Jianghuai inland river shipping data trusted space governance method based on zero trust architecture

By using multi-data trust assessment based on a zero-trust architecture and an improved PBFT consensus algorithm, combined with dynamic security strategy optimization through reinforcement learning, the problems of difficulty in data credibility assessment and inconsistent risk perception in the Jianghuai inland waterway shipping system have been solved, achieving comprehensive security protection and data governance.

CN122089097BActive Publication Date: 2026-07-03ANHUI UNIV +3

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Patents(China)
Current Assignee / Owner
ANHUI UNIV
Filing Date
2026-04-27
Publication Date
2026-07-03

AI Technical Summary

Technical Problem

The lack of a scientific data credibility assessment mechanism, inconsistent risk perception among groups, lack of dynamic adaptability in safety strategies, and imperfect data governance and security protection system in the Jianghuai inland waterway shipping system have led to unreliable data, inconsistent risk perception, and insufficient security protection capabilities.

Method used

By adopting a zero-trust architecture-based approach, a data trust, risk consensus, and security protection technology system is formed through the construction of multi-dimensional data trust assessment, improved practical Byzantine Fault Tolerance (PBFT) algorithm for group risk consensus, and reinforcement learning for dynamic security strategy optimization. This system achieves data trust assessment, risk consensus, and comprehensive security protection.

Benefits of technology

It enables multi-dimensional and quantitative data credibility assessment, reduces security risks caused by differences in risk perception, and improves the flexibility of security protection and overall security capabilities.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122089097B_ABST
    Figure CN122089097B_ABST
Patent Text Reader

Abstract

The present application relates to a Jianghuai inland river shipping data trusted space governance method based on a zero trust architecture, comprising data feature modeling and data quality score calculation on shipping data, construction of a trust triple calculation expected probability, consensus fusion on multi-element data, calculation of the fusion expected probability and trusted index of various shipping data, construction of a risk assessment model to output a risk assessment value, construction of a group risk consensus mechanism based on an improved PBFT consensus algorithm to output a group risk consistency index, generation of an optimal security strategy based on a reinforcement learning algorithm, and design of dynamic access control rules, risk disposal priority sorting rules and dynamic response strategies, which solves the problems of data trustworthiness evaluation difficulty, group risk cognitive inconsistency and insufficient dynamic security protection capability in the inland river shipping system, and realizes all-round security protection of the shipping system.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of data security and governance technology for inland waterway shipping in the Jianghuai region, and in particular to a trusted space governance method for inland waterway shipping data in the Jianghuai region based on a zero-trust architecture. Background Technology

[0002] With the intelligent and digital development of inland waterway transportation, the Jianghuai inland waterway transportation system faces increasingly complex security challenges. Traditional boundary protection models are no longer adequate for the security needs of modern shipping systems. Zero-trust architecture, as a new generation of security concept, has emerged. In the Jianghuai inland waterway transportation scenario, the secure interaction and governance of diverse data from ships, shore-based systems, and sensing systems has become a key issue. Currently, data sources in the inland waterway transportation system are diverse, including ship AIS data, sensor data, and shore-based system data. The credibility assessment of this data, the formation of consensus on group risks, and the formulation of dynamic security strategies are directly related to the safe operation of the shipping system. However, existing technologies still have shortcomings such as a lack of scientific data credibility assessment mechanisms, inconsistent group risk perceptions, anti-dynamic adaptability of security strategies, and the absence of a complete data governance and security protection system.

[0003] The main shortcomings of existing technologies in the field of inland waterway shipping data security can be summarized into the following five points: First, the data credibility assessment methods are simplistic, lacking advanced theories for multi-dimensional evaluation and failing to comprehensively reflect data credibility. Second, the lack of a group risk consensus mechanism leads to differences in risk perception among participating parties, making it difficult to form a unified risk assessment. Third, security strategies are statically fixed, lacking the ability to dynamically adjust based on system status, and unable to cope with complex and ever-changing security threats. Fourth, the data governance and security protection system is imperfect, with a lack of organic integration among various links, resulting in poor overall protection effectiveness. Finally, existing technologies do not fully consider the special scenario requirements of inland waterway shipping in the Yangtze and Huaihe River basins, making general solutions difficult to adapt to specific environments. These shortcomings lead to problems such as unreliable data, inconsistent risk perceptions, and insufficient security protection capabilities in the inland waterway shipping system, affecting the safe operation of the shipping system.

[0004] Therefore, building a trustworthy space governance system for inland waterway shipping data based on a zero-trust architecture, establishing a group risk consensus mechanism, and designing dynamic security strategies have become urgent needs to ensure the safety of the inland waterway shipping system. Summary of the Invention

[0005] To address the shortcomings of existing technologies, this invention provides a data trust space governance method for inland waterway shipping in the Jianghuai region based on a zero-trust architecture. This method overcomes the limitations of traditional approaches, such as the lack of a scientific data trust assessment mechanism, inconsistent group risk perception, anti-dynamic adaptability of security strategies, and the absence of a complete data governance and security protection system. This invention utilizes the "least privilege, least access" principle of zero-trust architecture. It constructs a three-layer technical system: multi-dimensional data trust assessment, group risk consensus based on an improved Practical Byzantine Fault Tolerance (PBFT) algorithm, and dynamic security strategy optimization based on reinforcement learning. This forms a complete technical system for data trust, risk consensus, and security protection, enabling data trust assessment, risk consensus achievement, and comprehensive security protection for the inland waterway shipping system, thus achieving comprehensive data access security assurance for the inland waterway shipping system.

[0006] To achieve the above technical objectives, this invention provides the following technical solution: a method for trustworthy space governance of inland waterway shipping data in the Yangtze and Huai River basins based on a zero-trust architecture, comprising the following steps:

[0007] S1. Collect shipping data, perform data feature modeling on the shipping data, and calculate the data quality score of various types of shipping data provided by each data source.

[0008] S2. Construct trust triplets for various types of shipping data from each data source based on data quality scores, and then calculate the expected probability of each data source for various types of shipping data; the trust triplets include trust level, distrust level, and uncertainty level.

[0009] S3. Determine whether there are data conflicts in the shipping data. For shipping data without data conflicts, apply weighted average fusion to the trust triplet. For shipping data with data conflicts, apply consensus fusion to the trust triplet. Construct a fused trust triplet, calculate the expected fusion probability of various types of shipping data, and then calculate the credibility index of various types of shipping data.

[0010] S4. Using data sources as nodes, construct a risk assessment model and output the risk assessment values ​​of each data source for various types of shipping data based on the fused expected probability.

[0011] S5. Design an improved PBFT consensus algorithm. The improved PBFT consensus algorithm selects the master node based on the expected probability of each data source for various types of shipping data, and determines whether they have reached a consensus.

[0012] S6. Construct a group risk consensus mechanism based on the improved PBFT consensus algorithm, define the conditions for achieving group risk consensus, output the risk assessment value of the master node that achieves group risk consensus, and calculate the group risk consistency index.

[0013] S7. Based on reinforcement learning algorithm, perform dynamic security policy optimization, and combine master node risk assessment value and group risk consistency index to generate optimal security policy;

[0014] S8. Design dynamic access control rules based on fusion expected probability, design risk handling priority ranking rules, generate dynamic response strategies, and then execute the generated optimal security strategy to achieve trusted spatial governance of shipping data.

[0015] Optionally, in step S1, the data feature modeling of the shipping data includes: defining a data feature vector, mathematically represented as follows:

[0016] ;

[0017] in, Indicates the first Data sources at time The provided first The data feature vector of shipping data, which includes at least ship AIS data, video surveillance data, and sensor data; Indicates the transpose operation; Represents data feature vectors The Middle The values ​​of shipping data features include at least data integrity, accuracy, timeliness, and consistency. For data feature vectors Total number of data features in China's shipping industry;

[0018] In step S1, calculating the data quality score of various types of shipping data provided by each data source includes: calculating the data quality score based on the data feature vector, mathematically represented as follows:

[0019] ;

[0020] in, Indicates the first Data sources at time The provided first Data quality score for shipping-like data; Indicates the first The weights of shipping data features for each shipping data feature satisfy... ; For the first The feature scoring function for each shipping data feature maps the feature values ​​to... Interval.

[0021] Optionally, step S2 specifically includes:

[0022] S21. Calculate the trust level, mathematically represented as follows:

[0023] ;

[0024] in, Indicates the first Data sources at time The provided first Trustworthiness of shipping-related data; Indicates the first Data sources at time The provided first Data quality score for shipping-like data; Indicates the first The precision coefficient of each data source;

[0025] S22. Calculate the degree of distrust, mathematically represented as follows:

[0026] ;

[0027] in, Indicates the first Data sources at time The provided first Distrust of shipping data; Indicates the first The reliability coefficient of each data source;

[0028] S23. Calculate the uncertainty, mathematically expressed as follows:

[0029] ;

[0030] in, Indicates the first Data sources at time The provided first Uncertainty in shipping-like data;

[0031] S24. Calculate the base rate, mathematically represented as follows:

[0032] ;

[0033] in, Indicates the first Data sources at time The provided first The basic rate of shipping-like data; Indicates the first The data source provides the first Historical average quality score for shipping-like data; This represents the base rate weighting coefficient;

[0034] S25. Construct trust triples, mathematically represented as follows:

[0035] ;

[0036] in Indicates the first Data sources at time The provided first Trust triples for shipping-like data;

[0037] S26. Calculate the expected probability of each data source for each type of shipping data, mathematically represented as follows:

[0038] ;

[0039] in, Indicates the first Data sources at time The provided first Expected probability of shipping-like data.

[0040] Optionally, step S3 specifically includes the following steps:

[0041] S31. Calculate the variance of the trust level of each data source for the same type of shipping data. If the variance exceeds the preset threshold, it is determined that there is a data conflict in the shipping data.

[0042] S32. For shipping data that does not conflict, combine the base rate. Trust Distrust level With uncertainty We perform weighted averaging fusion to obtain fusion confidence, fusion distrust, and fusion uncertainty, which are mathematically represented as follows:

[0043] ;

[0044] ;

[0045] ;

[0046] in, , , Representing time respectively No. Trust level, distrust level, and uncertainty level of fusion of shipping-like data; This represents the total number of data sources. Indicates the first The trust weight of each data source is calculated mathematically as follows:

[0047] ;

[0048] in, , , Representing the trust balance coefficient and the first The historical average trust value of the data source, the first Historical average base rate of each data source;

[0049] For conflicting shipping data, the base rate should be considered. Trust in it Distrust level Uncertainty To achieve consensus fusion, we obtain the fusion trust level, fusion distrust level, and fusion uncertainty, which are mathematically represented as follows:

[0050] ;

[0051] ;

[0052] ;

[0053] in, Indicates parameters Values ​​from 1 to Multiplication operation within a range;

[0054] S33. Calculate the fusion base rate using the same weighted averaging fusion method as in step S32, mathematically represented as follows:

[0055] ;

[0056] in, For the base rate of fusion;

[0057] S34. Combining fusion trust, fusion distrust, fusion uncertainty, and fusion fundamental rate, construct the fusion trust triplet, mathematically represented as follows:

[0058] ;

[0059] Indicates time No. The fusion of shipping-like data into a trust triple;

[0060] S35. The expected probability of fusion is calculated based on fusion confidence, fusion uncertainty, and fusion base rate, and is mathematically represented as follows:

[0061] ;

[0062] in, Indicates time No. Expected probability of fusion of shipping-like data;

[0063] S36. Combining the expected fusion probability and the fusion uncertainty, the confidence index is calculated mathematically as follows:

[0064] ;

[0065] in, Indicates time No. Credibility index of shipping data.

[0066] Optionally, step S4 may include the following steps:

[0067] S41. Define a risk assessment indicator system, which shall include at least ship risk indicators, environmental risk indicators, operational risk indicators, and data risk indicators.

[0068] S42. Calculate the historical experience risk value by weighting and summing the various indicators in the risk assessment indicator system.

[0069] S43. Construct a risk assessment model based on historical experience risk values, mathematically represented as follows:

[0070] ;

[0071] in, Indicates the first Each node at time... For the Risk assessment values ​​for shipping-like data; Indicates time No. Expected probability of fusion of shipping-like data; Indicates the first The subject to the first Historical experience risk values ​​for shipping-like data; This represents the risk assessment weighting coefficient.

[0072] Optionally, step S5 specifically includes the following steps:

[0073] S51. Calculate the trust probability of each node based on the expected probabilities of various shipping data from different data sources. The mathematical expression is as follows:

[0074] ;

[0075] in, Indicates the first Data sources at time The provided first The expected probability of shipping data, that is, the probability of the first... Each node at time... The provided first Expected probability of shipping-like data; This indicates the total number of shipping data categories. For the first The trust probability of each node;

[0076] S52. Construct a trust weight mechanism, assign a trust weight to each node, sort the nodes according to their trust weight from high to low to form a node sequence, and select the node with the highest trust weight as the master node; the trust weight of each node is calculated as follows:

[0077] ;

[0078] in, Indicates the first Trust weight of each node; , , They represent the first The trust probability, availability, and reputation value of each node; , , These represent the trust probability weighting coefficient, availability weighting coefficient, and reputation value weighting coefficient, respectively.

[0079] S53, If the trust probability of the master node Below the preset threshold If this happens, a view switch is triggered, and the next node in the node sequence is selected as the main node.

[0080] S54. Each node votes for the master node, and the votes from each node are weighted and summed, as shown mathematically below:

[0081] ;

[0082] in, Indicates the first The voting results of each node for the master node; This represents the weighted voting result value; This indicates the total number of nodes, i.e., the total number of data sources;

[0083] S55. If the weighted voting result is less than the preset threshold, a view switch is triggered, the next node in the node sequence is selected as the master node, and the process returns to step S53; if the weighted voting result is greater than or equal to the preset threshold, consensus is determined to be reached.

[0084] Optionally, step S6 specifically includes the following steps:

[0085] S61. Select the master node that reaches consensus based on the improved PBFT consensus algorithm;

[0086] S62. The master node, as the sole executing entity, calculates the weighted average estimate of the risk assessment values ​​for various shipping data, mathematically represented as follows:

[0087] ;

[0088] in, For a moment No. The weighted average estimate of risk assessment values ​​for shipping-like data. For the first Each node at time... For the Risk assessment values ​​for shipping-like data;

[0089] S63. Define the conditions for reaching a group risk consensus. If a group risk consensus is reached, then the following shall be adopted. Use it as the risk assessment value for the master node; otherwise, trigger a view switch, select the next node from the node sequence as the master node, and return to step S53;

[0090] The conditions for reaching the group risk consensus are defined as follows:

[0091] ;

[0092] This indicates that it exists. This is the consistency threshold. This indicates absolute value calculation;

[0093] S64. Calculate the group risk consistency index, mathematically represented as follows:

[0094] ;

[0095] in, Indicates time The group risk consistency index; Indicates time No. The variance of risk assessment values ​​for shipping-like data.

[0096] Optionally, step S7 specifically includes the following steps:

[0097] S71. Define the system state vector, mathematically represented as follows:

[0098] ;

[0099] in, Indicates time The state; Indicates the transpose operation; Indicates time The system risk level is constructed based on the risk assessment value of the master node. Indicates time The intensity of network attacks; Indicates time The system load factor; Indicates time The average data credibility index is calculated as follows: ,in Indicates time No. The credibility index of shipping data Total number of shipping data categories; Indicates time The group risk consistency index, i.e. ,in Indicates time The group risk consistency index; The average uncertainty is expressed as follows: ,in For a moment No. Uncertainty in the fusion of shipping-like data;

[0100] S72. Define the security policy action space, mathematically represented as follows:

[0101] ;

[0102] in, Indicates an action; This indicates an adjustment to the access control policy; This indicates an adjustment to the data encryption strength; This indicates that the intrusion detection threshold has been adjusted. This indicates an adjustment to the emergency response level; This indicates an adjustment to the resource allocation strategy;

[0103] S73. The reward function is designed as follows:

[0104] ;

[0105] in, express Always in the zone Next action The reward value obtained; This represents a security performance indicator, calculated based on the master node risk assessment value. Indicates system performance indicators, Indicators representing cost-benefit ratios Indicates the uncertainty penalty. , , , These are the reward weight coefficients for safety performance indicators, system performance indicators, cost-benefit indicators, and uncertainty penalties, respectively, and they satisfy the following conditions: ;

[0106] S74. Define the long-term reward expectation update rule, mathematically represented as follows:

[0107] ;

[0108] in, For state action value function, Indicates the state Next action Long-term reward expectations; Indicates the learning rate; Indicates the discount factor; Indicates the next moment status All actions To obtain the maximum value of the expected long-term reward; symbol This indicates an update to;

[0109] S75. Define the policy generation rule, based on the long-term reward expectation obtained from reinforcement learning, and output the optimal safety policy, mathematically represented as follows:

[0110] ;

[0111] in, Indicates the state The optimal security strategy under the following circumstances; Indicates the search for all actions. Chinese Ambassador's Long-Term Reward Expectations Actions that reach the maximum value .

[0112] Optionally, the optimal security policy is updated based on the security policy adjustment frequency, which is defined as:

[0113] ;

[0114] ;

[0115] in, This indicates the frequency of security policy adjustments, specifically the number of times a security policy is adjusted per unit of time. , , Let represent the frequency calculation coefficients of the mean values ​​of the group risk consistency index, network attack intensity, and data credibility index, respectively, and satisfy . ; Indicates time The group risk consistency index.

[0116] Optionally, in step S8, the design of dynamic access control rules based on expected probabilities includes: defining an access control function, mathematically represented as follows:

[0117] ;

[0118] in, Indicates the access control function. Indicates time No. Expected probability of shipping-like data; , Let represent the upper bound threshold and the lower bound threshold of trust, respectively, and satisfy . ; Indicates the user's security level. This represents the data security level; an output value of 1 for the access control function indicates that access is allowed, an output value of 2 indicates that access is conditionally allowed, and an output value of 0 indicates that access is denied.

[0119] In step S8, the design of the risk disposal priority ranking rule includes: defining a risk disposal priority function, mathematically represented as follows:

[0120] ;

[0121] in, Indicates the priority of risk management. Indicates the degree of risk impact. Indicates the probability of the risk occurring. The uncertainty of risk assessment is expressed as follows: , , These are the weighting coefficients for the degree of risk impact and the probability of risk occurrence, respectively, and they satisfy the following conditions: , ;

[0122] In step S8, the generation of the dynamic response strategy includes: defining a response level function, mathematically represented as follows:

[0123] ;

[0124] in, Indicates the response level; , , , These represent the high-level response priority threshold, the medium-level response priority threshold, the high-level response consensus threshold, and the medium-level response consensus threshold, respectively. Indicates time The group risk consistency index; the response level value output by the response level function is... Time indicates advanced response, value is Time indicates intermediate response, value is This indicates a low-level response.

[0125] By employing the above technical solution, this invention provides a method for trustworthy space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture, which has at least the following beneficial effects:

[0126] (1) This invention constructs a scientific data credibility assessment system based on subjective logic theory, integrates multiple data such as ship AIS, video surveillance, and sensors, and realizes multi-dimensional and quantitative data credibility assessment through trust triple calculation, which significantly improves the accuracy and reliability of data credibility judgment;

[0127] (2) This invention relies on the improved PBFT consensus algorithm to build an efficient group risk consensus mechanism. Combined with the trust weight mechanism and dynamic view switching, it realizes the consistency of risk perception among the participating subjects and effectively reduces the security risks caused by differences in risk perception.

[0128] (3) This invention achieves dynamic adaptive security policy optimization based on reinforcement learning algorithm, designs system state vector and security policy action space, and realizes intelligent adjustment of security policy through deep Q network training, which significantly improves the flexibility and effectiveness of security protection;

[0129] (4) The present invention forms a complete data governance and security protection system, and adopts a layered distributed architecture to realize the organic integration of the perception layer, network layer, data layer, service layer and application layer, providing comprehensive security protection. Attached Figure Description

[0130] The accompanying drawings, which are included to provide a further understanding of this application and form part of this application, illustrate exemplary embodiments and are used to explain this application, but do not constitute an undue limitation of this application. In the drawings:

[0131] Figure 1 This is a flowchart illustrating the trusted space governance method for inland waterway shipping data in the Yangtze and Huai River basins based on a zero-trust architecture, as described in this invention.

[0132] Figure 2 This is a diagram illustrating the data flow of shore-based navigation and control for inland waterway vessels under a zero-trust architecture in this embodiment of the invention. Detailed Implementation

[0133] To make the above-mentioned objects, features, and advantages of the present invention more apparent and understandable, the present invention will be further described in detail below with reference to the accompanying drawings and specific embodiments. This will allow for a full understanding of how the present application uses technical means to solve technical problems and achieve technical effects, and to facilitate its implementation.

[0134] Those skilled in the art will understand that all or part of the steps in the implementation of the methods of the embodiments can be implemented by a program instructing related hardware. Therefore, this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Moreover, this application can take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0135] Please refer to Figures 1-2 This illustration demonstrates a specific implementation of this embodiment. This embodiment models shipping data features and calculates data quality scores, constructs trust triples, calculates the expected probability and credibility index of various types of shipping data, builds a risk assessment model to output risk assessment values, constructs a group risk consensus mechanism based on the improved PBFT consensus algorithm, outputs a group risk consistency index, generates an optimal security strategy based on a reinforcement learning algorithm, and designs dynamic access control rules, risk handling priority ranking rules, and dynamic response strategies. This solves problems such as difficulty in data credibility assessment, inconsistent group risk perception, and insufficient dynamic security protection capabilities in inland waterway shipping systems, achieving comprehensive security assurance for the shipping system.

[0136] Please refer to Figure 1 This embodiment proposes a trust space governance method for inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture. The method includes the following steps:

[0137] S1. Collect shipping data, perform data feature modeling on the shipping data, and calculate the data quality score of various types of shipping data provided by each data source.

[0138] As a preferred embodiment of step S1, the data feature modeling of shipping data includes: defining a data feature vector, mathematically represented as follows:

[0139] ;

[0140] in, Indicates the first Data sources at time The provided first The data feature vector of shipping data, including ship AIS data, video surveillance data, sensor data, etc., forms a raw data stream, which is used for subsequent feature extraction and construction of trust triples to realize data credibility assessment based on subjective logic. Indicates the transpose operation; Represents data feature vectors The Middle The values ​​of shipping data features include at least data integrity, accuracy, timeliness, and consistency. For data feature vectors Total number of data features in China's shipping industry.

[0141] As a preferred embodiment of step S1, the calculation of data quality scores for various types of shipping data provided by each data source includes: calculating data quality scores based on data feature vectors, mathematically represented as follows:

[0142] ;

[0143] in, Indicates the first Data sources at time The provided first Data quality score for shipping-like data; Indicates the first The weights of shipping data features for each shipping data feature satisfy... ; For the first The feature scoring function for each shipping data feature maps the feature values ​​to... Interval.

[0144] In this invention, the "data source" refers to the data source that provides shipping data, such as ship terminals, shore-based platforms, data centers, etc. In subsequent steps, it also serves as a node for various entities or risk assessment models participating in shipping data risk assessment, and is also a node participating in consensus voting.

[0145] S2. Construct trust triplets for various types of shipping data from each data source based on data quality scores, and then calculate the expected probability of each data source for various types of shipping data; the trust triplets include trust level, distrust level, and uncertainty level.

[0146] As a preferred embodiment of step S2, the specific process includes:

[0147] S21. Calculate Trust, mathematically represented as follows:

[0148] ;

[0149] in, Indicates the first Data sources at time The provided first Trustworthiness of shipping-related data; Indicates the first Data sources at time The provided first Data quality score for shipping-like data; Indicates the first The precision coefficient of each data source; the higher the precision, the better. The smaller.

[0150] S22. Calculate the distrust level, mathematically represented as follows:

[0151] ;

[0152] in, Indicates the first Data sources at time The provided first Distrust of shipping data; Indicates the first The reliability coefficient of a data source; the higher the reliability, the better. The smaller.

[0153] S23. Calculate the uncertainty, mathematically represented as follows:

[0154] ;

[0155] in, Indicates the first Data sources at time The provided first Uncertainty in shipping-like data.

[0156] S24. Calculate the base rate, mathematically represented as follows:

[0157] ;

[0158] in, Indicates the first Data sources at time The provided first The basic rate of shipping-like data; Indicates the first The data source provides the first Historical average quality score for shipping-like data; This represents the base rate weighting coefficient.

[0159] S25. Construct trust triples, mathematically represented as follows:

[0160] ;

[0161] in Indicates the first Data sources at time The provided first Trust triples for shipping data.

[0162] S26. Calculate the expected probability of each data source for each type of shipping data, mathematically represented as follows:

[0163] ;

[0164] in, Indicates the first Data sources at time The provided first Expected probability of shipping-like data.

[0165] The "trust triplet" of this invention follows the classic terminology naming rules of Subjective Logic theory. Within the framework of Subjective Logic theory, the "trust triplet" consists of three core elements: "degree of trust," "degree of distrust," and "uncertainty." The fundamental rate... It is a necessary prior probability parameter for this invention, used to allocate uncertainty when calculating the expected probability in the subsequent process.

[0166] S3. Determine whether there are data conflicts in the shipping data. For shipping data without data conflicts, apply weighted average fusion to the trust triples. For shipping data with data conflicts, apply consensus fusion to the trust triples. Construct a fused trust triple, calculate the expected fusion probability of various types of shipping data, and then calculate the credibility index of various types of shipping data.

[0167] As a preferred embodiment of step S3, the specific process includes:

[0168] S31. Calculate the variance of the trust level of each data source for the same type of shipping data. If the variance exceeds the preset threshold, it is determined that there is a data conflict in the shipping data.

[0169] S32. For shipping data that does not conflict, combine the base rate. (Prior probability parameters, used to allocate uncertainty when calculating expected probabilities in subsequent steps) Regarding confidence level Distrust level With uncertainty We obtain the fusion confidence, fusion distrust, and fusion uncertainty by performing weighted averaging fusion, which are mathematically represented as follows:

[0170] ;

[0171] ;

[0172] ;

[0173] in, , , Representing time respectively No. Trust level, distrust level, and uncertainty level of fusion of shipping-like data; This represents the total number of data sources. Indicates the first The trust weight of each data source is calculated based on its historical performance, and the mathematical representation of this calculation method is as follows:

[0174] ;

[0175] in, , , Representing the trust balance coefficient and the first The historical average trust value of the data source, the first Historical average base rate of each data source;

[0176] For conflicting shipping data, the base rate should be considered. Trust in it Distrust level Uncertainty The consensus fusion process obtains the fusion trust level, fusion distrust level, and fusion uncertainty, which are mathematically represented as follows:

[0177] ;

[0178] ;

[0179] ;

[0180] in, Indicates parameters Values ​​from 1 to The cumulative multiplication operation of the range is a consensus fusion operator in subjective logic. It aggregates trust evidence from different data sources through a product form, and then derives the trust level, distrust level and uncertainty after fusion.

[0181] S33. Calculate the fusion base rate using the same weighted averaging fusion method as in step S32, mathematically represented as follows:

[0182] ;

[0183] in, This is the base rate for fusion.

[0184] S34. Combining fusion trust, fusion distrust, fusion uncertainty, and fusion fundamental rate, construct the fusion trust triplet, mathematically represented as follows:

[0185] ;

[0186] Indicates time No. A trust triplet for the fusion of shipping data.

[0187] S35. The expected probability of fusion is calculated based on fusion confidence, fusion uncertainty, and fusion base rate, and is mathematically represented as follows:

[0188] ;

[0189] in, Indicates time No. Expected probability of fusion of shipping-like data;

[0190] S36. Combining the expected fusion probability and the fusion uncertainty, the confidence index is calculated mathematically as follows:

[0191] ;

[0192] in, Indicates time No. Credibility index of shipping data.

[0193] In step S3 of this invention, "conflict exists" refers to a significant inconsistency in the evaluation of the same type of shipping data by multiple data sources. For example, the credibility of a certain data source may suddenly drop sharply, causing its trust triplet to deviate excessively from the trust triplets of other data sources. This situation is usually caused by factors such as equipment failure, signal interference, network attacks, or malicious data injection. When a data conflict is determined through consistency detection (such as when the variance of the credibility of each data source for the same type of shipping data exceeds a preset threshold in this invention), a consensus fusion operation is triggered.

[0194] S4. Using data sources as nodes, construct a risk assessment model and output the risk assessment values ​​of each data source for various types of shipping data based on the fusion expected probability.

[0195] As a preferred embodiment of step S4, the specific process includes:

[0196] S41. Define a risk assessment indicator system, which includes ship risk indicators, environmental risk indicators, operational risk indicators, data risk indicators, etc.

[0197] S42. Calculate the historical experience risk value by weighted summation of all indicators in the risk assessment indicator system, as shown mathematically below:

[0198] ;

[0199] in, Indicates the first The node is the first Historical experience risk values ​​for shipping-like data; , , , They represent the first The first node was obtained from the statistics of the node. Ship risk indicators in shipping data Environmental risk indicators Operational risk indicators Data risk indicators The weighting coefficients satisfy These indicators can be determined based on expert experience or historical data fitting, and are used to reflect the relative importance of each indicator in historical experience risk values; ship risk indicators Environmental risk indicators Operational risk indicators Data risk indicators The range of values ​​is .

[0200] S43. Construct a risk assessment model based on historical experience risk values, mathematically represented as follows:

[0201] ;

[0202] in, Indicates the first Each node at time... For the Risk assessment values ​​for shipping-like data; Indicates time No. Expected probability of fusion of shipping-like data; Indicates the first The subject to the first Historical experience risk values ​​for shipping-like data; This represents the risk assessment weighting coefficient.

[0203] Steps S1-S4 realize multi-source data collection and credibility assessment, generate a credibility index of shipping data input group risk consensus mechanism, construct a scientific data credibility assessment system by means of subjective logic theory, integrate multi-source data such as ship AIS, video surveillance, and sensors, and realize multi-dimensional and quantitative data credibility assessment through trust triple calculation, which significantly improves the accuracy and reliability of data credibility judgment.

[0204] S5. Design an improved PBFT consensus algorithm.

[0205] As a preferred embodiment of step S5, the specific process includes:

[0206] S51. Calculate the trust probability of each node based on the expected probabilities of various shipping data from different data sources. The mathematical expression is as follows:

[0207] ;

[0208] in, Indicates the first Data sources at time The provided first The expected probability of shipping data, that is, the probability of the first... Each node at time... The provided first Expected probability of shipping-like data; This indicates the total number of shipping data categories. For the first The trust probability of each node.

[0209] S52. Construct a trust weight mechanism, assign a trust weight to each node, sort the nodes according to their trust weight from high to low to form a node sequence, and select the node with the highest trust weight as the master node; the trust weight of each node is calculated as follows:

[0210] ;

[0211] in, Indicates the first Trust weight of each node; , , They represent the first The trust probability, availability, and reputation value of each node; , , These represent the trust probability weighting coefficient, availability weighting coefficient, and reputation value weighting coefficient, respectively.

[0212] Trust probability Indicates the first The probability that each node provides reliable data is the expected probability calculated in step S3. The composite value across different shipping data categories is calculated as follows: This parameter is dynamically generated from the calculation results of steps S1-S3, reflecting the reliability of the node's data.

[0213] Availability Indicates the first The probability that a node can provide normal service within a unit of time, with a value range of . This parameter can be measured in real time by the system monitoring module, and the specific calculation method is as follows: ,in For node uptime, This is the total observation time; this parameter is independent of the data reliability assessment process and is obtained directly from the system's operating status.

[0214] Reputation value Indicates the first The cumulative reputation score of each node in the historical consensus process, with a value range of [value range missing]. This parameter is dynamically updated based on the node's performance in historical group risk consensus. The specific update rule is as follows: when a node performs normally in the group risk consensus process (such as voting behavior meeting expectations), its reputation value increases; when a node exhibits abnormal behavior (such as voting results deviating too much from the consensus results), its reputation value decreases. This parameter is obtained from the historical records of the group risk consensus process.

[0215] S53. Design dynamic view switching rules: when the trust probability of the master node... Below the preset threshold When the view is switched, ( The next node in the node sequence is selected as the main node; otherwise, the view switch is not triggered. This rule is mathematically represented as follows:

[0216] .

[0217] S54. Each node votes for the master node, and the votes from each node are weighted and summed, as shown mathematically below:

[0218] ;

[0219] in, Indicates the first The voting results of each node for the master node; This represents the weighted voting result value.

[0220] S55. If the weighted voting result is less than the preset threshold, a view switch is triggered, the next node in the node sequence is selected as the master node, and the process returns to step S53; if the weighted voting result is greater than or equal to the preset threshold, consensus is determined to be reached.

[0221] The master node is responsible for initiating consensus proposals, summarizing and broadcasting voting results. It is dynamically elected by the current view based on the trust weights of each node and assumes the role of "leader." When the master node is triggered by a decrease in trust or a failure, resulting in a view switch, the system will re-elect a new master node. Consensus nodes are all nodes participating in the group risk consensus process, including master and slave nodes. Each consensus node possesses independent risk assessment capabilities and voting rights, and its voting weight is determined by its trust weight. The consensus nodes jointly completed the entire process from receiving the proposal, voting to confirm, and finally reaching a consensus. (See attached...) Figure 1 In the process shown, the master node is a subset of the consensus nodes, and together they constitute a complete consensus participating entity.

[0222] In the improved PBFT consensus algorithm, the master node is the leading node responsible for initiating consensus proposals, summarizing and broadcasting voting results. In the context of the Jianghuai inland waterway shipping scenario, the master node can be a ship's onboard terminal, a shore-based monitoring center, or a designated data service platform node. Within a consensus cycle, it acts as the "leader," collecting votes from other nodes (slave nodes) on the current risk assessment value and forming a final group risk consensus based on the weighted voting results. When the master node is triggered to switch views due to a decrease in trust or a failure, the system will re-elect a new master node based on trust weights to ensure the continuity and reliability of the consensus process.

[0223] The improved PBFT consensus algorithm of this invention does not simply apply traditional consensus, but uses the results of steps S1-S4 as the basis for the "voice" of nodes participating in the consensus. Specifically, a trust weight mechanism allows nodes with higher data quality and more reliable behavior to have greater influence in the consensus process; a dynamic view switching rule enables timely replacement of the leader when the master node's data credibility decreases or its behavior becomes abnormal, ensuring that the consensus process is always dominated by trusted nodes and preventing malicious nodes from manipulating it; and a weighted voting mechanism transforms the consensus from a simple "majority decision based on the number of nodes" to a "majority decision based on trust weight," making the final group risk consensus result more scientific and robust.

[0224] S6. Construct a group risk consensus mechanism based on the improved PBFT consensus algorithm, define the conditions for achieving group risk consensus, output the risk assessment value of the master node that achieves group risk consensus, and calculate the group risk consistency index.

[0225] An improved PBFT group risk consensus is achieved based on the designed improved PBFT consensus algorithm. As a preferred implementation of step S6, the specific process includes:

[0226] S61. Select the master node that reaches consensus based on the improved PBFT consensus algorithm.

[0227] S62. Only the master node legally elected through the improved PBFT consensus algorithm serves as the sole executor. Candidate consensus values ​​(i.e., weighted average estimates) for various shipping data risk assessment values ​​used to initiate consensus proposals are calculated and constructed, mathematically represented as follows:

[0228] ;

[0229] in, The timeframe for dedicated computation by the legitimate master node in the current view, and broadcast as the sole consensus proposal to the entire network. No. Candidate consensus values ​​(i.e. weighted average estimates) for risk assessment of shipping-like data. For the first Each node at time... For the Risk assessment values ​​for shipping-like data.

[0230] The execution authority for the weighted average calculation operation in this step belongs only to the current legitimate master node. Slave nodes that are not master nodes have no authority to initiate this calculation or to initiate consensus based on the calculation result.

[0231] S63. Define the conditions for reaching a group risk consensus. If a group risk consensus is reached, then the following shall be adopted. Use it as the risk assessment value for the master node; otherwise, trigger a view switch, select the next node from the node sequence as the master node, and return to step S53;

[0232] The conditions for reaching the group risk consensus are defined as follows:

[0233] ;

[0234] This indicates that it exists. This is the consistency threshold. This indicates absolute value calculation.

[0235] This condition ensures that the current risk assessment results will only be adopted for subsequent decisions when all stakeholders have a sufficiently consistent understanding of the risks, thus avoiding misjudgments caused by individual abnormal stakeholders or data conflicts. This mechanism is the core guarantee for achieving "consistency in group risk perception" in this invention, and also the key bridge connecting step S6 (risk consensus) and step S7 (strategy optimization).

[0236] S64. Calculate the group risk consistency index, mathematically represented as follows:

[0237] ;

[0238] in, Indicates time The group risk consistency index; Indicates time No. The variance of risk assessment values ​​for shipping-like data.

[0239] Steps S5-S6 construct a group risk consensus mechanism based on the improved PBFT consensus algorithm, such as... Figure 1 As shown, different node colors represent different trust weights, and different arrow thicknesses represent different weighted voting. The group risk consensus result (group risk consistency index) is used for subsequent dynamic security strategy optimization. This invention relies on the improved PBFT consensus algorithm to construct an efficient group risk consensus mechanism. Combined with a trust weight mechanism and dynamic view switching, it achieves consistency in risk perception among participating entities, effectively reducing security risks caused by differences in risk perception.

[0240] S7. Optimize security policies dynamically based on reinforcement learning (RL) algorithms to generate the optimal security policy.

[0241] A reinforcement learning model is constructed considering system load and network attacks. As a preferred implementation of step S7, the specific process includes:

[0242] S71. Define the system state vector, mathematically represented as follows:

[0243] ;

[0244] in, Indicates time State; Indicates the transpose operation; Indicates time The system risk level is constructed based on the master node risk assessment value, and the value ranges from 1 to 5. Indicates time The network attack strength, with a value range of . ; Indicates time The system load factor, with a value range of [value missing]. ; Indicates time The average data credibility index is calculated as follows: ,in Indicates time No. The credibility index of shipping data Total number of shipping data categories; Indicates time The group risk consistency index, i.e. ,in Indicates time The group risk consistency index; The average uncertainty is expressed as follows: ,in For a moment No. Uncertainty in the fusion of shipping-like data;

[0245] S72. Define the security policy action space, mathematically represented as follows:

[0246] ;

[0247] in, Indicates an action; This indicates an adjustment to the access control policy; the possible values ​​are {relaxed, normal, strict}. This indicates an adjustment to the data encryption strength; selectable values ​​are {low, medium, high}. This indicates an adjustment to the intrusion detection threshold; selectable values ​​are {sensitive, normal, insensitive}. This represents an adjustment to the emergency response level; the selectable values ​​are {low, medium, high}. This indicates an adjustment to the resource allocation strategy. Optional values ​​are {efficiency priority, security priority, and balance}.

[0248] S73. The reward function is designed as follows:

[0249] ;

[0250] in, express Always in the zone Next action The reward value obtained; The safety performance index is represented by the following calculation method: Calculated based on the number and severity of security incidents; This represents a system performance metric, calculated based on response time and throughput. This represents a cost-benefit indicator, calculated based on security protection costs. This represents the uncertainty penalty, calculated based on the uncertainty of the system state. , , , These are the reward weight coefficients for safety performance indicators, system performance indicators, cost-benefit indicators, and uncertainty penalties, respectively, and they satisfy the following conditions: .

[0251] S74. Define long-term reward expectation ( The value is updated according to the rule, and a reinforcement learning (RL) loop is performed. The mathematical representation is as follows:

[0252] ;

[0253] in, For state action value function, Indicates the state Next action Long-term reward expectations; This represents the learning rate, with a value range of [value missing]. ; This represents the discount factor, with a value range of 100%. ; Indicates the next moment status All actions To obtain the maximum value of the expected long-term reward; symbol This indicates an update.

[0254] S75. Define the policy generation rule, based on the long-term reward expectation obtained from reinforcement learning, and output the optimal safety policy, mathematically represented as follows:

[0255] ;

[0256] in, Indicates the state The optimal security strategy under the following circumstances; Indicates the search for all actions. Chinese Ambassador's Long-Term Reward Expectations Actions that reach the maximum value .

[0257] The optimal security policy is updated based on the security policy adjustment frequency, which is defined as follows:

[0258] ;

[0259] in, This indicates the frequency of security policy adjustments, specifically the number of times a security policy is adjusted per unit of time. The frequency coefficient representing the group risk consistency index is applied to... The item represents the degree of inconsistency in the group's risk perception (i.e., The smaller, The larger the risk perception, the more frequently the shipping system needs to adjust its safety strategies to cope with potential uncertainties when there are significant differences in risk perception among various data sources (nodes). This determines the weight of the contribution of inconsistent risk perception to the frequency of security strategy adjustments; Frequency calculation coefficients representing the strength of network attacks, applied to In this regard, the higher the intensity of the detected cyberattack, the faster the shipping system needs to adjust its security strategies for defense. This determines the weight of real-time attack threats in influencing the frequency of security policy adjustments; The frequency coefficient representing the mean of the data reliability index is applied to... item, This indicates the overall unreliability of data within the shipping system. The lower the data reliability, the more frequently the shipping system needs to adjust its safety strategies to mitigate the risks posed by unreliable data. This determines the weight of the contribution of the lack of data credibility to the frequency of security policy adjustments. , , satisfy .

[0260] Step S7 implements dynamic security policy optimization based on reinforcement learning. This invention achieves dynamic adaptive security policy optimization based on reinforcement learning algorithms, designs the system state vector and security policy action space, and realizes intelligent adjustment of security policies through deep Q-network training, significantly improving the flexibility and effectiveness of security protection.

[0261] S8. Design dynamic access control rules based on fused expected probabilities, design risk handling priority ranking rules, generate dynamic response strategies, and then execute the generated optimal security strategy to achieve trusted space governance of shipping data. This step performs dynamic access control, adaptive encryption, risk handling and response based on the optimized security strategy to achieve final policy execution and system protection.

[0262] As a preferred embodiment of step S8, the design is based on a dynamic access control rule with expected probability, specifically including: defining an access control function, mathematically represented as follows:

[0263] ;

[0264] in, Indicates the access control function. Indicates time No. Expected probability of shipping-like data; , Let represent the upper bound threshold and the lower bound threshold of trust, respectively, and satisfy . ; Indicates the user's security level. This represents the data security level; an output value of 1 for the access control function indicates that access is allowed, an output value of 2 indicates that access is conditionally allowed, and an output value of 0 indicates that access is denied.

[0265] As a preferred embodiment of step S8, the design risk disposal priority ranking rule specifically includes:

[0266] Define a risk management priority function, mathematically represented as follows:

[0267] ;

[0268] in, Indicates the priority of risk management. This parameter, representing the degree of risk impact, is a predefined but dynamically updated parameter. Its value is quantified based on the severity of the potential consequences of various risk events in the shipping system, and its range is [not specified]. ; Indicates the probability of risk occurring, with a range of values. ; The uncertainty of risk assessment is expressed as follows: value range ; , These are the weighting coefficients for the degree of risk impact and the probability of risk occurrence, respectively, and they satisfy the following conditions: , .

[0269] As a preferred embodiment of step S8, the dynamic response generation strategy specifically includes:

[0270] The response rating function is defined mathematically as follows:

[0271] ;

[0272] in, Indicates the response level; It is an advanced response priority threshold used to determine the priority of risk handling. Whether the level of need to activate advanced response is reached, when When this occurs, it indicates an extremely high risk, requiring the highest level of response measures. This represents the intermediate response priority threshold, used to define the lower limit of the priority of an intermediate response. When this occurs, it indicates that the risk is at a moderate level and a medium-level response needs to be initiated. This represents the high-level response consensus threshold, used to determine the group's risk consistency index. Is it high enough to support enabling advanced response, when When this occurs, it indicates that all data sources (nodes) have a high degree of consensus on the current risk, and initiating an advanced response at this time has a sufficient basis for consensus. The intermediate response consensus threshold is used to define the lower limit of consensus for an intermediate response. When the response level is set to 0, it indicates that there are some differences in the risk perception among different data sources (nodes), but these differences are still acceptable. In this case, a medium-level response is initiated. The response level function outputs a response level value of 0. Time indicates advanced response, value is Time indicates intermediate response, value is A time indicates a low-level response. Dynamic response strategies are uniformly formulated and issued by the Shipping Data Trusted Space Governance System, and the specific implementing entities include, but are not limited to: access control gateways; encryption modules; intrusion detection systems; and emergency response platforms.

[0273] This step transforms the macro-level "optimal security policy" generated in step S7 into specific, actionable micro-level control instructions, serving as a crucial link in achieving a closed-loop policy. Specifically, dynamic access control rules are responsible for finely determining "who can access what data under what conditions" based on the expected probability of current data and user security levels, translating the policy into real-time access decisions. Risk handling priority ranking rules are used to scientifically calculate the urgency of various risks when resources are limited or multiple threats are faced, ensuring that the system prioritizes handling the most impactful and urgent risk events. Dynamic response policies automatically match and trigger corresponding response levels (such as high, medium, and low responses) based on priority calculation results. These three elements together constitute the policy's "execution engine." They receive the optimal policy generated in S7 as a guideline, combine it with the system's real-time status, and automatically and accurately execute access control, resource scheduling, and emergency response, thereby truly achieving an automated flow from "policy decision-making" to "policy execution."

[0274] This embodiment also provides a data flow diagram for shore-based navigation and control of inland waterway vessels under a zero-trust architecture, which can be referred to. Figure 2 . Figure 2This invention demonstrates the panoramic view of data flow for shore-based navigation and control of inland waterway vessels under a zero-trust architecture: Monitoring data such as telemetry and video status collected by the vessel's AI / autonomous core (based on sensor-collected water depth, speed, and GPS data) undergoes data cleaning and trust assessment by a human-supervised and verified module (this process involves human supervision and trust core updates). The data is then uploaded to the cloud platform / data center via an encrypted secure data link (satellite / 5G). The processed monitoring data is further transmitted to the shore-based control center, where its internal network security and trust assessment, advanced analysis interface, and machine learning modules complete group risk consensus calculations and dynamic security strategy optimization. Finally, the generated instructions and task updates are transmitted back to the vessel's AI / autonomous core via a secure data link. Simultaneously, human operators can monitor and intervene in real-time through a console, forming a complete governance closed loop of "trusted collection → secure transmission → real-time assessment → dynamic protection," fully resisting the risk of network attacks and interception.

[0275] The method of this invention can be used to construct a system for trusted space governance of inland waterway shipping data in the Jianghuai region based on a zero-trust architecture. The system adopts a layered distributed architecture, including a perception layer, network layer, data layer, service layer, and application layer. The data flow is designed as follows: perception layer devices collect shipping data, which is transmitted to the data center through the network layer for data feature modeling. Then, data trustworthiness assessment is performed based on subjective logic. Next, a group risk consensus is reached through an improved PBFT algorithm. Finally, dynamic security policies are formulated based on reinforcement learning, and the security policies are executed and their effects are monitored. Step S8 performs policy execution and system protection. Thus, the final effect of this method includes access control, data encryption, and intrusion detection. This invention forms a complete data governance and security protection system, using a layered distributed architecture to organically integrate the perception layer, network layer, data layer, service layer, and application layer, providing comprehensive security protection.

[0276] This invention solves the problems of difficulty in assessing data credibility, inconsistent risk perception among groups, and insufficient dynamic safety protection capabilities in inland waterway shipping systems, and achieves comprehensive safety assurance for shipping systems.

[0277] In the description of this specification, the references to terms such as "one embodiment," "some embodiments," "example," "specific example," or "some examples," etc., indicate that a specific feature, structure, material, or characteristic described in connection with that embodiment or example is included in at least one embodiment or example of this application. Furthermore, the specific features, structures, materials, or characteristics described may be combined in any suitable manner in one or more embodiments or examples. Moreover, without contradiction, those skilled in the art can combine and integrate the different embodiments or examples described in this specification, as well as the features of those different embodiments or examples.

[0278] The logic and / or steps represented in the flowchart or otherwise described herein, for example, can be considered as a sequenced list of executable instructions for implementing logical functions, and can be embodied in any computer-readable medium for use by, or in conjunction with, an instruction execution system, apparatus or device (such as a computer-based system, a processor-included system or other system that can fetch and execute instructions from, an instruction execution system, apparatus or device).

[0279] The above embodiments provide a detailed description of the present invention. Specific examples have been used to illustrate the principles and implementation methods of the present invention. The descriptions of the above embodiments are only for the purpose of helping to understand the method and core ideas of the present invention. At the same time, for those skilled in the art, there will be changes in the specific implementation methods and application scope based on the ideas of the present invention. Therefore, the content of this specification should not be construed as a limitation of the present invention.

Claims

1. A method for managing Jianghuai inland river shipping data trusted space based on a zero-trust architecture, characterized in that, include: S1. Collect shipping data, perform data feature modeling on the shipping data, and calculate the data quality score of various types of shipping data provided by each data source. S2. Construct trust triplets for various types of shipping data from each data source based on data quality scores, and then calculate the expected probability of each data source for various types of shipping data; the trust triplets include trust level, distrust level, and uncertainty level. S3. Determine whether there are data conflicts in the shipping data. For shipping data without data conflicts, apply weighted average fusion to the trust triplet. For shipping data with data conflicts, apply consensus fusion to the trust triplet. Construct a fused trust triplet, calculate the expected fusion probability of various types of shipping data, and then calculate the credibility index of various types of shipping data. S4. Using data sources as nodes, construct a risk assessment model and output the risk assessment values ​​of each data source for various types of shipping data based on the fused expected probability. S5. Design an improved PBFT consensus algorithm. The improved PBFT consensus algorithm selects the master node based on the expected probability of each data source for various types of shipping data, and determines whether they have reached a consensus. S6. Construct a group risk consensus mechanism based on the improved PBFT consensus algorithm, define the conditions for achieving group risk consensus, output the risk assessment value of the master node that achieves group risk consensus, and calculate the group risk consistency index. S7. Based on reinforcement learning algorithm, perform dynamic security policy optimization, and combine master node risk assessment value and group risk consistency index to generate optimal security policy; S8. Design dynamic access control rules based on fusion expected probability, design risk handling priority ranking rules, generate dynamic response strategies, and then execute the generated optimal security strategy to achieve trusted spatial governance of shipping data.

2. The method for trust space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture as described in claim 1, characterized in that: In step S1, the data feature modeling of shipping data includes: defining a data feature vector, mathematically represented as follows: ; in, Indicates the first Data sources at time The provided first The data feature vector of shipping data, which includes at least ship AIS data, video surveillance data, and sensor data; Indicates the transpose operation; Represents data feature vectors The Middle The values ​​of shipping data features include at least data integrity, accuracy, timeliness, and consistency. For data feature vectors Total number of data features in China's shipping industry; In step S1, calculating the data quality score of various types of shipping data provided by each data source includes: calculating the data quality score based on the data feature vector, mathematically represented as follows: ; in, Indicates the first Data sources at time The provided first Data quality score for shipping-like data; Indicates the first The weights of shipping data features for each shipping data feature satisfy... ; For the first The feature scoring function for each shipping data feature maps the feature values ​​to... Interval.

3. The method for trust space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture as described in claim 1, characterized in that: Step S2 specifically includes: S21. Calculate the trust level, mathematically represented as follows: ; in, Indicates the first Data sources at time The provided first Trustworthiness of shipping-related data; Indicates the first Data sources at time The provided first Data quality score for shipping-like data; Indicates the first The precision coefficient of each data source; S22. Calculate the degree of distrust, mathematically represented as follows: ; in, Indicates the first Data sources at time The provided first Distrust of shipping data; Indicates the first The reliability coefficient of each data source; S23. Calculate the uncertainty, mathematically expressed as follows: ; in, Indicates the first Data sources at time The provided first Uncertainty in shipping-like data; S24. Calculate the base rate, mathematically represented as follows: ; in, Indicates the first Data sources at time The provided first The basic rate of shipping-like data; Indicates the first The data source provides the first Historical average quality score for shipping-like data; This represents the base rate weighting coefficient; S25. Construct trust triples, mathematically represented as follows: ; in Indicates the first Data sources at time The provided first Trust triples for shipping-like data; S26. Calculate the expected probability of each data source for each type of shipping data, mathematically represented as follows: ; in, Indicates the first Data sources at time The provided first Expected probability of shipping-like data.

4. The method for trust space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture as described in claim 3, characterized in that: Step S3 specifically includes: S31. Calculate the variance of the trust level of each data source for the same type of shipping data. If the variance exceeds the preset threshold, it is determined that there is a data conflict in the shipping data. S32. For shipping data that does not conflict, combine the base rate. Trust Distrust level With uncertainty We perform weighted averaging fusion to obtain fusion confidence, fusion distrust, and fusion uncertainty, which are mathematically represented as follows: ; ; ; in, , , Representing time respectively No. Trust level, distrust level, and uncertainty level of shipping-like data fusion; This represents the total number of data sources. Indicates the first The trust weight of each data source is calculated mathematically as follows: ; in, , , Representing the trust balance coefficient and the first... The historical average trust value of the data source, the first Historical average base rate of each data source; For conflicting shipping data, the base rate should be considered. Trust in it Distrust level Uncertainty To achieve consensus fusion, we obtain the fusion trust level, fusion distrust level, and fusion uncertainty, which are mathematically represented as follows: ; ; ; in, Indicates parameters Values ​​from 1 to Multiplication operation within a range; S33. Calculate the fusion base rate using the same weighted averaging fusion method as in step S32, mathematically represented as follows: ; in, For the base rate of fusion; S34. Combining fusion trust, fusion distrust, fusion uncertainty, and fusion fundamental rate, construct the fusion trust triplet, mathematically represented as follows: ; Indicates time No. The fusion of shipping-like data into a trust triple; S35. The expected probability of fusion is calculated based on fusion confidence, fusion uncertainty, and fusion base rate, and is mathematically represented as follows: ; in, Indicates time No. Expected probability of fusion of shipping-like data; S36. Combining the expected fusion probability and the fusion uncertainty, the confidence index is calculated mathematically as follows: ; in, Indicates time No. Credibility index of shipping data.

5. The method for trust space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture as described in claim 1, characterized in that: Step S4 specifically includes the following steps: S41. Define a risk assessment indicator system, which shall include at least ship risk indicators, environmental risk indicators, operational risk indicators, and data risk indicators. S42. Calculate the historical experience risk value by weighting and summing the various indicators in the risk assessment indicator system. S43. Construct a risk assessment model based on historical experience risk values, mathematically represented as follows: ; in, Indicates the first Each node at time... For the Risk assessment values ​​for shipping-like data; Indicates time No. Expected probability of fusion of shipping-like data; Indicates the first The subject to the first Historical experience risk values ​​for shipping-like data; This represents the risk assessment weighting coefficient.

6. The method for trust space governance of inland waterway shipping data in the Yangtze and Huai River basins based on a zero-trust architecture as described in claim 1, characterized in that: Step S5 specifically includes the following steps: S51. Calculate the trust probability of each node based on the expected probabilities of various shipping data from different data sources. The mathematical expression is as follows: ; in, Indicates the first Data sources at time The provided first The expected probability of shipping data, that is, the probability of the first... Each node at time... The provided first Expected probability of shipping-like data; This indicates the total number of shipping data categories. For the first The trust probability of each node; S52. Construct a trust weight mechanism, assign a trust weight to each node, sort the nodes according to their trust weight from high to low to form a node sequence, and select the node with the highest trust weight as the master node; the trust weight of each node is calculated as follows: ; in, Indicates the first Trust weight of each node; , , They represent the first The trust probability, availability, and reputation value of each node; , , These represent the trust probability weighting coefficient, availability weighting coefficient, and reputation value weighting coefficient, respectively. S53, If the trust probability of the master node Below the preset threshold If this happens, a view switch is triggered, and the next node in the node sequence is selected as the main node. S54. Each node votes for the master node, and the votes from each node are weighted and summed, as shown mathematically below: ; in, Indicates the first The voting results of each node for the master node; This represents the weighted voting result value; This indicates the total number of nodes, i.e., the total number of data sources; S55. If the weighted voting result is less than the preset threshold, a view switch is triggered, the next node in the node sequence is selected as the master node, and the process returns to step S53; if the weighted voting result is greater than or equal to the preset threshold, consensus is determined to be reached.

7. The method for trust space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture as described in claim 6, characterized in that: Step S6 specifically includes the following steps: S61. Select the master node that reaches consensus based on the improved PBFT consensus algorithm; S62. The master node, as the sole executing entity, calculates the weighted average estimate of the risk assessment values ​​for various shipping data, mathematically represented as follows: ; in, For a moment No. The weighted average estimate of risk assessment values ​​for shipping-like data. For the first Each node at time... For the Risk assessment values ​​for shipping-like data; S63. Define the conditions for reaching a group risk consensus. If a group risk consensus is reached, then the following shall be adopted. Use it as the risk assessment value for the master node; otherwise, trigger a view switch, select the next node from the node sequence as the master node, and return to step S53; The conditions for reaching the aforementioned group risk consensus are defined as follows: ; This indicates that it exists. As a consistency threshold, This indicates absolute value calculation; S64. Calculate the group risk consistency index, mathematically represented as follows: ; in, Indicates time The group risk consistency index; Indicates time No. The variance of risk assessment values ​​for shipping-like data.

8. The method for trust space governance of inland waterway shipping data in the Yangtze and Huaihe River basins based on a zero-trust architecture as described in claim 1, characterized in that: Step S7 specifically includes the following steps: S71. Define the system state vector, mathematically represented as follows: ; in, Indicates time The state; Indicates the transpose operation; Indicates time The system risk level is constructed based on the risk assessment value of the master node. Indicates time The intensity of network attacks; Indicates time The system load factor; Indicates time The average data credibility index is calculated as follows: ,in Indicates time No. The credibility index of shipping data Total number of shipping data categories; Indicates time The group risk consistency index, i.e. ,in Indicates time The group risk consistency index; The average uncertainty is expressed as follows: ,in For a moment No. Uncertainty in the fusion of shipping-like data; S72. Define the security policy action space, mathematically represented as follows: ; in, Indicates an action; This indicates an adjustment to the access control policy; This indicates an adjustment to the data encryption strength; This indicates that the intrusion detection threshold has been adjusted. This indicates an adjustment to the emergency response level; This indicates an adjustment to the resource allocation strategy; S73. The reward function is designed as follows: ; in, express Always in the zone Next action The reward value obtained; This represents a security performance indicator, calculated based on the master node risk assessment value. Indicates system performance indicators, Indicators of cost-effectiveness Indicates the uncertainty penalty. , , , These are the reward weight coefficients for safety performance indicators, system performance indicators, cost-benefit indicators, and uncertainty penalties, respectively, and they satisfy the following conditions: ; S74. Define the long-term reward expectation update rule, mathematically represented as follows: ; in, For state action value function, Indicates the state Next action Long-term reward expectations; Indicates the learning rate; Indicates the discount factor; Indicates the next moment status All actions To obtain the maximum value of the expected long-term reward; symbol This indicates an update to; S75. Define the policy generation rule, based on the long-term reward expectation obtained from reinforcement learning, and output the optimal safety policy, mathematically represented as follows: ; in, Indicates the state The optimal security strategy under the following circumstances; Indicates the search for all actions. Chinese Ambassador's Long-Term Reward Expectations Actions that reach the maximum value .

9. The method for trust space governance of inland waterway shipping data in the Yangtze and Huai River basins based on a zero-trust architecture as described in claim 8, characterized in that: The optimal security policy is updated based on the security policy adjustment frequency, which is defined as follows: ; in, This indicates the frequency of security policy adjustments, specifically the number of times a security policy is adjusted per unit of time. , , Let represent the frequency calculation coefficients of the mean values ​​of the group risk consistency index, network attack intensity, and data credibility index, respectively, and satisfy . ; Indicates time The group risk consistency index.

10. The method for trust space governance of inland waterway shipping data in the Yangtze and Huai River basins based on a zero-trust architecture as described in claim 4, characterized in that: In step S8, the design of dynamic access control rules based on expected probability includes: defining an access control function, mathematically represented as follows: ; in, Indicates the access control function. Indicates time No. Expected probability of shipping-like data; , Let represent the upper bound threshold and the lower bound threshold of trust, respectively, and satisfy . ; Indicates the user's security level. This represents the data security level; an output value of 1 for the access control function indicates that access is allowed, an output value of 2 indicates that access is conditionally allowed, and an output value of 0 indicates that access is denied. In step S8, the design of the risk disposal priority ranking rule includes: defining a risk disposal priority function, mathematically represented as follows: ; in, Indicates the priority of risk management. Indicates the degree of risk impact. Indicates the probability of the risk occurring. The uncertainty of risk assessment is expressed as follows: , , These are the weighting coefficients for the degree of risk impact and the probability of risk occurrence, respectively, and they satisfy the following conditions: , ; In step S8, the generation of the dynamic response strategy includes: defining a response level function, mathematically represented as follows: ; in, Indicates the response level; , , , These represent the high-level response priority threshold, the medium-level response priority threshold, the high-level response consensus threshold, and the medium-level response consensus threshold, respectively. Indicates time The group risk consistency index; the response level value output by the response level function is... Time indicates advanced response, value is Time indicates intermediate response, value is This indicates a low-level response.