Building cross-subsystem data sharing and permission dynamic allocation method based on internet of things
By combining parsing timeliness and processing capacity analysis in cross-subsystem data sharing within a building, and dynamically matching permission decisions, the problem of low accuracy in permission allocation results is solved, achieving efficient flow of permission decisions and stable system operation.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Patents(China)
- Current Assignee / Owner
- HAIKAI WISDOM (BEIJING) TECHNOLOGY SERVICES CO LTD
- Filing Date
- 2026-01-15
- Publication Date
- 2026-06-26
AI Technical Summary
Existing technologies cannot adapt to dynamic scenarios in the process of data sharing across building subsystems, resulting in low accuracy of permission allocation results and a lack of real-time perception and adaptive adjustment of communication status, which may cause permission verification failure and intelligent linkage interruption.
By combining analysis of parsing timeliness and processing capacity, dynamically matching permission decisions, and adopting parsing lag analysis mechanism and parsing capacity overload optimization measures, we can achieve on-demand scheduling and precise adaptation of permission resources, ensuring the real-time and accuracy of data sharing.
It improves the accuracy of permission decisions and the stability of the system, reduces parsing lag and overload problems caused by dynamic fluctuations, and ensures the real-time performance and security of data sharing across building subsystems.
Smart Images

Figure CN121530764B_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of building cross-subsystem data processing technology, and in particular to a method for building cross-subsystem data sharing and dynamic permission allocation based on the Internet of Things. Background Technology
[0002] To break down information barriers, achieve system collaboration, and ensure that the right data is used by the right people at the right time while ensuring security, data sharing between subsystems helps to solve the problems of biased decision-making and slow response caused by "data silos," as well as the security risks and management rigidity caused by static permissions.
[0003] This need is particularly urgent and critical in building scenarios. As the core carrier for the deep integration of physical environment and digital system, modern buildings have formed a complex Internet of Things (IoT) ecosystem composed of various heterogeneous subsystems such as air conditioning, lighting, security, elevators, and fire protection. Their operational logic is no longer the independent operation of a single subsystem, but relies on data interoperability and intelligent linkage across subsystems. The cross-subsystems (air conditioning, lighting, security, etc.) of the building IoT directly control the physical environment, and their data sharing is not only about information exchange, but also directly related to personal safety, asset protection, and operational efficiency. This places a core requirement on dynamically adapting access control to the physical scenario. To achieve data sharing between cross-subsystems in a building, the existing process begins with data collection and access. This involves collecting device status parameters (elevator load, etc.) through IoT gateways deployed in various heterogeneous subsystems (such as air conditioning, access control, lighting, elevators, etc.). The system analyzes and converts different communication protocols of various heterogeneous subsystems within the building, unifying cross-subsystem data (such as user location coordinates and cross-subsystem linkage commands) into a standardized format for upward transmission. This is followed by data aggregation and modeling, integrating all cross-subsystem data into the IoT platform. At the access control level, a centralized access control engine is established. This engine defines dynamic access control policies based on user, resource, and environmental attributes and can receive information from the IoT platform in real time for intelligent authentication decisions. Edge nodes can also authenticate and respond to local cross-subsystem data. Finally, the IoT platform provides data services and sharing, distributing the processed standardized data through APIs (Application Programming Interfaces). The interface (Application Programming Interface) or message middleware is exposed to the outside world. Before any upper-layer application can access data or issue control commands, it must first be verified and authorized in real time by the permission policy engine. During this process, the permission policy engine can also synchronously call the preset permission decision risk model, such as the decision tree model, and input multi-dimensional information such as cross-subsystem data of the building and the real-time communication status of applications into the model to quantify the corresponding permission decision risk level. Finally, in the intelligent application and linkage execution stage, various authorized applications can execute business logic and trigger cross-system automated linkage, such as security event linkage video and access control, automatic adjustment of air conditioning operation status according to indoor temperature and humidity, or automatic adjustment of lighting brightness according to traffic flow, etc., thereby realizing a complete closed loop from data perception, dynamic authorization to intelligent control, and continuously optimizing the operating efficiency and security of the entire system through continuous data feedback.
[0004] For example, Chinese invention patent CN114443676A discloses a building control system and a data sharing method for the building control system, comprising: a subsystem collection module for sending data query requests to an audit consortium module; an audit consortium module for verifying the request information; if the verification is successful, the audit node returns the data to be queried stored in the data blockchain module or the data to be queried stored in the distributed cluster module to the subsystem collection module according to the request information; if the verification fails, an unauthorized prompt message is returned; a data blockchain module for storing the data uploaded by the subsystem collection module; and a distributed cluster module for storing the data that needs to be persisted in the data blockchain module.
[0005] In existing technologies, building control systems provide basic access control and data storage solutions for cross-subsystem data sharing through the verification mechanism of the audit alliance module and the collaborative design of dual storage modules, enabling data query and interaction within the authorized scope. However, in actual building operation scenarios, personnel flow and equipment operation status are not in a stable and static state, but rather experience a large number of dynamic fluctuations. Temporary visitors entering and exiting areas, high-frequency start-stop or abnormal operation of elevators and other equipment, and multiple verification triggers of access control systems all lead to a significant increase in the real-time requirements of cross-subsystem data, and the frequency and dimensions of data transmission will change irregularly.
[0006] The above-mentioned technology has at least the following technical problems:
[0007] During the sharing of data across building subsystems, there may be dynamic fluctuations in the real-time location of users (such as temporary visitors entering the building area without timely reporting) and abnormal operating states of equipment (such as high-frequency start-stop and floor switching of elevators, multiple triggering verifications of access control). This leads to frequent input of real-time cross-system data for permission decisions, causing untimely parsing. At the same time, dynamic fluctuations may cause temporary increases in the data update dimensions of cross-system data, causing overload of the policy engine's parsing and processing capacity, further resulting in protocol parsing failure or anomalies. Existing technologies are usually based on centralized static policy engines, which cannot adapt to dynamic scenarios (such as temporary visitor permission adjustments, permission adaptation under abnormal equipment operating states), and lack real-time perception and adaptive adjustment mechanisms for communication status. This may cause the permission policy engine to allocate permissions based on outdated or incorrect cross-system data, resulting in a mismatch between permission decisions and the real physical scenario. Cross-system data sharing may fail due to communication anomalies, and cross-subsystem data sharing and intelligent linkage may be interrupted due to permission verification failures, resulting in low accuracy of permission allocation results. Summary of the Invention
[0008] This invention provides a method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things (IoT). This method improves the accuracy of permission allocation results, thereby solving the problem of low accuracy in permission allocation during cross-subsystem data sharing and intelligent linkage in existing technologies. The technical solution provided by this application is as follows:
[0009] A method for data sharing and dynamic permission allocation across building subsystems based on the Internet of Things (IoT) is provided. The specific implementation is as follows: For building subsystem data used to adapt to authorization and secure sharing characteristics in dynamic scenarios, an analysis is conducted to determine whether it is suitable for dynamic permission allocation, considering the parsing timeliness and processing capabilities during the data sharing process. The analysis results of parsing timeliness and processing capabilities are used as the determining condition for activating the data sharing parsing enhancement mechanism. When the output is "activated," dynamic matching of building communication and permission decisions is performed after the data sharing parsing enhancement mechanism is activated. The data sharing parsing enhancement mechanism includes a parsing lag analysis mechanism and parsing capability overload optimization measures. When the output is "not activated," dynamic matching of building communication and permission decisions is performed directly, and the result of this dynamic matching is used as the determining condition for whether to allocate permissions.
[0010] The beneficial effects of the technical solutions provided in the embodiments of the present invention include at least the following:
[0011] 1. By analyzing the parsing timeliness and processing capabilities of cross-subsystem data sharing within a building, and combining this analysis with an assessment of whether the data sharing process is suitable for dynamic permission allocation, we can help achieve on-demand scheduling and precise adaptation of parsing resources. This avoids resource waste caused by blindly activating optimization mechanisms or parsing lag caused by not activating optimization. The analysis results of parsing timeliness and processing capabilities serve as the determining condition for activating the data sharing parsing enhancement mechanism. When the output is "activated," dynamic matching of building communication and permission decisions is performed after the data sharing parsing enhancement mechanism is activated. This facilitates accurate authorization based on optimized, high-quality data, improving the matching degree between permission decisions and physical scenarios. When the output is not started, it directly performs dynamic matching between building communication and permission decisions, and uses the result of this dynamic matching as the determining condition for whether to allocate permissions. This helps to achieve efficient flow of permission decisions, reduces redundant optimization steps that affect business response speed, and thus ensures the real-time performance of cross-subsystem data sharing and the accuracy of permission allocation. It also supports the stable operation of intelligent linkage across subsystems and helps to solve the problem of low accuracy of permission allocation results when cross-subsystem data sharing and intelligent linkage exist in existing technologies.
[0012] 2. By analyzing the timeliness of data parsing during the cross-subsystem data sharing process, abnormal personnel density monitoring values and abnormal building access control monitoring values are obtained. When these values fall within the abnormal user fluctuation range and building access control range, respectively, the system analyzes the input anomalies in the cross-subsystem data and obtains the number of anomalies. If the number of anomalies exceeds the initially defined value, a parsing lag analysis mechanism is triggered. Compared to existing technologies that lack correlation analysis between parsing lag and data input anomalies, this approach helps to accurately trace the root cause of parsing lag and optimize it in a targeted manner. This reduces the problem of insignificant timeliness improvements caused by blind optimization, thereby improving the timeliness of cross-subsystem data parsing, providing effective data support for access control decisions, and reducing access control decision mismatches caused by outdated data.
[0013] 3. By analyzing the parsing and processing capabilities during data sharing across building subsystems, the difference between the monitoring results of updated dimensions and the predefined monitoring results of updated dimensions is obtained. When this difference is greater than 0, parsing capability overload analysis is performed to obtain the parsing capability overload value. If the parsing capability overload value is greater than the preset parsing capability overload threshold, parsing capability overload optimization measures are triggered. Compared with the shortcomings of existing technologies that use static parsing resource configuration and cannot adapt to scenarios with dynamic increases in data update dimensions, this helps to achieve accurate matching between parsing capabilities and dynamic data load, reduce parsing overload and protocol parsing failures caused by dimension expansion, thereby ensuring the continuity of data sharing across building subsystems, improving the stable operation capability of the permission policy engine, and supporting uninterrupted cross-system linkage.
[0014] 4. When a new data dimension is added temporarily, and communication congestion occurs in the IoT gateway of the fault area due to high-frequency reporting by devices, the system performs overload analysis to obtain the deviation value of the overload risk level. If the deviation value is greater than 0, a shared risk alarm is sent; otherwise, dynamic matching of building communication and access control decisions is performed. Compared with the shortcomings of existing technologies that lack risk prediction for scenarios where new data dimensions are added and communication congestion occurs, this system helps to achieve early warning and proactive prevention of overload risks. This helps to ensure the security of data sharing across building subsystems, reduce access control failures caused by sudden overload, and improve the system's resilience to fluctuations.
[0015] 5. By dynamically matching building communication and access control decisions, access control interruption values are obtained. When the access control interruption value exceeds the extracted access control interruption threshold, the average value of this value is continuously monitored. When the average value exceeds the access control interruption threshold, the decision confidence level is adjusted. Compared with existing methods that use a fixed decision confidence threshold, which cannot cope with scenarios with frequent access control interruptions, this method helps to achieve dynamic adaptation between decision confidence and verification stability, reduce high-risk decisions caused by verification interruptions, and thus improve the reliability and security of access control allocation, and reduce building security risks caused by decision-making errors.
[0016] 6. When a sudden building emergency causes wireless communication interruption in some areas of the building, and communication links of subsystems such as elevators, access control, and monitoring become unstable, the system dynamically matches building communication with permission decisions to obtain permission verification interruption values. When the permission verification interruption threshold exceeds the maximum permission verification interruption threshold, the system outputs a permission decision risk alarm level. Compared to existing methods that suffer from rigid permission decisions in extreme communication scenarios and are prone to interrupting emergency response, this system helps to achieve dynamic permission adaptation in emergency scenarios, thereby improving the emergency response capabilities and security levels of cross-subsystem systems in the building, and ensuring the orderly execution of cross-subsystem linkages in the event of a sudden emergency. Attached Figure Description
[0017] To more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings used in the following description of the embodiments will be briefly introduced. Obviously, the drawings described below are some embodiments of the present invention. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0018] Figure 1 This is a flowchart of a method for data sharing and dynamic permission allocation across building subsystems based on the Internet of Things, provided in an embodiment of the present invention.
[0019] Figure 2 This is a flowchart of the overall process for the Internet of Things-based method for cross-subsystem data sharing and dynamic permission allocation in buildings, provided in this embodiment of the invention.
[0020] Figure 3 This is a schematic diagram illustrating the overload optimization measures for the parsing capability of the IoT-based cross-subsystem data sharing and dynamic permission allocation method for buildings provided in this embodiment of the invention.
[0021] Figure 4 This is a schematic diagram of permission decision risk training provided in an embodiment of the present invention. Detailed Implementation
[0022] To make the objectives, technical solutions, and advantages of the embodiments of this application clearer, the implementation methods of this application will be further described in detail below with reference to the accompanying drawings.
[0023] Before providing a detailed explanation of the embodiments of this application, the application scenarios of these embodiments will be described first.
[0024] Embodiment 1 of this invention provides a method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things (IoT). For example... Figure 1 The flowchart shown is for a building data sharing and dynamic permission allocation method based on the Internet of Things. The processing flow of this method may include the following steps:
[0025] Parsing Timeliness and Processing Monitoring: Under specified IoT data sharing scenarios, for building cross-subsystem data used to adapt to the authorization and secure sharing characteristics of dynamic scenarios, an analysis is conducted on whether it is suitable for dynamic permission allocation, combining the parsing timeliness and parsing processing capabilities during the data sharing process. By monitoring parsing timeliness and processing, it is helpful to achieve accurate source tracing and risk prediction of parsing problems, identify potential hidden dangers such as parsing lag and processing capacity overload in advance during the data sharing process, provide data support for the activation of optimization mechanisms, and avoid permission decision mismatch due to parsing anomalies not being detected in time.
[0026] Data sharing and parsing optimization determination: The analysis results of parsing timeliness and parsing processing capacity are used as the determining conditions for activating the data sharing and parsing enhancement mechanism. When the output is activated, dynamic matching of building communication and permission decisions is performed after the data sharing and parsing enhancement mechanism is activated to balance the security of cross-subsystem data sharing and permission control. The data sharing and parsing enhancement mechanism includes a parsing lag analysis mechanism and parsing capacity overload optimization measures. Parsing lag optimization is used to improve parsing concurrent throughput, thereby dynamically adapting to load fluctuations. Parsing capacity overload optimization measures are used to release invalid parsing resources and simplify parsing complexity, thereby reducing permission verification failures and linkage interruptions. By performing data sharing and parsing optimization determination, it is helpful to realize on-demand scheduling and precise optimization of parsing resources, avoid resource waste caused by blindly activating the optimization mechanism or insufficient parsing efficiency caused by not activating optimization, and ensure high-quality output of optimized data, laying the foundation for dynamic matching of building communication and permission decisions.
[0027] Access control decision allocation: When the output is not started, the system directly performs dynamic matching between building communication and access control decisions, and uses the result of the dynamic matching as the determining condition for whether to allocate access control decisions. By allocating access control decisions, it helps to achieve a balance between accurate authorization and security control in dynamic scenarios. Based on the dynamic matching results of parsing quality and communication status, it ensures that access control allocation is both adaptable to dynamic scenarios such as personnel flow and equipment malfunctions, and can prevent security risks caused by communication vulnerabilities and data distortion.
[0028] like Figure 2 The diagram shown is a general flowchart of a building cross-subsystem data sharing and dynamic permission allocation method based on the Internet of Things provided in an embodiment of this invention. Figure 2 It can be seen that: by combining the parsing timeliness and parsing processing capabilities in the data sharing process, an analysis is performed to determine whether it is suitable for dynamic permission allocation. This analysis obtains the combination of abnormal personnel density monitoring values and abnormal building access control monitoring values, as well as the difference between the monitoring results of the updated dimension and the predefined monitoring results of the updated dimension. When the abnormal personnel density monitoring values and abnormal building access control monitoring values are within the abnormal user fluctuation range and the abnormal building access control range, respectively, an analysis is performed on the input anomalies of cross-subsystem data in the building; otherwise, dynamic matching of building communication and permission decisions is performed. When the difference between the monitoring results of the updated dimension and the predefined monitoring results of the updated dimension is greater than 0, an analysis of parsing capability overload is performed; otherwise, dynamic matching of building communication and permission decisions is performed. After dynamic matching of building communication and permission decisions, permission decisions are allocated to obtain a permission authorization linkage priority index. When the permission authorization linkage priority index is greater than the preset permission authorization linkage priority index, a priority authorization operation is performed; otherwise, a waiting authorization instruction is sent.
[0029] It should be mentioned that before designing the IoT-based building cross-subsystem data sharing and dynamic permission allocation method proposed in this application, a database for storing various types of set data was pre-built. The database's indexing function was used to create indexes for frequently queried fields to improve the speed of data retrieval. The database covers a wide range of content, including but not limited to the initially defined threshold value for the number of abnormal building data occurrences and the preset threshold value for parsing capacity overload.
[0030] The various values are set directly by technical personnel. During the setting process, the actual operating conditions of the building, the performance parameters of the equipment, and past experience data are taken into account to ensure the rationality and effectiveness of the set values.
[0031] In this embodiment, by analyzing the correlation between parsing timeliness and processing monitoring, data sharing parsing optimization judgment, and permission decision allocation, it helps to achieve closed-loop management of the entire process from monitoring to optimization to decision-making. This allows parsing capabilities to adapt to dynamic loads and permission decisions to align with data quality and communication status, forming a linkage mechanism of "early problem detection, on-demand optimization, and precise authorization." This, in turn, helps to improve the real-time performance and security of cross-subsystem data sharing in buildings, the accuracy and flexibility of permission allocation, and the stability and reliability of cross-system intelligent linkage, promoting the upgrade of building IoT systems from "passive response" to "proactive adaptation."
[0032] Furthermore, considering the timeliness and processing capabilities of data sharing, the specific process for analyzing whether it is suitable for dynamic permission allocation is as follows: S1, monitor abnormal fluctuations in building data sharing: S11, quantify abnormal user density in the building to obtain the monitoring time window corresponding to when the personnel density exceeds the preset safe carrying capacity density of the building area within the preset building monitoring time. The duration monitored by the timer corresponding to this monitoring time window is recorded as the abnormal personnel density monitoring value; quantify abnormal access control status in the building to obtain the total number of access control authentication failures monitored by the counter within the preset building monitoring time, and record the corresponding results as the abnormal access control monitoring value. Among them, personnel density can be determined by using AI algorithms built into the AI camera, such as real-time target detection algorithms, to identify the number of people in the image area and calculate the density by combining the area covered by the camera.
[0033] S12, in order to accurately distinguish between real data input anomalies and temporary fluctuations of a single parameter, and to improve data processing efficiency and the ability to identify security risks in advance, it is necessary to make a judgment based on the parameter combination of the acquired abnormal personnel density monitoring value and abnormal building access control monitoring value: when the abnormal personnel density monitoring value and abnormal building access control monitoring value are detected to be within the pre-set abnormal user fluctuation range and abnormal building access control range, respectively, the input anomalies of the building cross-subsystem data are analyzed. If the above conditions are not met, the corresponding building cross-subsystem data is marked as qualified shared data, and dynamic matching of building communication and permission decisions is performed. This helps to accurately lock real data input anomalies in high-risk scenarios, reduce misjudgments caused by fluctuations of a single parameter, avoid permission allocation based on abnormal or erroneous data with fluctuations of a single parameter, ensure accurate matching of permission decisions with the real physical scenario (personnel status, access control security), and reduce the permission misjudgment rate.
[0034] S2, analyze the input anomalies of building cross-subsystem data, specifically as follows: S21, quantify the frequent input of building cross-subsystem data, that is, based on the preset building monitoring time, obtain the total number of updates of equipment status parameters in the preset building area monitored by the counter to obtain the building data anomaly count value; S22, perform a judgment operation based on the building data anomaly count value. If the building data anomaly count value is greater than the initially defined building data anomaly count value, trigger the parsing lag analysis mechanism; otherwise, mark the corresponding building cross-subsystem data as qualified shared data and perform dynamic matching of building communication and permission decisions. The initially defined building data anomaly count value is represented by the average value of the building data anomaly count value over a historical time period.
[0035] It should be added that the parsing lag analysis mechanism has the following specific process: Based on the total time taken from the generation of building cross-subsystem data by the subsystem to the completion of data parsing by the policy engine, the degree of parsing lag of building cross-subsystem data is quantified to obtain the parsing time result; In order to ensure the real-time performance and effectiveness of building cross-subsystem data from parsing to permission decision, the parsing time is used as a performance judgment condition for the parsing and permission decision stages. The parsing time result is compared with the predefined parsing time result. The specific comparison process is as follows: If the parsing time result is greater than the predefined parsing time result, the parsing lag optimization is carried out for the building cross-subsystem data, that is, the parsing lag optimization of building cross-subsystem data is performed; otherwise, dynamic matching of building communication and permission decision is performed. This helps to achieve the core effects of controllable parsing quality, accurate permission decision, and efficient operation. The predefined parsing time result is represented by the average parsing time result of historical time periods.
[0036] Specifically, the system analyzes input anomalies in building cross-subsystem data to obtain the number of anomalies. When this number exceeds an initially defined threshold, a parsing lag analysis mechanism is activated. This involves first obtaining the parsing time, and then, if this time exceeds a predefined limit, performing parsing lag optimization to further determine if the parsing time falls within the optimization range. This helps achieve precise management of parsing lag issues and quantitative evaluation of optimization effectiveness, avoiding resource misallocation caused by blind optimization. Ultimately, this ensures the timeliness of building cross-subsystem data parsing and provides real-time and effective data support for access control decisions. This reduces the mismatch between permission decisions and physical scenarios caused by data parsing delays. If the data is within the range of parsing delay optimization, authentication is performed on low-priority parsing delay optimization data based on edge nodes. Otherwise, a parsing thread pool is started to read the data. This helps to achieve hierarchical scheduling and load balancing of parsing resources. Edge node authentication can divert the parsing pressure of low-priority data and focus on the efficiency of core data processing. Parsing thread pool read operations can improve parsing throughput in high-load scenarios in an emergency and prevent low-priority data from blocking high-priority tasks. This helps to improve the overall parsing system's resilience to fluctuations and the real-time performance of core data parsing, ensuring the dynamic adaptation efficiency of permission decisions.
[0037] To address the issues of a single parsing optimization strategy failing to adapt to varying lag risks, inefficient resource allocation, and difficulty in ensuring the real-time performance of core business operations, a tiered management system based on the degree of parsing lag is needed. This will enable precise resource allocation and prevent ineffective resource consumption. The specific handling measures, i.e., the process of parsing lag optimization, are as follows:
[0038] The monitoring process involves checking whether the parsing time is within the pre-defined parsing lag optimization range set by the pre-set personnel. The minimum value of the parsing lag optimization range must be greater than or equal to the predefined parsing time. If the corresponding monitoring result is yes, the corresponding building cross-subsystem data is marked as low-priority parsing lag optimization data, and authentication of the low-priority parsing lag optimization data is performed based on edge nodes. If the corresponding monitoring result is no, the corresponding building cross-subsystem data is marked as high-priority parsing lag optimization data, and the parsing thread pool read operation is initiated. This involves integrating the corresponding parsing time result and the memory usage of the building cross-subsystem data monitored through the task manager into a set of data. This set of data is then input into the initially constructed parsing thread pool qualification table to obtain the target parsing thread pool capacity corresponding to the building cross-subsystem data. In the specific implementation of this application, the constructed database contains initially constructed tables or sets with mapping characteristics. These tables or sets can achieve precise one-to-one mapping between single parameters and also support many-to-one mapping of multiple parameters to a single parameter.
[0039] Based on the initial parsing thread pool capacity corresponding to the cross-subsystem data of the building, an adjustment prompt is sent, and the parsing thread pool capacity is adjusted to the target parsing thread pool capacity according to the obtained target parsing thread pool capacity. This helps to improve the parsing concurrency processing capability and the flexibility of dynamic load adaptation, thereby helping to achieve accurate matching between parsing capability and data fluctuations in the cross-subsystem data of the building (such as a sudden increase in personnel density or a surge in parsing tasks caused by high-frequency access control triggers), reducing parsing queue blocking and protocol parsing failures. Furthermore, it is required that the parsing time after adjusting the parsing thread pool capacity to the target parsing thread pool capacity is not greater than the predefined parsing time and the parsing time in the initial state of parsing lag optimization. The achievable effects are as follows:
[0040] This helps to rigidly verify the effect of parsing lag optimization, ensure the effectiveness of thread pool adjustment measures, avoid resource redundancy consumption caused by excessive expansion, and ensure the stability of the parsing system. It monitors the parsing time after the parsing thread pool capacity is adjusted to the target parsing thread pool capacity. If the parsing time is not greater than the predefined parsing time and the parsing time in the initial state of parsing lag optimization, it performs dynamic matching of building communication and permission decision. Otherwise, it sends a parsing warning and rolls back the parsing thread pool capacity to the initial parsing thread pool capacity.
[0041] The following specific additions are needed for the parsing thread pool qualification table, parsing timeout-edge aggregation ratio table, parsing timeout-edge aggregation priority reading table, decision confidence threshold reading table, and permission authorization linkage priority table:
[0042] The pre-set personnel will collect relevant information on various building cross-subsystems within a specific historical time period. This includes data sets on parsing time consumption and memory usage of building cross-subsystem data, parsing capacity overload values and initial parsing timeouts corresponding to building cross-subsystem data, initial edge aggregation windows and parsing request counts for building cross-subsystem data, parsing capacity overload values and initial parsing timeouts and initial edge aggregation windows corresponding to building cross-subsystem data, permission verification interruption values and input data volume of building cross-subsystem data, and permission verification interruption values, etc. This collected historical key information will be input into a machine learning model capable of revealing the importance of features.
[0043] It should be added that, relying on the unique feature splitting methods of machine learning models such as random forests, gradient boosting trees, and XGBoost, the input information is analyzed in depth according to the pre-set mapping criteria. During the model's operation, it automatically selects the features that have the most critical impact on the results and segments and classifies the data based on these features.
[0044] The machine learning model extracts results from the input information that can be used as weight values or other related data, such as the target parsing thread pool capacity, parsing timeout adjustment amount and edge aggregation window adjustment amount, parsing timeout degree value and edge aggregation window degree value, target decision confidence threshold value, and permission authorization linkage priority index, etc. Then, the raw data collected within a specific historical time period is correlated and matched with the corresponding weights or related data to generate a parsing thread pool qualification table, a parsing timeout-edge aggregation ratio table, a parsing timeout-edge aggregation priority reading table, a decision confidence threshold value reading table, and a permission authorization linkage priority table, etc.
[0045] When monitoring data such as parsing time consumption and memory usage of cross-subsystem data, parsing capacity overload value and initial parsing timeout corresponding to cross-subsystem data, initial edge aggregation window and parsing demand count of cross-subsystem data, parsing capacity overload value and initial parsing timeout and initial edge aggregation window corresponding to cross-subsystem data, permission verification interruption value and input data volume of cross-subsystem data, and permission verification interruption value, these data can be directly obtained by inputting them into tables or sets such as the parsing thread pool qualification table, parsing timeout-edge aggregation ratio table, parsing timeout-edge aggregation priority reading table, decision confidence threshold reading table, and permission authorization linkage priority table.
[0046] In this embodiment, the abnormal monitoring values of personnel density and building access control are obtained by analyzing the parsing timeliness during the data sharing process across building subsystems. When the abnormal monitoring values of personnel density and building access control are within the abnormal fluctuation range of users and the abnormal range of building access control, respectively, the input anomalies of the cross-subsystem data are further analyzed. Otherwise, dynamic matching of building communication and permission decisions is performed. The role of this correlation analysis is to accurately distinguish the core causes of parsing timeliness anomalies, avoid excessive investigation of normal scenarios without input anomalies, which would lead to resource waste, and focus on high-risk anomaly scenarios to carry out in-depth tracing, ensuring the response efficiency of permission decisions in normal scenarios and the targeting of anomaly scenario handling, and reducing cross-system linkage interruptions caused by blind processing.
[0047] Furthermore, considering the parsing timeliness and processing capabilities during data sharing, an analysis is conducted to determine whether the data is suitable for dynamic permission allocation. This includes: monitoring abnormal increases in the update dimensions of cross-subsystem data within a building; identifying the monitoring time window corresponding to when the number of update dimensions for cross-subsystem data exceeds the abnormal dimension threshold; marking the duration of this window as the update dimension increase monitoring result; judging the difference between the update dimension increase monitoring result and the predefined update dimension increase monitoring result to determine if it is greater than 0. If the difference is greater than 0, the corresponding update dimension increase monitoring result is marked as an abnormal update dimension result, and an overload analysis of the parsing capabilities of cross-subsystem data is performed. If the difference is not greater than 0, the corresponding cross-subsystem data is marked as qualified shared data, and dynamic matching of building communication and permission decisions is performed. The predefined update dimension increase monitoring result is represented by the average value of the update dimension increase monitoring results over a historical time period.
[0048] Specifically, the parsing capacity overload analysis includes: using the proportion of building cross-subsystem data whose total parsing time exceeds a preset parsing time threshold, and the data volume of building cross-subsystem data monitored by resource monitoring tools such as Linux, as a parsing capacity overload value to reflect the overload situation when parsing building cross-subsystem data; and in order to build a mechanism for parsing overload risk from accurate identification to targeted optimization and then to process diversion, to solve the problems of parsing overload that cannot be quantitatively determined, optimization measures that are triggered blindly, and normal data processing efficiency that is dragged down, while adapting to building cross-subsystem data Based on the dynamic fluctuations in the scenario, the following measures need to be taken: A comparative analysis is performed between the parsing capacity overload value and the preset parsing capacity overload threshold value. The corresponding analysis process is as follows: if the parsing capacity overload value is greater than the preset parsing capacity overload threshold value, an optimization processing mechanism for the parsing capacity overload situation is triggered, i.e., parsing capacity overload optimization measures. Conversely, the corresponding building cross-subsystem data is marked as qualified shared data, and dynamic matching of building communication and permission decisions is performed. The preset parsing capacity overload threshold value is represented by the average parsing capacity overload value over a historical time period.
[0049] The specific effects of the above-mentioned parsing capacity overload analysis are as follows: By performing parsing capacity overload analysis to obtain the parsing capacity overload value, and when the parsing capacity overload value exceeds the preset parsing capacity overload threshold, parsing capacity overload optimization measures are triggered. This helps to achieve on-demand release of parsing resources and precise simplification of parsing logic, avoid core data parsing delays caused by invalid resource occupation, and balance parsing efficiency and data integrity. It also reduces protocol parsing failures and permission verification failures caused by overload. In this way, it ensures the smoothness of IoT data sharing and the security of permission control, and supports the stable operation of cross-subsystem intelligent linkage.
[0050] like Figure 3 The diagram shown illustrates the overload optimization measures for the parsing capability of the IoT-based building cross-subsystem data sharing and dynamic permission allocation method provided in an embodiment of this invention. Figure 3 It can be seen that: based on the obtained parsing timeout value and edge aggregation window value, if the parsing timeout value is greater than the edge aggregation window value, the parsing timeout is reduced by level and the edge aggregation window is increased by level in sequence; if the parsing timeout value is less than the edge aggregation window value, the window is increased by level and the parsing timeout is reduced by level in sequence; if the parsing timeout value is equal to the edge aggregation window value, the edge aggregation window is increased by level and the parsing timeout is reduced by level in sequence.
[0051] It should be added that the specific content of the resolution capacity overload optimization measures is as follows: Integrate the resolution capacity overload value and the initial resolution timeout and initial edge aggregation window corresponding to the building cross-subsystem data to form a data set; that is, integrate the resolution capacity overload value and the initial resolution timeout and initial edge aggregation window corresponding to the building cross-subsystem data into a single data set; retrieve the degree quantification value of the resolution timeout and edge aggregation window corresponding to the building cross-subsystem data, and input this data set into the initially constructed resolution timeout-edge aggregation priority reading table; retrieve the resolution timeout value corresponding to the building cross-subsystem data... The parsing timeout value and the edge aggregation window value are used to determine the parsing timeout value and the edge aggregation window value. If the parsing timeout value is greater than the edge aggregation window value, the parsing timeout value is reduced and the edge aggregation window value is increased according to a preset sequence. If the parsing timeout value is less than the edge aggregation window value, the window value is increased and the parsing timeout value is reduced according to a preset sequence. If the parsing timeout value is equal to the edge aggregation window value, the edge aggregation window value is increased and the parsing timeout value is reduced according to a preset sequence.
[0052] Specifically, when the parsing timeout level is greater than the edge aggregation window level, sequentially reducing the parsing timeout and increasing the edge aggregation window level helps to address the core pain point of "slow parsing response" first. Then, merging high-frequency redundant data reduces the parsing load, preventing the exacerbation of timeout issues caused by initial aggregation. When the parsing timeout level is less than the edge aggregation window level, sequentially increasing the window level and reducing the parsing timeout level helps to first reduce the total parsing tasks and release system resources through aggregation, then further compress the timeout to improve response speed, avoiding parsing failures of low-priority data due to initial timeout reduction. When the parsing timeout level is equal to the edge aggregation window level, simultaneously increasing the edge aggregation window level and reducing the parsing timeout level helps to simultaneously optimize parsing efficiency and load reduction, quickly balancing parsing response speed and processing capacity. This improves the targeting and efficiency of parsing overload optimization, shortens the optimization iteration cycle, and ensures the continuity of permission verification and cross-system linkage.
[0053] The "tiered reduction of parsing timeout" means that within a pre-set, qualified parsing timeout range, the parsing timeout is adjusted step-by-step, using the adjusted parsing timeout amount as the corresponding adjustment step. This helps improve the accuracy and stability of the parsing response, avoids incomplete parsing of core data due to a one-time large compression of the timeout, and thus provides a core basis for permission decisions. At the same time, it gradually improves the overall parsing efficiency and reduces permission verification delays caused by timeouts. The "tiered increase of edge aggregation window" means that within a pre-set, qualified edge aggregation window range, the edge aggregation window is gradually increased step-by-step, using the adjusted edge aggregation window amount as the corresponding adjustment step. This helps improve the accuracy and stability of the parsing response, avoids incomplete parsing of core data due to a one-time large compression of the timeout, and thus provides a core basis for permission decisions. At the same time, it gradually improves the overall parsing efficiency and reduces permission verification delays caused by timeouts.
[0054] The resolution timeout and edge aggregation window adjustment values are obtained as follows: The resolution capacity overload value, the initial resolution timeout, the initial edge aggregation window, and the number of resolution requests for building cross-subsystem data monitored by a counter are used as inputs and imported into a pre-built resolution timeout-edge aggregation ratio table. The output is the resolution timeout and edge aggregation window adjustment values. During the process of progressively reducing the resolution timeout and progressively increasing the edge aggregation window, if the re-monitored resolution capacity overload value meets the resolution capacity optimization criteria, building communication and access control decisions are implemented. The dynamic matching of the policy means that if the parsing timeout corresponding to the cross-subsystem data of the building decreases to the lower limit of the qualified parsing timeout interval, or the edge aggregation window increases to the upper limit of the qualified edge aggregation window interval, the parsing capacity overload value still does not meet the qualified conditions for parsing capacity optimization. A feedback prompt is sent to the preset personnel to roll back the parsing timeout and edge aggregation window to the corresponding initial parsing timeout and initial edge aggregation window. The qualified conditions for parsing capacity optimization mean that the re-monitored parsing capacity overload value is not greater than the preset parsing capacity overload value and the parsing capacity overload value of the initial state when parsing capacity overload optimization measures are taken.
[0055] In this embodiment, parsing processing capability analysis is performed during data sharing across building subsystems to obtain monitoring results of updated dimensions. When the difference between the monitoring results of updated dimensions and predefined updated dimensions is greater than 0, parsing capability overload analysis is performed; otherwise, dynamic matching of building communication and permission decisions is performed. By linking parsing processing capability analysis and parsing capability overload analysis, it is helpful to achieve hierarchical identification and accurate tracing of parsing overload risks (first determine whether there is an overload risk caused by the addition of dimensions, and then analyze the degree of overload and core causes in depth), avoiding excessive intervention in conventional scenarios without added dimensions, while focusing on targeted treatment of overload problems caused by dynamic changes in dimensions. This helps to improve the parsing system's adaptability to data load fluctuations, reduce parsing blockage caused by added dimensions, and ensure the continuity of permission verification.
[0056] By analyzing the timeliness and processing capabilities of data parsing across building subsystems, this approach addresses the shortcomings of existing technologies that often rely on a single dimension to assess parsing status and lack adaptability to dynamic changes in data update dimensions. This approach is prone to delays in overload warnings or blind optimization measures. It helps achieve a comprehensive and accurate profile of parsing status and risk prediction, enabling optimization measures to adapt to load fluctuations caused by "high-frequency data input" and respond to special scenarios of "dynamic dimension additions." This, in turn, ensures the stability of data sharing across building subsystems and the timeliness of parsing results, providing high-quality data support for dynamic permission decisions and avoiding permission allocation mismatches and cross-system linkage interruptions caused by parsing issues.
[0057] In the second embodiment of this invention, when in an emergency response scenario for a building's core equipment failure, it is necessary to perform parsing capacity overload analysis to identify overload risks in advance and ensure the stability of cross-subsystem data sharing. The parsing capacity overload analysis also includes: obtaining a parsing capacity overload risk level value and a preset overload risk level value, using the difference between the two as an overload risk level deviation value, and making a judgment based on the obtained overload risk level deviation value: if the overload risk level deviation value is greater than 0, a sharing risk alarm is sent; otherwise, the corresponding cross-subsystem data of the building is marked as qualified shared data, and dynamic matching of building communication and permission decisions is performed. The preset overload risk level value is represented by the average value of the parsing capacity overload risk level value over a historical time period.
[0058] For example, the risk level of resolution overload can be obtained through the following method:
[0059] ;
[0060] In the formula, FX represents the risk level of overload in analytical capacity, and F1 represents the input frequency of cross-subsystem data in the building (the number of times cross-subsystem data is input within a preset time period, monitored by a counter); F MAXα represents the engine's maximum processing frequency, which is preset by designated personnel; β represents the frequency load weight, which is preset by designated personnel; D1 represents the number of updated dimensions for cross-subsystem data in the building (i.e., the number of variables describing cross-subsystem data in the cross-subsystem data update operation), which is monitored by a counter; DMAX represents the engine's maximum supported dimensions, which is preset by designated personnel; γ represents the communication status coefficient, used to quantify the impact of communication status and correct for data fluctuations, which is preset by designated personnel.
[0061] By integrating core factors of data load and communication status, overload causes are transformed into calculable risk values. Through the mutual adjustment of frequency load weight and dimensional load weight, if the scenario is mainly characterized by frequent data input (such as peak visitor periods), the frequency load weight can be increased and the dimensional load weight decreased; if the scenario is mainly characterized by the addition of new data dimensions (such as equipment failure), the dimensional load weight can be increased and the frequency load weight decreased, thus achieving scenario-based and precise quantification of risk. The communication status coefficient is a correction factor for risk based on communication status. When the communication status is poor (such as packet loss or high latency), the communication status coefficient will amplify the basic risk (e.g., communication status coefficient > 1), because communication anomalies will exacerbate parsing pressure and reduce processing efficiency.
[0062] In this embodiment, when in an emergency response scenario for a core building equipment failure—specifically, when a data dimension is temporarily added and communication congestion occurs due to high-frequency reporting from IoT gateways in the faulty area—a resolution capacity overload analysis is performed to obtain a resolution capacity overload risk level value. This value is then compared with a preset overload risk level value. Dynamic matching of building communication and access control decisions is only executed when the difference between the two values is not greater than 0. This helps to achieve proactive management of resolution overload risk and precise adaptation of authorization decisions in emergency scenarios. Overload analysis first confirms that the resolution load is within a controllable range, preventing resolution instability caused by communication congestion or the addition of new data dimensions. In a state of emergency, blindly initiating permission decisions can prevent permission verification from relying on distorted data or causing decision interruptions due to overload. At the same time, focusing on the urgent needs of handling core equipment failures, and under the premise of controllable risks, dynamic matching and real-time adaptation of communication link status (such as effective data transmission channels under congestion) and emergency authorization needs (such as equipment operation permissions and area access permissions for maintenance personnel) can improve the response speed and reliability of permission authorization in emergency handling of core equipment failures. This ensures that authorized maintenance personnel can quickly obtain key permissions to shorten the fault repair time, while preventing permission verification failures or misauthorizations caused by parsing overload or unstable communication.
[0063] Furthermore, the specific process for dynamically matching building communication and access control decisions is as follows: Based on the total number of monitored access control verification interruptions, the results are marked and a value reflecting the inaccuracy of access control verification is obtained, which is used as the access control verification interruption value; based on the access control verification interruption value, it is determined whether to allocate access control decisions; when the access control verification interruption value is not greater than the extracted access control verification interruption threshold, access control decisions are allocated according to the corresponding building cross-subsystem data; otherwise, the monitoring of the value, i.e., the access control verification interruption value, continues. If the average value of the value, i.e., the access control verification interruption value, is found to be greater than the access control verification interruption threshold within a preset dynamic matching time period, the decision confidence adjustment operation is initiated. The access control verification interruption threshold is represented by the average value of access control verification interruption values over a historical time period. The decision confidence adjustment operation is used to filter high-risk decisions driven by low-quality data, thereby reducing access control allocation mismatch.
[0064] It should be added that the specific process of adjusting the decision confidence level is as follows: The data volumes of the permission verification interruption value and the building cross-subsystem data are integrated into a dataset. This dataset is then input into the initially constructed decision confidence threshold reading table to read the target decision confidence threshold value corresponding to the building cross-subsystem data. Based on the initial decision confidence threshold value, the decision confidence threshold value corresponding to the building cross-subsystem data is adjusted to the target decision confidence threshold value. This helps improve the accuracy of the adaptation between the decision confidence level and the actual state of permission verification, further ensuring the accuracy and risk controllability of permission allocation, and preventing verification errors. To mitigate the risk of decision failures caused by interruptions, reliable access control is provided for cross-subsystem data sharing and intelligent linkage within the building. To avoid an imbalance between the security and effectiveness of access control allocation after adjusting the decision confidence threshold, after adjusting the decision confidence threshold of cross-subsystem data to the target decision confidence threshold, if the re-monitored access control interruption value is neither greater than the access control interruption threshold nor greater than the access control interruption value of the initial state of the decision confidence control operation, access control allocation is performed. Otherwise, a control operation alarm is sent to the preset personnel, and the decision confidence threshold is rolled back to the initial decision confidence threshold.
[0065] In this embodiment, permission verification interruption values are obtained by dynamically matching building communication with permission decisions. Permission decisions are made when the interruption value is not greater than the extracted permission verification interruption threshold. Otherwise, permission verification interruption values are continuously monitored, and when the average value of the interruption values exceeds the threshold, decision confidence adjustment is initiated. This helps to achieve differentiated handling of permission verification interruptions, ensuring the normal flow of permission decisions in occasional interruption scenarios (avoiding excessive intervention leading to efficiency loss), and addressing decision risks caused by frequent interruptions through confidence adjustment (preventing authorization based on unstable verification results). Through correlation analysis between the dynamic matching of building communication and permission decisions and the decision confidence adjustment, permission decisions can adapt to building scenarios with fluctuating communication status and dynamic data changes, while strengthening risk prevention and control through confidence adjustment, thus balancing the core requirements of authorization efficiency and security management.
[0066] In Embodiment 3 of this invention, to achieve hierarchical adaptation between the continuity of access control decisions and the controllability of risks during a sudden alarm in a building, and to adapt to the complex risk gradient of the building scenario, dynamic matching of building communication and access control decisions (i.e., dynamic matching of building communication status and access control decisions) is performed. The method further includes: determining whether the acquired access control interruption value is not greater than the maximum access control interruption threshold value preset by a pre-defined person; if the acquired access control interruption value is not greater than the extracted maximum access control interruption threshold value, access control decisions are allocated based on the corresponding cross-subsystem data of the building; otherwise, the corresponding cross-subsystem data of the building is input into a preset access control decision risk model, and the access control decision risk alarm level is output; the maximum access control interruption threshold value is greater than the access control interruption threshold value.
[0067] It should be added that, such as Figure 4 The diagram illustrates the permission decision risk training provided in an embodiment of this invention. A training set is randomly generated from a set of data including building cross-subsystem data (user's current location coordinates, building cross-subsystem linkage commands, access control device status, elevator real-time floor level, air conditioner set temperature, etc.) and a preset permission decision risk alarm level. This training set is then input into a training model, such as a decision tree model, to obtain the trained model, which is the preset permission decision risk model. By inputting newly acquired building cross-subsystem data into the preset permission decision risk model, a permission decision risk alarm level that quantifies the risk level of permission decisions can be output.
[0068] In this embodiment, when a sudden emergency in a building causes wireless communication interruption in some areas and communication links of subsystems such as elevators, access control, and monitoring to become unstable, dynamic matching of building communication and permission decisions is performed. When the permission verification interruption value exceeds the maximum permission verification interruption threshold, a permission decision risk alarm level is output based on a preset permission decision risk model. This helps to achieve accurate classification of permission risks and dynamic adaptation of emergency authorization under extreme communication scenarios. It avoids "disordered authorization" caused by complete failure of permission verification due to communication interruption (such as unauthorized personnel entering dangerous areas), provides clear permission risk guidance for emergency command, ensures the orderly execution of cross-subsystem emergency operations such as elevator emergency landing, access control unlocking, and monitoring linkage, improves the reliability and scenario adaptability of permission decisions under sudden emergencies, and minimizes emergency linkage interruptions or security risks caused by communication instability.
[0069] Furthermore, the specific process for allocating permissions is as follows: The permission verification interruption value is used as an input item and imported into a pre-built permission authorization linkage priority table to read the permission authorization linkage priority index; if the permission authorization linkage priority index is greater than the preset permission authorization linkage priority index, priority authorization operation is performed for the corresponding building cross-subsystem data; if the permission authorization linkage priority index is not greater than the preset permission authorization linkage priority index, a waiting authorization instruction is sent, wherein the preset permission authorization linkage priority index is represented by the average value of the permission authorization linkage priority index over a historical time period.
[0070] In this embodiment, a priority index for authorization linkage is obtained by allocating permissions. When the priority index is greater than the preset priority index, priority authorization is performed; otherwise, a waiting authorization instruction is sent. This helps to achieve hierarchical scheduling of authorization and precise allocation of core resources, avoiding disorderly queuing of all authorization requests that leads to delayed response to critical needs. It ensures uninterrupted cross-system intelligent linkage (such as activation of equipment fault repair permissions, opening of emergency access control, and smooth passage in high-density scenarios), while avoiding low-priority authorization requests occupying core parsing and communication resources. It balances the timeliness of permission allocation and resource utilization efficiency in building scenarios, prevents security risks or operational interruptions caused by critical authorization delays, and provides orderly and efficient permission support for cross-subsystem data sharing and intelligent linkage in buildings.
[0071] The above-disclosed embodiments are merely some examples of the present invention and should not be construed as limiting the scope of the present invention. Therefore, any equivalent variations made in accordance with the claims of the present invention are still within the scope of the present invention.
Claims
1. A method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things, characterized in that, The method includes: For building cross-subsystem data used to adapt to authorization and secure sharing characteristics in dynamic scenarios, an analysis is conducted on whether it is suitable for dynamic permission allocation, taking into account the parsing timeliness and parsing processing capabilities during the data sharing process. The analysis results of parsing timeliness and parsing processing capacity are used as the determining conditions for activating the data sharing parsing enhancement mechanism. When the output is activated, dynamic matching of building communication and permission decision is performed after the data sharing parsing enhancement mechanism is activated. The data sharing parsing enhancement mechanism includes a parsing lag analysis mechanism and parsing capacity overload optimization measures. When the output is "not started", the dynamic matching of building communication and permission decision is performed directly, and the result of the dynamic matching is used as the decision condition for whether to perform permission decision allocation. The specific process of analyzing whether a data sharing system is suitable for dynamic permission allocation, taking into account the parsing timeliness and processing capabilities, is as follows: S1, perform abnormal fluctuation monitoring of building data sharing: The abnormal user density of buildings is quantified to obtain the monitoring time window corresponding to the time when the personnel density exceeds the preset safe carrying density of the building area within the preset building monitoring time period. The duration corresponding to the monitoring time window is recorded as the abnormal personnel density monitoring value. The abnormal status of building access control is quantified to obtain the total number of access control authentication failures within a preset building monitoring time, and the corresponding results are recorded as the building access control abnormal monitoring value; When abnormal monitoring values of personnel density and abnormal monitoring values of building access control are detected to be within the pre-set abnormal range, the input abnormality of cross-subsystem data of the building is analyzed. If the above conditions are not met, the corresponding cross-subsystem data of the building is marked as qualified shared data, and dynamic matching of building communication and permission decision is performed. S2, Analysis of input anomalies in building cross-subsystem data: The frequency of cross-subsystem data input in a building is quantified. Based on the preset building monitoring time, the total number of updates of equipment status parameters in a preset building area is used to obtain the number of abnormal building data. If the number of abnormal building data is greater than the initially defined number of abnormal building data, the parsing lag analysis mechanism is triggered. Otherwise, the corresponding cross-subsystem data is marked as qualified shared data, and dynamic matching of building communication and permission decision is performed. The analysis of whether it is suitable for dynamic permission allocation, which combines the parsing timeliness and parsing processing capabilities in the data sharing process, also includes: Monitor the abnormal increase in update dimensions of cross-subsystem data of buildings, obtain the monitoring time window corresponding to the number of update dimensions of cross-subsystem data of buildings exceeding the threshold of abnormal dimension number, and mark the duration of the window as the monitoring result of the increase in update dimensions; The difference between the monitoring results of the updated dimension and the monitoring results of the predefined updated dimension is judged. If the difference is greater than 0, the corresponding monitoring result of the updated dimension is marked as an abnormal updated dimension result, and an overload analysis of the parsing capacity of the building cross-subsystem data is performed. If the difference is not greater than 0, the corresponding building cross-subsystem data is marked as qualified shared data, and dynamic matching of building communication and permission decision is performed. The analysis of parsing capacity overload also includes: Obtain the overload risk level value of the resolution capability and the preset overload risk level value, and use the difference between the two as the overload risk level deviation value. Make a judgment based on the obtained overload risk level deviation value: If the overload risk level deviation value is greater than 0, a shared risk alarm is sent; otherwise, the corresponding cross-subsystem data of the building is marked as qualified shared data, and dynamic matching of building communication and access control decisions is performed. The overload risk value of the analytical capability can be obtained through the following method: ; In the formula, FX represents the risk level of overload in analytical capacity, F1 represents the input frequency of building cross-subsystem data, and F MAX This represents the engine's maximum processing frequency, α represents the frequency load weight, β represents the dimension load weight, and D1 represents the number of updated dimensions for building cross-subsystem data. MAX This represents the maximum number of dimensions supported by the engine, and γ represents the communication state coefficient. The specific process of dynamically matching building communication and access control decisions is as follows: Get the total number of permission verification interruptions and use this value as the permission verification interruption value. When the permission verification interruption value is not greater than the extracted permission verification interruption threshold value, permission decisions are made based on the corresponding building cross-subsystem data. Otherwise, the value is continuously monitored. If the average value of the value is found to be greater than the permission verification interruption threshold value within the preset dynamic matching time period, the decision confidence adjustment operation is initiated. The dynamic matching of building communication and access control decisions also includes: If the obtained permission verification interruption value is not greater than the extracted maximum permission verification interruption threshold value, permission decision allocation is made based on the corresponding building cross-subsystem data; otherwise, the corresponding building cross-subsystem data is input into the preset permission decision risk model, and the permission decision risk alarm level is output. The specific process for allocating and making permission decisions is as follows: The interruption value of the permission verification is used as an input item and imported into the pre-built permission authorization linkage priority table. The permission authorization linkage priority index is read. If the permission authorization linkage priority index is greater than the preset permission authorization linkage priority index, priority authorization operation is performed for the corresponding building cross-subsystem data; otherwise, a waiting authorization instruction is sent.
2. The method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things as described in claim 1, characterized in that, The specific process of the analytical lag analysis mechanism is as follows: Based on the total time taken from the generation of cross-subsystem data in the subsystem to the completion of data parsing by the strategy engine, the degree of parsing lag in cross-subsystem data is quantified to obtain the parsing time result; If the parsing time is greater than the predefined parsing time, parsing lag optimization is performed for cross-subsystem data of the building; otherwise, dynamic matching of building communication and permission decision is performed. The specific process of analytical lag optimization is as follows: Monitor whether the parsing time is within the range of parsing lag optimization. If the corresponding monitoring result output is yes, the corresponding building cross-subsystem data is marked as low-priority parsing lag optimization data, and the low-priority parsing lag optimization data is authenticated based on the edge node; If the corresponding monitoring result output is negative, the corresponding building cross-subsystem data is marked as high-priority parsing lag optimization data, and the parsing thread pool reading operation is started. That is, the corresponding parsing time result and the memory usage of the building cross-subsystem data are integrated into a set of data. This set of data is input into the parsing thread pool qualification table, and the target parsing thread pool capacity corresponding to the building cross-subsystem data is obtained from it. An adjustment prompt is sent, that is, the parsing thread pool capacity is adjusted to the target parsing thread pool capacity. At the same time, based on the adjusted parsing time result, it is determined whether to trigger the parsing thread pool capacity rollback mechanism.
3. The method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things as described in claim 1, characterized in that, The parsing capability overload analysis includes: The percentage of building cross-subsystem data whose total parsing time exceeds the preset parsing time threshold and the percentage of data volume in building cross-subsystem data are used as the parsing capacity overload value. The analysis compares the parsing capacity overload value with the preset parsing capacity overload threshold. If the parsing capacity overload value is greater than the preset parsing capacity overload threshold, an optimization processing mechanism for the parsing capacity overload situation is triggered, i.e., parsing capacity overload optimization measures. Otherwise, the corresponding building cross-subsystem data is marked as qualified shared data, and dynamic matching of building communication and permission decisions is performed.
4. The method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things as described in claim 3, characterized in that, The specific details of the overload optimization measures for parsing capability are as follows: The initial parsing timeout and initial edge aggregation window corresponding to the parsing capacity overload value and the building cross-subsystem data are integrated into a data set, that is, the parsing capacity overload value and the initial parsing timeout and initial edge aggregation window corresponding to the building cross-subsystem data are integrated into a set of data; Retrieve the parsing timeout time and edge aggregation window level values corresponding to the cross-subsystem data of the building. That is, input this set of data into the initially constructed parsing timeout-edge aggregation priority reading table, and retrieve the parsing timeout time level value and edge aggregation window level value corresponding to the cross-subsystem data of the building. The judgment is based on the parsing timeout value and the edge aggregation window value: If the parsing timeout value is greater than the edge aggregation window value, then execute the parsing timeout reduction step by step and the edge aggregation window increase step by step in sequence. If the parsing timeout value is less than the edge aggregation window value, perform the step-by-step window enlargement operation and the step-by-step reduction of the parsing timeout value in sequence. If the parsing timeout level value is equal to the edge aggregation window level value, then simultaneously increase the edge aggregation window by level and decrease the parsing timeout by level. The step-by-step reduction of parsing timeout means that within the qualified parsing timeout interval, the parsing timeout is reduced step-by-step with the parsing timeout adjustment amount as the corresponding adjustment step size, and the feedback mechanism is determined based on the adjusted result. The step-by-step increase of the edge aggregation window means that within the qualified edge aggregation window range, the edge aggregation window is gradually increased with the adjustment amount as the corresponding adjustment step size, and the feedback mechanism is determined based on the adjustment result. The specific method for obtaining the parsing timeout adjustment amount and the edge aggregation window adjustment amount is as follows: the parsing capacity overload value and the initial parsing timeout time, initial edge aggregation window and the number of parsing requirements of the building cross-subsystem data are taken as input items, imported into the pre-constructed parsing timeout-edge aggregation ratio table, and the parsing timeout adjustment amount and edge aggregation window adjustment amount are output.
5. The method for cross-subsystem data sharing and dynamic permission allocation in buildings based on the Internet of Things as described in claim 1, characterized in that, The specific process of adjusting the decision confidence level is as follows: The data volume of the permission verification interruption value and the building cross-subsystem data is integrated into a set of data. This set of data is input into the decision confidence threshold value reading table, and the target decision confidence threshold value corresponding to the building cross-subsystem data is read. Based on the initial decision confidence threshold, the decision confidence threshold corresponding to the building cross-subsystem data is adjusted to the target decision confidence threshold. If the re-monitored permission verification interruption value after adjustment is not greater than the permission verification interruption threshold and the permission verification interruption value of the initial state corresponding to the execution of the control operation, permission decision allocation will be made; otherwise, a control operation alarm will be sent to the preset personnel and the decision confidence threshold will be rolled back to the initial decision confidence threshold.