will be defined in a unitary way as specified in the following table.

Outside the defined fields no replacement will be done.

| Field | Operation |
| -------- | -------- |
| lastname + firstname | search for the pair name + first name or first name + last name, without taking into account the case, only if the two fields have a valid value (no replacement of the first name alone or of the last name alone) |
| e-mail | search for the exact address or username (ex: `j.smith @ domain.org` or` j.smith`) |
| phonenumber | search for the numerical sequence with or without the commonly used separators (ex: `0067983204` or` 00 67 98 32 04` or `00.67.98.32.04` or` 00-67-98-32-04`) |
| street name / number | find the exact value |
| town (address) | find the exact value |
| IP address | find the exact value |
| MAC address | find the exact value |

This process analyze all VARCHAR / TEXT fields in the database, except for the history table that will be processed in a specific way. The processing can therefore be long on a large database.

## History processing

When a value is anonymized, processing is performed in the history of the element concerned to update, if there are any, the corresponding history entries.

## Limitations

Anonymization will not be able to process freely entered values in third-party elements that don't exactly match the initial value that has been moved.

For example :

if the anonymization is done for a user whose name is "Jean de La Fontaine"
a value such as "Jean de Lafontaine" will not be recognized and therefore not replaced.
The generation of random values on foreign keys (excluding titles) will not be proposed, in order to avoid altering third-party elements and generating orphan entries in the database.

## To contribute

You want to contribute to the development of this plugin? Contact us in your customer area.

[[toc]]