A data asset active management system, computing device and storage medium

Abstract

The application relates to the technical field of data processing, and discloses a data asset active management system, which comprises a whole life cycle management component configured to perform whole life cycle management on various subject attributes of data assets; a control management component configured to manage the use process of the data assets; a log evidence management component configured to manage various logs generated by the data asset active management system in the use process; and an interface management component configured to manage the communication interface of the data asset active management system. The application also discloses a computing device and a storage medium.

Description

Technical Field

[0001] This application relates to the field of data processing technology, such as a proactive data asset management system, computing device, and storage medium. Background Technology

[0002] Currently, with the deepening of the digital transformation of the manufacturing industry, data, as a new production factor, is bound to play a greater role. As stated in the Data Security Law, ensuring the orderly flow of data, cultivating the data trading market, and strengthening the protection of important data are becoming necessary tasks for the "last mile" of data value realization. As an information resource, data has two key characteristics that make it an asset: it can bring economic benefits to enterprises and its costs and benefits can be measured. Compared with traditional tangible and intangible assets, data assets have the characteristics of being non-physical, dependent, diverse, processable, having volatile value, being derivable multiple times, being shareable, and being replicable at zero cost.

[0003] In the process of implementing the embodiments of this disclosure, at least the following problems were found in the related art:

[0004] Due to the many characteristics of data assets, there are problems such as poor quality, difficulty in data interoperability, high acquisition costs, difficulty in ensuring security, and complexity in confirming ownership and valuation transactions. A technical system for data sharing, circulation, trading and security protection has not yet been formed, which makes the realization of data value face bottlenecks. Summary of the Invention

[0005] To provide a basic understanding of some aspects of the disclosed embodiments, a brief summary is given below. This summary is not intended as a general commentary, nor is it intended to identify key / important components or describe the scope of protection of these embodiments, but rather as a prelude to the detailed description that follows.

[0006] This disclosure provides a proactive data asset management system, computing device, and storage medium to manage and control data assets, fully leverage the strategic resource role and innovation engine role of data, and promote the value realization of data assets.

[0007] In some embodiments, the proactive data asset management system includes:

[0008] The full lifecycle management component is configured to manage the full lifecycle of various subject attributes of data assets;

[0009] The control and management components are configured to manage the use of data assets;

[0010] The log storage and management component is configured to manage various logs generated during the use of the data asset proactive management system;

[0011] The interface management component is configured to manage the communication interfaces of the proactive data asset management system.

[0012] Optionally, the full lifecycle management component is specifically configured as follows:

[0013] Manage data sovereignty, data history, and data quality of data assets.

[0014] Optionally, the full lifecycle management component is specifically configured as follows:

[0015] Manage the data types, data levels, and data standards of data assets.

[0016] Optionally, the full lifecycle management component is specifically configured as follows:

[0017] Manage the data value, data sharing, and smart contracts of data assets.

[0018] Optionally, the control management component is specifically configured as follows:

[0019] Manage the usage permissions, access control, and contract settings of data assets.

[0020] Optionally, the control management component is specifically configured as follows:

[0021] Manage the use of data assets, including usage control, usage patterns, collaboration modes, and security scanning of the usage environment.

[0022] Optionally, the log evidence management component is specifically configured as follows:

[0023] Manage the internal logs, data operation logs, and collaborative logs with other data asset management systems of the proactive data asset management system.

[0024] Optionally, the interface management component is specifically configured as follows:

[0025] Manage the communication interfaces between at least two proactive data asset management systems, as well as the communication interfaces between the proactive data asset management system and the data assets.

[0026] In some embodiments, the computing device includes a processor and a memory storing program instructions, the processor being configured to implement the proactive data asset management system as described in this application when executing the program instructions.

[0027] In some embodiments, the storage medium stores program instructions that, when executed, implement the proactive data asset management system as described in this application.

[0028] The data asset proactive management system, computing device, and storage medium provided in this disclosure can achieve the following technical effects:

[0029] This application achieves full lifecycle management and effective governance of data assets by loading identity tags and subject full lifecycle management components, control management components, log storage and evidence management components, and interface management components and their attribute functions. It solves problems such as poor data quality, difficulty in data interoperability, high acquisition costs, difficulty in security, and complexity in ownership confirmation and valuation transactions, and forms a technical system for data sharing, circulation, transaction and security protection.

[0030] The above general description and the description below are exemplary and illustrative only and are not intended to limit this application. Attached Figure Description

[0031] One or more embodiments are illustrated by way of example with reference to the accompanying drawings. These illustrations and drawings do not constitute a limitation on the embodiments. Elements having the same reference numerals in the drawings are shown as similar elements. The drawings are not to be scaled. And wherein:

[0032] Figure 1 This is a schematic diagram of the functional architecture of AAS-DA provided in this application;

[0033] Figure 2 This is a flowchart illustrating a data asset management method provided in this application;

[0034] Figure 3 This is a flowchart illustrating another data asset management method provided in this application;

[0035] Figure 4 This is a flowchart illustrating another data asset management method provided in this application;

[0036] Figure 5 This is a flowchart illustrating another data asset management method provided in this application;

[0037] Figure 6 This is a flowchart illustrating another data asset management method provided in this application;

[0038] Figure 7 This is a flowchart illustrating another data asset management method provided in this application;

[0039] Figure 8 This is a flowchart illustrating another data asset management method provided in this application;

[0040] Figure 9 This is a schematic diagram of an AAS-DA system architecture provided in this application;

[0041] Figure 10 This is a flowchart illustrating a data asset usage control method provided in this application;

[0042] Figure 11 This is a flowchart illustrating another method for controlling the use of data assets provided in this application;

[0043] Figure 12 This is a flowchart illustrating another method for controlling the use of data assets provided in this application;

[0044] Figure 13 This is a flowchart illustrating another method for controlling the use of data assets provided in this application;

[0045] Figure 14 This is a flowchart illustrating another method for controlling the use of data assets provided in this application;

[0046] Figure 15 This is a flowchart illustrating another method for controlling the use of data assets provided in this application;

[0047] Figure 16 This is a flowchart illustrating another method for controlling the use of data assets provided in this application;

[0048] Figure 17 This is a schematic diagram of a computing device provided in this application. Detailed Implementation

[0049] To provide a more detailed understanding of the features and technical content of the embodiments of this disclosure, the implementation of the embodiments of this disclosure will be described in detail below with reference to the accompanying drawings. The accompanying drawings are for illustrative purposes only and are not intended to limit the embodiments of this disclosure. In the following technical description, for ease of explanation, several details are used to provide a full understanding of the disclosed embodiments. However, one or more embodiments may still be implemented without these details. In other cases, well-known structures and devices may be simplified in their depiction to simplify the drawings.

[0050] The terms "first," "second," etc., used in the specification, claims, and accompanying drawings of this disclosure are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate for the embodiments of this disclosure described herein. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover non-exclusive inclusion.

[0051] Unless otherwise stated, the term "multiple" means two or more.

[0052] In this embodiment of the disclosure, the character " / " indicates that the objects before and after it are in an "or" relationship. For example, A / B means: A or B.

[0053] The term "and / or" describes an association between objects, indicating that three relationships can exist. For example, A and / or B means: A or B, or A and B.

[0054] The term "correspondence" can refer to an association or binding relationship. The correspondence between A and B means that there is an association or binding relationship between A and B.

[0055] First, the technical terms used in this application will be explained:

[0056] AAS-DA (Active Administration System-Data Asset) is an active data asset management system that enables full lifecycle management and usage control of data assets.

[0057] DA (Data-Asset): Refers to a data asset, used to identify a data asset.

[0058] API (Application Programming Interface) refers to the connection interface, and in this application, it refers to the interface in the Data Asset Active Management System AAS-DA.

[0059] In related technologies, data assets possess many characteristics and face numerous challenges. According to PwC's definition, compared to traditional tangible and intangible assets, data assets are characterized by their non-physical nature, reliance on external entities, diversity, processability, and volatile value. China Everbright Bank and the Outlook Think Tank have further added multiple aspects of derivability, shareability, and zero-cost replicability, specifically:

[0060] Non-practical: It does not have a physical form and exists on a physical carrier; it does not wear out or get consumed due to use; it can be used indefinitely during its existence.

[0061] Dependency: It must be stored in a certain medium; it can exist in different forms on multiple media simultaneously.

[0062] Diversity: Diverse forms of expression; diverse forms of integration; uncertain usage methods.

[0063] Value volatility: Value is affected by a variety of different factors, including technology, capacity, value density, and the business model of the application.

[0064] Processability: It can be maintained, updated, supplemented, and added; it can be deleted, merged, aggregated, and redundant eliminated; it can be analyzed, refined, and mined.

[0065] Multiple derivability: This refers to the fact that the same data subject can be processed in multiple levels and dimensions, thereby generating different levels of data value, enabling multi-level and multi-dimensional mining of the potential value of data assets and enriching data assets.

[0066] Shareability: This refers to the fact that data assets can be exchanged, transferred, and used indefinitely. By leveraging its shareability, the value of data assets can be maximized.

[0067] Zero-cost replicability: This means that the cost of data assets is mainly in the early stages of data acquisition and research and development. Therefore, the cost of creating data assets is extremely high, but the marginal cost of subsequent replication and sharing approaches zero.

[0068] Therefore, the many characteristics of data assets make it difficult to confirm ownership and conduct valuation transactions. This application aims to manage and constrain the aforementioned characteristics of data assets.

[0069] Meanwhile, two key characteristics of data as an asset are its ability to bring economic benefits to enterprises and the measurability of costs and benefits. The bottlenecks in realizing the value of data mainly include inadequate quality, difficulty in data interoperability, high acquisition costs, and difficulty in ensuring security. Data assets need to be managed through the following dimensions, including:

[0070] Data standards management: Normative constraints that ensure the consistency and accuracy of data use and exchange both internally and externally.

[0071] Metadata management: extracting abstract information from data, tracing data, and exploring the relationships between data.

[0072] Data quality management: Improve data quality and enhance the level of data application and services.

[0073] Data security management: Classify data security levels, formulate data security management standards, and ensure that data is "manageable before it happens, controllable during it, and traceable after it happens".

[0074] Data value management: data cost management and data revenue management, optimizing and maximizing the release of data value.

[0075] Data sharing management: Realize the release of internal and external value of data through internal data sharing, external data circulation, and external access.

[0076] This demonstrates the problems and challenges faced by data assets in sharing, including transparency, accessibility, standardization, security, and data integrity. Specifically:

[0077] Transparency: refers to the openness of all parties involved in data asset sharing to provide all the information needed for a successful data sharing partnership.

[0078] Accessibility: refers to the ability of any party to access the data it needs when it needs to.

[0079] Standardization: refers to the consistent legal, technical and other measures that should be adopted by all stakeholders in the data sharing process.

[0080] Security and data integrity: refers to the implementation of measures and mechanisms aimed at protecting information and data in order to achieve a secure environment for data sharing.

[0081] Therefore, in combination Figure 1 As shown, this application provides a proactive data asset management system (AAS-DA) for the full lifecycle management of data assets, as well as the execution supervision, control, and management during use. Each data asset has a corresponding AAS-DA, thus elevating data assets from passive to proactive assets. The AAS-DA can define, configure, and update the attribute information of data assets, record full lifecycle information, and perform the highest priority operations on data assets, including but not limited to de-identification, encryption, termination, and destruction. When data assets are processed, the AAS-DA can record the processing process and terminate and / or destroy the data assets if they fail to meet data asset security requirements and other constraints. When a data asset is copied, a new AAS-DA is generated, and the AAS-DA of the copied data asset is associated with the AAS-DA of the original data asset.

[0082] Optionally, the AAS-DA of this application supports all types of data assets, including but not limited to streaming data, event data, engineering drawings, videos, algorithms, machine learning models, or knowledge graphs.

[0083] Optionally, to ensure transparency in data asset sharing, circulation, and trading, and to ensure all stakeholders are aware of relevant information, AAS-DA can be further divided into AAS-DA-supplier, AAS-DA-user, and AAS-DA-public based on the rights and interests of different stakeholders. These three types of AAS-DA for the same data asset are interconnected and can be merged under necessary conditions. AAS-DA-supplier has the highest authority and can read all content in AAS-DA-user and AAS-DA-public. The content specified in AAS-DA-user and AAS-DA-public must be a subset of that in AAS-DA-supplier.

[0084] Combination Figure 1As shown, the functional architecture of the Data Asset Active Management System (AAS-DA) in this application consists of "identity tags" and "subjects". The identity tag is a globally unique identifier for the data asset and the AAS-DA; the subject includes: the full lifecycle management components for the data asset, the control management components, the log storage and evidence management components, and the interface management components, along with their corresponding attributes.

[0085] In the embodiments of this application, the full lifecycle management component is configured to perform full lifecycle management of various subject attributes of data assets. These subject attributes include data sovereignty, data history, data quality, data type, data level, data standard, data value, data sharing, and contracts, etc., to achieve management of data sovereignty, data history, data quality, data type, data level, data standard, data value, data sharing, and smart contracts of data assets. The detailed content of each attribute structure is shown in Table 1.

[0086] Table 1: Detailed Attribute Table of Data Assets Throughout Their Lifecycle

[0087]

[0088]

[0089] This allows for better management of data assets throughout their entire lifecycle.

[0090] In the embodiments of this application, the control management component is configured to manage the usage process of data assets, specifically including attributes such as permission management, access control, contract settings, usage control, usage mode, collaboration mode, and security scanning of the usage environment, so as to manage the permissions, access control, contract settings, usage control, usage mode, collaboration mode, and security scanning of the usage environment of data assets.

[0091] Specifically, access control manages user access to and use of data assets, ensuring that users can only access data assets they are authorized to access, according to security rules or policies. Access control includes two parts: user authentication and authorization, referred to as authentication and authorization. Users who need to access / use controlled data assets must first undergo authentication. Only after successful authentication can the user have the necessary access / use permissions for that resource.

[0092] Access control includes settings, operation, monitoring, and interruption. Settings mainly involve configuring access control modes, subjects, behaviors, resources, and environment. Access control modes generally take the following forms: discretionary access control, command access control, role-based access control, attribute-based access control, or other types of access control; subjects include server administrators, data holders, contracted data users, uncontracted data users, and other roles; behaviors include read, write, copy, and delete actions; resources mainly refer to the attributes of data assets in the entire lifecycle management of data assets; the environment refers to the time, location, and other environmental factors where data transactions occur. Interruptions are mainly divided into active interruptions and passive interruptions.

[0093] Contract settings are mainly established after the data provider and data user reach an agreement, setting contract terms such as Value (hash value, the data's DNA / identity card), Address (connecting different clients), State (input: target state, such as usage time, number of times, etc.) and Function (output: executable strategy).

[0094] Usage control primarily involves monitoring the data asset usage process and identifying anomalies based on the relevant requirements set in the contract, as well as suspending data asset usage and destroying data assets. The data usage process is monitored in real-time through a monitor. When the user reaches a specific state (reaching a certain number of times, provider termination, user default), the executor invokes the executable policies in the contract's settings-Function to destroy, suspend, or pause the data asset.

[0095] Optionally, the usage modes generally include the following: regular usage, privacy computing mode, federated learning mode, encryption mode, and other custom modes.

[0096] Collaboration modes include merged collaboration and associated collaboration. When two or more AAS-DA suppliers enable collaboration mode, they will achieve synchronized management of data assets during data asset usage.

[0097] The security scan of the usage environment is mainly performed by AAS-DA-user before the data assets reach the data user. According to the requirements of the smart contract, the software and system layers of the usage environment are scanned for security, and the software that meets the requirements of the smart contract is marked with security.

[0098] The detailed attribute structure of the data asset control and management component is shown in Table 2:

[0099] Table 2: Detailed Attribute Table of Data Asset Management

[0100]

[0101]

[0102]

[0103] This allows for better use and control of data assets.

[0104] In the embodiments of this application, the log storage and management component is configured to manage various logs generated during the use of the data asset proactive management system. These logs primarily include internal logs, data operation logs, and collaborative logs with other data asset management systems. Specifically, this includes, but is not limited to, operations of various functional components within the AAS-DA-supplier, operations of the AAS-DA-supplier on data assets, operations on data assets sent by the AAS-DA-user to the AAS-DA-supplier, operations on replicated data or sub-data sent by other associated AAS-DA systems to the AAS-DA-supplier, and a time-ordered collection of these operation results. Each log file consists of log records, and each log record describes a single system event.

[0105] Typically, system logs are local logs of the AAS-DA-supplier that the data provider can directly read. These logs include a timestamp and a message or other information specific to the subsystem. Usage logs, on the other hand, are operation logs sent by the AAS-DA-user to the AAS-DA-supplier and AAS-DA-public during the data asset's operation by the data user. These logs generally need to be stored on a blockchain for future use in clearing, auditing, and regulatory processes.

[0106] In the embodiments of this application, the interface management component is configured to manage the communication interfaces of the data asset proactive management system. Specifically, the interface management component mainly manages the communication interfaces between at least two data asset proactive management systems, as well as the communication interfaces between the data asset proactive management system and the data assets.

[0107] The proactive data asset management system provided in this disclosure, by loading the full lifecycle management components of identity tags and subjects, control management components, log storage and evidence management components, and interface management components and their attribute functions, realizes the full lifecycle management and effective governance of data assets. It solves the problems of substandard data asset quality, difficulty in data interoperability, high acquisition costs, difficulty in security, and complexity in ownership confirmation and valuation transactions, and forms a technical system for data sharing, circulation, transaction and security protection.

[0108] In practical applications, such as Figure 2 As shown, this application provides a data asset management method applied to a proactive data asset management system AAS-DA, wherein the proactive data asset management system AAS-DA is divided into AAS-DA-supplier, AAS-DA-user, and AAS-DA-public, and the method includes:

[0109] Step 201: After the data asset is formed, the data provider creates an AAS-DA-supplier corresponding to the data asset and initializes the data asset configuration in the AAS-DA-supplier.

[0110] Step 202: The data provider saves the data asset information to be publicly disclosed in AAS-DA-supplier as the corresponding AAS-DA-public and uploads it to the intermediary service provider. The intermediary service provider publishes the information of AAS-DA-supplier through AAS-DA-public.

[0111] Step 203: The data user reads the publicly available data asset information in AAS-DA-public and enters into a smart contract with the data provider through AAS-DA-public.

[0112] Step 204: The data provider saves the AAS-DA-supplier as AAS-DA-user and sends the AAS-DA-user along with the preprocessed data assets to the data user.

[0113] Step 205: AAS-DA-user monitors the data asset usage process of the data user according to the smart contract and records all processing operation information of the data asset.

[0114] Step 206: If changes to the data assets reach the boundary conditions of the smart contract or if a violation of constraints occurs, AAS-DA-user terminates and / or destroys the data assets of the data user.

[0115] The data asset management method provided in this disclosure achieves full lifecycle management of data assets among data providers, data users, and intermediary service providers through AAS-DA, keeping data sovereignty in the hands of data providers and realizing the usability-invisibility, controllability-measurability, access control, and post-use destruction of data assets. This solves problems such as substandard data asset quality, difficulty in data interoperability, high acquisition costs, difficulty in security, and complexity in ownership confirmation and valuation transactions, forming a technical system for data sharing, circulation, trading, and security protection.

[0116] In the embodiments of this application, such as Figure 3 As shown, the initial configuration of data assets in the AAS-DA-supplier includes:

[0117] Step 301: Generate initial sovereignty information for the data asset in the AAS-DA-supplier, wherein the initial sovereignty information includes ownership information, time information, and location information of the data asset.

[0118] In the embodiments of the application, after the data asset is generated, the initial sovereignty information of the data asset is generated in the AAS-DA-supplier, including information such as the ownership, time, and location of the data asset generation, so as to facilitate data ownership confirmation.

[0119] Step 302: Define, set, and update various principal attributes of data assets through AAS-DA-supplier.

[0120] In the embodiments of the application, various attributes of data assets can be defined, set, and updated through AAS-DA-supplier, including data type, standards, specifications, laws and regulations followed by the data assets, quality level, security level requirements, etc.

[0121] Step 303: When data assets are copied or sub-data is generated, they are associated through their respective AAS-DA-suppliers.

[0122] In the embodiments of the application, when data assets are copied or sub-data is generated, they can be associated through their respective AAS-DA to facilitate traceability.

[0123] Step 304: De-identify or encrypt data assets using AAS-DA-supplier.

[0124] In the embodiments of the application, before the data assets are used, the AAS-DA-supplier can perform data anonymization on the data assets and encrypt the data according to the encryption algorithm requirements of the country and the enterprise.

[0125] Furthermore, during the use of data assets, the AAS-DA-user records all processing operation information for the data assets and provides feedback to the AAS-DA-supplier in real time or afterward. After learning about the processing status of the data assets, the AAS-DA-supplier can proactively issue termination / destruction commands to the AAS-DA-user, who can then invoke the operation script to terminate / destroy the data assets. In addition, AAS-DA can manage the physical carriers and storage media of the data assets.

[0126] This allows data providers to better control and protect their data assets.

[0127] In the embodiments of this application, such as Figure 4 As shown, the intermediary service provider publishes information about the AAS-DA-supplier through AAS-DA-public, including:

[0128] Step 401: The intermediary service provider generates a resource catalog based on the various subject attributes of AAS-DA-public, thereby realizing a centralized or distributed management model for data assets.

[0129] In the embodiments of the application, the resource catalog mainly includes the names of various resources and their metadata descriptions. The middleware service platform supports the sharing and trading of the following three types of resources: First, data assets, including but not limited to streaming data, event data, CAD drawings, videos, algorithms, models, digital twins, knowledge graphs, apps, API calls, etc. The metadata of data assets is stored in the full lifecycle management component of the corresponding AAS-DA-supplier's data assets; second, IT infrastructure, including but not limited to cloud computing, edge computing, computing power resources, communication resources, etc.; and third, trusted environment solutions, including but not limited to trusted environment solutions at the hardware, system, and software layers. Certified AAS-DAs and resources will be included in the resource catalog for management.

[0130] The data provider saves the information to be made public in AAS-DA-supplier as AAS-DA-public, and uploads it to the intermediary service provider. AAS-DA-public, which is approved by the intermediary service platform, is included in the resource catalog.

[0131] Step 402: The data user queries the data assets that meet the requirements by accessing the resource catalog of the intermediary service provider.

[0132] Step 403: The intermediary service provider pushes data assets to the data user based on the availability of data assets in the resource catalog.

[0133] In the embodiments of the application, data users can access the resource catalog of the intermediary service provider to query data assets and other resources that meet their requirements. Data users can also subscribe to resource catalog updates or fill in their needs for data assets and other resources that they are interested in. The intermediary service provider can then make precise recommendations based on the availability of data assets and other resources.

[0134] In this way, this application does not need to centralize the data assets themselves with an intermediary service provider, but only needs to manage AAS-DA-public and generate a resource catalog based on the various attribute information in AAS-DA-public, thereby realizing distributed management of data assets and centralized management of AAS-DA, reducing the risk of data assets and increasing the willingness of data providers to share data assets.

[0135] In the embodiments of this application, combined with Figure 5 As shown, the data user reads publicly available data asset information from AAS-DA-public and enters into a smart contract with the data provider through AAS-DA-public, including:

[0136] Step 501: One or more data providers whose data usage direction meets its needs initiate an invitation.

[0137] Step 502: The data provider that accepts the invitation will negotiate with the data user on the cooperation intention of data assets and write the negotiated content into AAS-DA-public.

[0138] Step 503: Configure the usage process of data assets and log evidence in AAS-DA-public.

[0139] In the embodiments of this application, the data user initiates an invitation to one or more data providers that meet its needs. The data provider accepting the invitation will negotiate with the data user regarding cooperation intentions on data assets, and the negotiated content will be written into the contract management attributes of the full lifecycle management component of AAS-DA-public's data assets. Simultaneously, in AAS-DA-public's data asset control management component, attributes such as permission management, access control, contract settings, usage control, usage mode, and collaboration mode are configured. Furthermore, AAS-DA-public's log storage records the time of the smart contract's completion and the information of the transacting parties.

[0140] In the embodiments of this application, such as Figure 6 As shown, the AAS-DA-user monitors the data asset usage process of the data user according to the smart contract and records all processing operation information for the data assets, including:

[0141] Step 601: AAS-DA-user performs a security scan of the media and environment in which the data assets will be stored and used, based on the requirements of the usage environment in the smart contract.

[0142] In the embodiments of this application, the application can perform a usage environment scan by AAS-DA-user: based on the usage environment settings in the data asset control management component - usage control, AAS-DA-user will invoke the data asset control management component - usage environment security scan function to perform a security scan of the software layer, system layer, and hardware layer of the usage environment, and mark software that meets the smart contract requirements as secure. Software that passes the security marking will be added to the whitelist of access control or usage control in the data asset control management component. AAS-DA-user will then feed back the environment security scan results to AAS-DA-supplier through the data user's client. After the data asset control management component - usage control of AAS-DA-supplier approves the scan, it will allow the data user to access the preprocessed data assets.

[0143] Optionally, according to the contract settings of the AAS-DA-supplier data asset control and management component, the AAS-DA-supplier will preprocess the data assets through the usage mode of the data asset control and management component, including but not limited to de-identification, encryption, and generation of computational factors. If "Regular Use" is selected in the usage mode, the data assets will be sent to the data user in plaintext. If multi-party collaboration is involved in the data usage process, such as multi-party privacy computation or federated learning, the collaboration mode of the data asset control and management component will also be set. Two or more AAS-DA-suppliers with collaboration mode enabled will achieve synchronous management of the data assets during the data asset usage process.

[0144] Step 602: By reading the whitelist of access control or usage control in AAS-DA-user, confirm the permissions of one or more processes that will soon access the data assets.

[0145] In the embodiments of this application, the permissions for one or more processes to access the data asset are requested by the data user through an authorization request to AAS-DA-user. The permissions of the one or more processes about to access the data asset are confirmed by reading the whitelist of access or usage controls in the AAS-DA-user's data asset control management component. If the process is in the whitelist, AAS-DA-user will allow the process to operate on the data asset according to the Function attribute in the data asset's control management component contract settings; if the process is not in the whitelist, AAS-DA-user will not allow the process to access the data asset.

[0146] Step 603: AAS-DA-user monitors in real time whether changes to data assets have reached boundary conditions or whether any operations that violate constraints have occurred, and writes the operation logs to the log storage component.

[0147] In the embodiments of this application, during the use of data assets, the data assets are monitored by AAS-DA-user. AAS-DA-user, through the data asset control management component – ​​usage control monitor, monitors in real time whether changes to the data assets have reached the maximum value of boundary conditions or whether any operation violating constraints has occurred. If any of the above occurs, AAS-DA-user sends an exception message to the data user, who then forcibly terminates the process through process monitoring – executor. AAS-DA-user then destroys the data asset through the data asset control management component – ​​usage control – executor.

[0148] This allows for better control over the use of data assets, ensuring that data sovereignty remains firmly in the hands of the data provider.

[0149] In the embodiments of this application, such as Figure 7 As shown, when changes to data assets reach the boundary conditions of the smart contract or violate constraints, the AAS-DA-user terminates and / or destroys the data assets of the data user, including:

[0150] Step 701: Based on the constraints and boundary conditions of the smart contract, AAS-DA-user generates an operation script to terminate or destroy the data asset.

[0151] Step 702: When changes to the data asset reach the boundary conditions of the smart contract or violate the constraints, the AAS-DA-user will record the processing operation information and feed it back to the AAS-DA-supplier in real time or afterward. This will enable the AAS-DA-supplier to issue a termination instruction to the AAS-DA-user, who will then call the operation script to terminate the use of the data asset. Alternatively, the AAS-DA-user can directly call the operation script to terminate the use of the data asset.

[0152] Step 703: Destroy the data asset after the termination of its use or when the AAS-DA-user receives a destruction instruction from the AAS-DA-supplier.

[0153] In the embodiments of this application, the application generates an operation script for terminating and destroying data assets through AAS-DA-user based on the constraints and boundary conditions of the smart contract; during the use of data assets, AAS-DA-user records all processing operation information of data assets; and provides feedback to AAS-DA-supplier in real time or afterward. There are two possible situations: (1) AAS-DA-supplier can actively issue a termination instruction to AAS-DA-user after learning about the processing status of data assets, and AAS-DA-user can call the operation script to terminate the use of data assets; (2) when the constraints and boundary conditions of the smart contract are met, AAS-DA-user calls the operation script to terminate the use of data assets.

[0154] Data assets are destroyed after use or when the AAS-DA-user receives a destruction instruction from the AAS-DA-supplier. Even after data assets are destroyed, AAS-DA can still provide information on their entire lifecycle, as well as the status of associated data assets, facilitating subsequent auditing, liquidation, arbitration, and traceability of other data assets.

[0155] This allows for better control over data assets, ensuring they are not visible, controllable, measurable, and subject to access control and self-destruction upon viewing.

[0156] In the embodiments of the application, combined with Figure 8 As shown, the data asset management method of this application also includes:

[0157] Step 801: After the data asset is destroyed, AS-DA-user terminates the smart contract and sends the information about the destruction of the data asset and the termination of the smart contract to the data provider and the intermediary service provider.

[0158] Step 802: After receiving the information that the data assets have been destroyed and the smart contract has been terminated, the data provider terminates the smart contract through the AAS-DA-supplier and sends the liquidation application information to the intermediary service provider and the data user through the data provider.

[0159] Step 803: After receiving the liquidation application information, the intermediary service provider terminates the smart contract through AAS-DA-public, and reads the log storage components of AAS-DA-supplier and AAS-DA-user through AAS-DA-public, compares them with the content of the smart contract, and performs liquidation and auditing based on the comparison results.

[0160] In the embodiments of this application, the application synchronizes and stores evidence from multiple parties during the data asset usage process through the collaboration of AAS-DA-public, AAS-DA-user, and AAS-DA-supplier. Based on the evidence stored from multiple parties of AAS-DA-public, AAS-DA-user, and AAS-DA-supplier, the usage of data assets is settled and audited. Thus, the quality and value attributes of data assets in AAS-DA-public can be dynamically adjusted according to the data users' evaluation of data quality and value.

[0161] Specifically, from the moment the smart contract is signed until the data asset is destroyed, all operations performed on the data asset by the data provider, data user, and intermediary service provider will be synchronously logged on the data provider's client, the data user's client, and the intermediary service platform. When necessary, all evidence can be managed and traced through blockchain.

[0162] When data assets are destroyed, both the data user's client (smart contract management) and the AAS-DA-user data asset control and management component (contract settings) will terminate the smart contract. Then, the data user's client will send information about the data asset destruction and contract termination to the intermediary service platform and the data provider's client. Upon receiving this information, the intermediary service platform, through the contract settings function of the data asset control and management component, will terminate the contract and initiate the liquidation process.

[0163] In the embodiments of this application, combined with Figure 9 As shown, the Data Asset Active Management System (AAS-DA) of this application is deployed on a client and an intermediate service platform. The main functions of the client include AAS-DA management, identity registration and management, smart contract management, process usage control, usage environment scanning, process management, log storage, settlement integration, and communication functions. Specifically, the client can be deployed locally or on a private cloud. The client can be placed in a trusted and secure environment at the hardware, system, and / or software layers, wherein:

[0164] (I) Management of AAS-DA: including creating, updating and deleting AAS-DA and its components and attributes, configuring AAS-DA interfaces, etc.

[0165] (ii) Identity registration and management: including registration of client users, organizations, AAS-DA, data assets, and identity certificate management.

[0166] (III) Smart Contract Management:

[0167] 1. Create a new smart contract. This includes user permissions, usage environment, operations on data assets, IT infrastructure requirements, and transmission security requirements.

[0168] 2. Smart contracts can still be executed through the client even when the client is offline;

[0169] 3. Boundary conditions: These specify the maximum duration and number of operations on data assets;

[0170] 4. Constraints: Specifies the types of operations that cannot be performed on data assets;

[0171] 5. Contract Termination: The contract is terminated when the data assets are destroyed.

[0172] (iv) Process usage control:

[0173] Monitor: Monitors in real time whether the process's operations on data assets have reached the maximum value of the boundary conditions, or whether any operations that violate the constraints have occurred.

[0174] Executor: Aborts the process.

[0175] (v) Usage Environment Scan: Based on the requirements of the smart contract for the hardware layer, system layer and software layer in the usage environment, a usage environment scan is performed; a usage environment scan result report and a process whitelist are generated. The usage environment scan result is sent by the client of the data user to the client of the intermediate service platform and the client of the data provider at the same time, and the process whitelist is sent to the process management component for management.

[0176] (vi) Process Management: Dynamically manage the whitelist of processes for access control or usage control, including maintaining the whitelist (adding, updating, and removing processes), and process permission verification. The initial whitelist is generated by the usage environment scanning function before the data assets reach the data user. Processes on the whitelist that are detected violating smart contract rules during data asset usage will be removed from the whitelist. Processes not initially included in the whitelist will be added to the whitelist after client-side process permission verification.

[0177] (vii) Log storage: For the client of the data provider, the logs of the data asset throughout its entire life cycle are stored; for the client and intermediate service platform of the data user, the operation logs of the data asset are stored after the smart contract takes effect and before the contract is terminated.

[0178] (viii) Settlement and Integration: When the contract is terminated, the data asset usage frequency, time, and abnormal situation handling are settled by reading the logs of the data user's client, the data provider's client, and the intermediate service platform.

[0179] (ix) Communication functions: including communication between clients, communication between clients and AAS-DA, and communication between clients and the middle service platform.

[0180] In the embodiments of this application, the functions of the intermediary service platform mainly include: identity authentication, resource catalog management, supply and demand matching, smart contract management, log storage, settlement auditing, and service evaluation. Specifically, the intermediary service platform can be deployed on a public cloud or a private cloud. The intermediary service platform must be located in a trusted and secure environment at the hardware, system, and software layers. The functions of the intermediary service platform can be implemented and operated by one or more organizations or units. Each organization or unit needs to be authenticated before it can begin its work.

[0181] Combination Figure 10 As shown, this application also provides a method for controlling the use of data assets, applied to a client as a data provider, a client as a data user, and an intermediary service platform as an intermediary service provider, the method comprising:

[0182] Step 1001: The data provider and the data user register and authenticate their identities through their respective clients. After authentication, the data provider registers and authenticates with the intermediate service platform's Data Asset Active Management System (AAS-DA) through its client.

[0183] Step 1002: The data provider saves the data asset information to be publicly disclosed in AAS-DA-supplier as AAS-DA-public and uploads it to the intermediary service platform through the data provider's client, so that the data user and the data provider can reach a smart contract.

[0184] Step 1003: The data user's client performs an environment scan and generates a whitelist of processes that are allowed to access or use the data assets. After confirming the processes in the whitelist, the data provider's client sends AAS-DA-user and the pre-processed data assets to the data user's client.

[0185] Step 1004: During the use of data assets, the client of the data user confirms whether one or more processes that are about to call the data assets have the necessary permissions based on the processes in the whitelist. If the changes to the data assets reach the boundary conditions of the smart contract or violate the constraints, the client terminates and / or destroys the data assets through AAS-DA-user and AAS-DA-public.

[0186] The data asset usage control method provided in this disclosure uses AAS-DA to load and control data assets across the client (data provider), the client (data user), and the intermediate service platform (intermediate service provider). This keeps data sovereignty in the hands of the data provider and achieves usability without visibility, controllability and measurability, access control, and post-use destruction of data assets. It solves problems such as poor data quality, difficulty in data interoperability, high acquisition costs, difficulty in security, and complexity in ownership confirmation and valuation transactions, forming a technical system for data sharing, circulation, trading, and security protection.

[0187] In the embodiments of this application, combined with Figure 11 As shown, the data provider and the data user register and authenticate their identities through their respective clients. The authenticated data provider then registers and authenticates with the intermediate service platform's Active Data Asset Management System (AAS-DA) through its client, including:

[0188] Step 1101: Data providers and data users register users through their respective clients. User types include enterprises, organizations, and individuals.

[0189] In the embodiments of this application, all stakeholders participating in trusted industrial data space activities, including but not limited to data providers, data users, and third parties providing log storage, clearing, and auditing services, need to register through their client. User types include enterprises, organizations, and individuals.

[0190] Step 1102: The intermediate service platform reviews the user registration information sent by the client, authorizes a unique identity for users who pass the review, and manages the identity according to the user type.

[0191] In the embodiments of this application, after receiving the user registration information sent by the client, the intermediate service platform will review it. Users who pass the review will be authorized with a globally unique identity identifier. The intermediate service platform manages the identifier according to the different types of users.

[0192] Step 1103: The authenticated data provider initiates an identity tag authorization application to the intermediary service platform through its client.

[0193] Step 1104: After the identity tag authorization application is approved, the intermediary service platform sends a unique data asset code and AAS-DA code to the data provider's client.

[0194] Step 1105: The data provider's client automatically writes the data asset code and AAS-DA code into the AAS-DA identity tag, completing the registration and authentication of the Data Asset Active Management System AAS-DA.

[0195] In the embodiments of this application, the authenticated data provider initiates an identity tag authorization application to the intermediary service platform through its client. After the authorization application is approved, the intermediary service platform sends a unique "Global Data Asset Code" and "Global AAS-DA Code" to the data provider's client. The data provider's client automatically writes the above two codes into the AAS-DA identity tag, completing the AAS-DA registration and authentication.

[0196] In the embodiments of this application, combined with Figure 12 As shown, the data provider saves the data asset information to be publicly disclosed in AAS-DA-supplier as AAS-DA-public and uploads it to the intermediary service platform through the data provider's client, so that the data user and the data provider can reach a smart contract, including:

[0197] Step 1201: The data provider saves the data asset information to be disclosed in AAS-DA-supplier as AAS-DA-public and uploads it to the intermediate service platform through the data provider's client. After the intermediate service platform approves the AAS-DA-public, it is included in the resource catalog.

[0198] Step 1202: The client of the data user accesses the resource catalog of the intermediary service platform, queries the data assets and other resources that meet the requirements, and the client of the data user subscribes to the resource catalog or fills in the requirements for data assets and other resources. The intermediary service platform pushes data assets and other resources according to the supply of data assets and other resources.

[0199] Step 1203: The data user initiates an invitation to one or more data providers that meet its needs. The data provider that accepts the invitation will negotiate with the data user on the cooperation intention of data assets, and write the negotiated content into the smart contract management function of the intermediary service platform, as well as the smart contract management function of the data user's client and the data provider's client.

[0200] In this way, data providers and data users can achieve efficient supply and demand matching and smart contract settings through an intermediary service platform, thereby increasing the transaction value of data assets.

[0201] In the embodiments of this application, combined with Figure 13As shown, the data user's client performs an environment scan to generate a whitelist of processes allowed to access or use control data assets. After confirming the processes in the whitelist, the data provider's client sends AAS-DA-user and the preprocessed data assets to the data user's client, including:

[0202] Step 1301: Based on the data user's client's requirements for the usage environment, the data user's client will call the usage environment scanning component to perform a security scan of the hardware, system, and software layers of the usage environment, and mark processes that meet the requirements of smart contracts with security labels.

[0203] Step 1302: Add the process that has passed the security label to the whitelist of access control or usage control in the process management component. The client of the data user sends the information to the clients of the intermediate service platform and the data provider at the same time.

[0204] Step 1303: After the data provider's client confirms the whitelist, it preprocesses the data assets according to the AAS-DA-supplier and saves them as AAS-DA-user, and then sends the AAS-DA-user and the preprocessed data assets to the data user's client.

[0205] In the embodiments of this application, according to the provisions of the AAS-DA-supplier data asset control management component contract settings, the AAS-DA-supplier will preprocess the data assets through the usage mode of the data asset control management component, including but not limited to de-identification, encryption, and generation of computational factors. If "regular use" is selected in the usage mode, the data assets will be sent to the data user in plaintext. If multi-party collaboration is involved in the data usage process, such as multi-party privacy computation or federated learning, a collaboration mode of the data asset control management component will also be set. Two or more AAS-DA-suppliers with collaboration mode enabled will achieve synchronous management of data assets during the data asset usage process.

[0206] Optionally, the data provider's client can also send the AAS-DA-supplier and pre-processed data assets (plaintext or ciphertext) to the data user's client. The data user's client will merge the received AAS-DA-supplier with the AAS-DA-user to generate a new AAS-DA-user. Based on the storage environment requirements of the AAS-DA-user data asset lifecycle management component - contract management, the data assets are stored in an environment that meets the trust requirements.

[0207] This ensures a safer and more reliable environment for the use of data assets.

[0208] In the embodiments of this application, combined with Figure 14 As shown, during the use of data assets, the client of the data user confirms, based on the processes in the whitelist, whether one or more processes about to access the data assets have the necessary permissions, including:

[0209] Step 1401: One or more processes that call the data asset will send a permission request to the client of the data user.

[0210] Step 1402: By reading the whitelist of the data user's client, confirm the permissions of one or more processes that will soon access the data assets.

[0211] Step 1403: If the process is in the whitelist, the data user's client will send a confirmation instruction to AAS-DA-user, allowing the process to operate on the data assets according to the Function attribute in AAS-DA-user.

[0212] Step 1404: If the process is not in the whitelist, the data user's client will not allow the process to access the data assets.

[0213] In the embodiments of this application, one or more processes that will invoke the data asset will initiate a permission request to the client-process management of the data user. The permissions of the one or more processes about to invoke the data asset will be confirmed by reading the whitelist in the client-process management of the data user. If the process is in the whitelist, the data user's client will send a confirmation instruction to AAS-DA-user, allowing the process to operate on the data asset according to the Function attribute in the AAS-DA-user data asset control management component-contract settings. If the process is not in the whitelist, the data user's client will not allow the process to invoke the data asset.

[0214] This allows for better monitoring of data asset usage based on process permissions, thus ensuring the data provider's data sovereignty and data security.

[0215] In the embodiments of this application, combined with Figure 15 As shown, the termination and / or destruction of data assets through AAS-DA-user and AAS-DA-public when changes to data assets reach the boundary conditions of the smart contract or when constraints are violated includes:

[0216] Step 1501: Based on the boundary conditions and constraints of the smart contract, the client of the data user monitors in real time whether the operation on the data asset has reached the maximum value of the boundary conditions or whether any operation has violated the constraints.

[0217] Step 1502: If changes to the data assets reach the boundary conditions of the smart contract or if a violation of constraints occurs, the client of the data user shall forcibly terminate the process.

[0218] Step 1503: The data user's client sends an instruction to AAS-DA-User, and AAS-DA-User destroys the data assets.

[0219] In the embodiments of this application, during the use of data assets, process monitoring is performed through the data user's client and simultaneously through AAS-DA-user. Specifically, based on the boundary conditions and constraints in smart contract management, the data user's client, through process management - monitor, monitors in real time whether the process's operations on the data asset have reached the maximum value of the boundary conditions or whether any operations have violated the constraints. If either of these occurs, the data user's client forcibly terminates the process through process monitoring - executor and simultaneously issues an instruction to AAS-DA-User. AAS-DA-user then destroys the data asset through the data asset control management component - usage control - executor. Simultaneously, AAS-DA-user, through the data asset control management component - usage control - monitor, monitors in real time whether changes to the data asset have reached the maximum value of the boundary conditions or whether any operations have violated the constraints. If either of these occurs, AAS-DA-user sends an exception message to the data user's client, and the data user's client forcibly terminates the process through process monitoring - executor. AAS-DA-user then destroys the data asset through the data asset control management component - usage control - executor.

[0220] This ensures that data sovereignty remains firmly in the hands of data providers, guaranteeing the stability of data asset value.

[0221] In the embodiments of this application, combined with Figure 16 As shown in the embodiments of this application, the usage control method further includes:

[0222] Step 1601: From the time the smart contract is completed until the data asset is destroyed, all operations performed on the data asset by the data provider, data user, and intermediary service platform will be synchronously stored in the client of the data provider, the client of the data user, and the intermediary service platform through logs.

[0223] Step 1602: After the data asset is destroyed, the data user's client and AAS-DA-user will terminate the smart contract and send the information about the destruction of the data asset and the termination of the smart contract to the intermediary service platform and the data provider's client through the data user's client.

[0224] Step 1603: After receiving the information that the data asset has been destroyed and the smart contract has been terminated, the intermediary service platform AAS-DA-public will terminate the contract and initiate the liquidation process through the contract setting function of the data asset control and management component.

[0225] In the embodiments of this application, when data assets are destroyed, both the data user's client-smart contract management and the AAS-DA-user data asset control management component-contract settings will terminate the smart contract. Then, the data user's client sends information about the data asset destruction and contract termination to the intermediary service platform and the data provider's client. Upon receiving the information, the data provider's client-smart contract management and the AAS-DA-supplier will terminate the smart contract through the data asset control management component-contract settings. Upon receiving the information, the intermediary service platform will terminate the contract through the AAS-DA-public data asset control management component-contract settings. AAS-DA-public then reads the log storage components of AAS-DA-supplier and AAS-DA-user and compares the content with the data asset control management component-contract settings.

[0226] If the data user uses the data asset normally according to the smart contract and terminates the use of the data asset when the boundary conditions are triggered, AAS-DA-public will generate a settlement report based on the unit price of the data asset, the number of times / time of use, etc., and send it to both the data user and the data provider. After settlement, the data user can evaluate the data asset attributes such as data quality, and AAS-DA-public will update the attribute information such as data quality management in the data asset lifecycle management component based on the evaluation. The data provider can evaluate the credit of the data user.

[0227] If a data user fails to use the data asset in accordance with the smart contract, AAS-DA-public will generate a settlement report and send it to both the data user and the data provider based on the unit price of the data asset, the number of times / time of use, and information on any violations. After settlement, the data user cannot evaluate the data asset's attributes. The intermediary service platform will downgrade the data user's credit rating. The data user's credit rating will affect the access control and other attributes of the AAS-DA-user's data asset control and management components.

[0228] In addition, the intermediary service platform will retain AAS-DA-public until the retention period of AAS-DA-public expires, or the data provider submits an application to destroy AAS-DA-public.

[0229] Optionally, if the smart contract allows data users to copy data assets, an AAS-DA-user-copy will be generated for the copied data asset and associated with AAS-DA-user.

[0230] This allows for better management and control of data assets in the event of usage anomalies, ensuring the value and benefits of data assets.

[0231] Optionally, the data asset usage control method of this application also includes the storage and destruction of AAS-DA-supplier information, as well as the updating of AAS-DA-supplier and AAS-DA-public, for details of which can be found in the foregoing section of this specification, and will not be repeated here.

[0232] Combination Figure 17 As shown, this disclosure provides a computing device including a processor 170 and a memory 171. Optionally, the device may further include a communication interface 172 and a bus 173. The processor 170, communication interface 172, and memory 171 can communicate with each other via the bus 173. The communication interface 172 can be used for information transmission. The processor 170 can invoke logical instructions in the memory 171 to implement the data asset proactive management system of the above embodiments, or execute the data asset management method of the above embodiments, or execute the data asset usage control method of the above embodiments.

[0233] Furthermore, the logic instructions in the aforementioned memory 171 can be implemented as software functional units and, when sold or used as independent products, can be stored in a computer-readable storage medium.

[0234] The memory 171, as a computer-readable storage medium, can be used to store software programs and computer-executable programs, such as program instructions / modules corresponding to the methods in the embodiments of this disclosure. The processor 170 executes functional applications and data processing by running the program instructions / modules stored in the memory 171, thereby implementing the proactive data asset management system of the above embodiments, or executing the data asset management method of the above embodiments, or executing the data asset usage control method of the above embodiments.

[0235] The memory 171 may include a program storage area and a data storage area. The program storage area may store the operating system and application programs required for at least one function; the data storage area may store data created based on the use of the terminal device. Furthermore, the memory 171 may include high-speed random access memory and may also include non-volatile memory.

[0236] This disclosure provides a storage medium storing program instructions. When the program instructions are executed, they can implement the data asset proactive management system described above, or execute the data asset management method described above, or execute the data asset usage control method described above.

[0237] The aforementioned storage medium can be a transient computer-readable storage medium or a non-transitory computer-readable storage medium.

[0238] The technical solutions of this disclosure can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes one or more instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the method described in this disclosure. The aforementioned storage medium can be a non-transitory storage medium, including: a USB flash drive, a portable hard drive, a read-only memory (ROM), a random access memory (RAM), a magnetic disk, or an optical disk, and other media capable of storing program code; it can also be a transient storage medium.

[0239] The foregoing description and accompanying drawings fully illustrate embodiments of this disclosure to enable those skilled in the art to practice them. Other embodiments may include structural, logical, electrical, procedural, and other changes. The embodiments represent only possible variations. Individual components and functions are optional unless explicitly required, and the order of operation may vary. Parts and features of some embodiments may be included in or replace parts and features of other embodiments. Moreover, the terminology used in this application is for describing embodiments only and is not intended to limit the claims. As used in the description of embodiments and claims, the singular forms “a,” “an,” and “the” are intended to equally include the plural forms unless the context clearly indicates otherwise. Similarly, the term “and / or” as used in this application means including one or more of the associated listed items and all possible combinations thereof. Additionally, when used in this application, the term "comprise" and its variations "comprises" and / or "comprising" refer to the presence of stated features, integrals, steps, operations, elements, and / or components, but do not exclude the presence or addition of one or more other features, integrals, steps, operations, elements, components, and / or groups thereof. Without further limitations, an element defined by the phrase "comprises a..." does not exclude the presence of other identical elements in the process, method, or apparatus that includes said element. In this document, each embodiment may focus on the differences from other embodiments, and similar or identical parts between embodiments can be referred to mutually. For methods, products, etc., disclosed in the embodiments, if they correspond to the method section disclosed in the embodiments, the relevant parts can be referred to the description of the method section.

[0240] Those skilled in the art will recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of the embodiments of this disclosure. Those skilled in the art will clearly understand that, for the sake of convenience and brevity, the specific working processes of the systems, devices, and units described above can be referred to the corresponding processes in the foregoing method embodiments, and will not be repeated here.

[0241] The methods and products (including but not limited to devices and equipment) disclosed in the embodiments herein can be implemented in other ways. For example, the device embodiments described above are merely illustrative. For instance, the division of units may be merely a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. In addition, the coupling or direct coupling or communication connection between the shown or discussed units may be through some interfaces, and the indirect coupling or communication connection between devices or units may be electrical, mechanical, or other forms. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units, that is, they may be located in one place or distributed across multiple network units. Some or all of the units may be selected to implement this embodiment according to actual needs. Furthermore, the functional units in the embodiments of this disclosure may be integrated into one processing unit, or each unit may exist physically separately, or two or more units may be integrated into one unit.

[0242] The flowcharts and block diagrams in the accompanying drawings illustrate the architecture, functionality, and operation of possible implementations of systems, methods, and computer program products according to embodiments of this disclosure. In this regard, each block in a flowchart or block diagram may represent a module, segment, or portion of code, which includes one or more executable instructions for implementing a specified logical function. In some alternative implementations, the functions marked in the blocks may occur in a different order than that shown in the drawings. For example, two consecutive blocks may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. In the descriptions corresponding to the flowcharts and block diagrams in the accompanying drawings, the operations or steps corresponding to different blocks may also occur in a different order than disclosed in the description, and sometimes there is no specific order between different operations or steps. For example, two consecutive operations or steps may actually be executed substantially in parallel, and they may sometimes be executed in reverse order, depending on the functions involved. Each block in a block diagram and / or flowchart, and combinations of blocks in a block diagram and / or flowchart, can be implemented using a dedicated hardware-based system that performs the specified function or action, or using a combination of dedicated hardware and computer instructions.

Claims

1. A proactive data asset management system (AAS-DA), characterized in that, Each data asset has a corresponding AAS-DA; AAS-DAs are divided into AAS-DA-suppliers and AAS-DA-users based on the rights and interests of different stakeholders. AAS-DAs for the same data asset are interconnected, with the AAS-DA-supplier having the highest authority. AAS-DAs include: The full lifecycle management component is configured to manage the various subject attributes of data assets throughout their entire lifecycle, including data creation, smart contracts, and data asset destruction management. The control management component is configured to manage the use of data assets, including contract settings and usage control. The usage control monitors the use of data assets and identifies abnormal situations according to the relevant requirements in the contract settings, as well as suspending the use of data assets and destroying data assets. The log storage and management component is configured to manage various logs generated during the use of the data asset proactive management system; The interface management component is configured to manage the communication interfaces of the proactive data asset management system; The AAS-DA-user generates an operation script to terminate or destroy data assets based on the constraints and boundary conditions of the smart contract. When changes to the data assets reach the boundary conditions of the smart contract or violate the constraints, the AAS-DA-user records the processing operation information and feeds it back to the AAS-DA-supplier in real time or afterward. This allows the AAS-DA-supplier to issue a termination instruction to the AAS-DA-user, who then invokes the operation script to terminate the use of the data assets. Alternatively, the AAS-DA-user can directly invoke the operation script to terminate the use of the data assets. After the data assets are terminated or when the AAS-DA-user receives a destruction instruction from the AAS-DA-supplier, the data assets are destroyed.

2. The proactive data asset management system according to claim 1, characterized in that, The full lifecycle management component is specifically configured as follows: Manage data sovereignty, data history, and data quality of data assets.

3. The proactive data asset management system according to claim 1, characterized in that, The full lifecycle management component is specifically configured as follows: Manage the data types, data levels, and data standards of data assets.

4. The proactive data asset management system according to claim 1, characterized in that, The full lifecycle management component is specifically configured as follows: Manage the data value of data assets and data sharing.

5. The proactive data asset management system according to claim 1, characterized in that, The control and management component is specifically configured as follows: Manage the usage rights and access control of data assets.

6. The proactive data asset management system according to claim 1, characterized in that, The control and management component is specifically configured as follows: Manage the usage patterns, collaboration models, and security scans of the usage environment for data assets.

7. The proactive data asset management system according to claim 1, characterized in that, The log evidence management component is specifically configured as follows: Manage the internal logs, data operation logs, and collaborative logs with other data asset management systems of the proactive data asset management system.

8. The proactive data asset management system according to claim 1, characterized in that, The interface management component is specifically configured as follows: Manage the communication interfaces between at least two proactive data asset management systems, as well as the communication interfaces between the proactive data asset management system and the data assets.

9. A computing device, comprising a processor and a memory storing program instructions, characterized in that, The processor is configured to implement the proactive data asset management system as described in any one of claims 1 to 8 when executing the program instructions.

10. A storage medium storing program instructions, characterized in that, When the program instructions are executed, they implement the proactive data asset management system as described in any one of claims 1 to 8.

Images