Enterprise knowledge question answering method, system and electronic device

By generating query vectors and target identity identifiers through enterprise knowledge question answering methods, the problems of secondary filtering by users and data leakage in traditional retrieval systems are solved, enabling fast and secure knowledge acquisition.

CN122173618APending Publication Date: 2026-06-09CISDI INFORMATION TECH CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
CISDI INFORMATION TECH CO LTD
Filing Date
2026-04-10
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

Traditional keyword retrieval in enterprise knowledge retrieval systems requires users to perform secondary filtering and integration, and it does not consider users' access permissions to documents, increasing workload and posing a risk of data leakage.

Method used

By acquiring user query request information, a query vector is generated and combined with the target identity identifier for retrieval. A permission-controlled document retrieval is implemented using a vector database and a mapping relationship database to generate answer text and prevent unauthorized access.

Benefits of technology

It enables rapid retrieval and reduces the risk of data leakage, reduces the burden of information screening and integration for employees, and improves the efficiency of knowledge acquisition.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122173618A_ABST
    Figure CN122173618A_ABST
Patent Text Reader

Abstract

The application provides an enterprise knowledge question answering method, system and electronic equipment, the method comprises the following steps: obtaining a user's question request information, the question request information comprises a question text and a target identity identifier; generating a query vector based on the question text; searching according to the query vector and the target identity identifier to obtain a target text vector; and generating an answer text based on the target text vector and the question text; the method can realize fast searching while avoiding user's unauthorized access, effectively reducing the risk of data leakage, improving the security of enterprise knowledge question answering, realizing the leap from returning documents to direct answering, reducing the burden of employee information screening and integration, and improving the efficiency of knowledge acquisition.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the field of knowledge question answering technology, and in particular to a knowledge question answering method, system and electronic device for enterprises. Background Technology

[0002] As enterprises increasingly rely on information technology, they accumulate massive amounts of document data. The ability to quickly and accurately extract necessary information from this vast amount of data has become crucial for improving employee efficiency. Currently, large enterprises typically employ enterprise knowledge retrieval systems. These systems use keyword-based search queries to quickly find documents.

[0003] However, traditional keyword searches often only return documents that match the literal meaning, requiring users to spend a lot of time on secondary filtering and integration. Furthermore, this search does not consider users' access permissions to documents, which increases the burden on employees to filter effective information and also poses a risk of data leakage. Summary of the Invention

[0004] This invention provides a method, system, and electronic device for enterprise knowledge question answering, in order to solve the technical problems of traditional keyword retrieval, which requires users to perform secondary screening and integration, and does not consider users' access permissions to documents, thus increasing workload and posing a risk of data leakage.

[0005] This invention provides a method for answering enterprise knowledge questions. The method includes: acquiring user question request information, the question request information including question text and target identity identifier; generating a query vector based on the question text; performing a retrieval based on the query vector and the target identity identifier to obtain a target text vector; and generating answer text based on the target text vector and the question text.

[0006] In one embodiment of the present invention, retrieval based on the query vector and the target identity identifier includes: performing an access permission query based on the target identity identifier to obtain a target document identifier, wherein the target document identifier is the identifier information of a document to which the user has access permission; and using the query vector and the target document identifier as retrieval conditions, and performing retrieval according to the retrieval conditions to obtain the target text vector.

[0007] In one embodiment of the present invention, before performing a retrieval based on the query vector and the target identity identifier, the method further includes: obtaining document information, the document information including a document and a document identifier of the document; dividing the document into multiple text segments, and performing vector transformation on each text segment to obtain multiple text vectors corresponding to the document; configuring the document identifier on each text vector, and storing the configured text vectors into a vector database.

[0008] In one embodiment of the present invention, after storing the configured text vectors into a vector database, the method further includes: obtaining access permission data of the document, wherein the access permission data includes at least one of job permission, rank permission, and department permission; associating the access permission data with the document identifier to form a mapping relationship pair between the access permission data and the document identifier and storing it in a mapping relationship library.

[0009] In one embodiment of the present invention, performing a permission query based on the target identity identifier includes: initiating a permission query for the user to an enterprise based on the target identity identifier, obtaining permission information returned by the enterprise, wherein the permission information includes the target document identifier.

[0010] In one embodiment of the present invention, permission query based on the target identity identifier includes: initiating a role query for the user to the enterprise based on the target identity identifier, obtaining enterprise role information to which the user belongs returned by the enterprise, wherein the enterprise role information includes at least one of position, job level and department; matching the enterprise role information with access permission data in the mapping relationship database, and using the document identifier corresponding to the successfully matched access permission data as the target document identifier.

[0011] In one embodiment of the present invention, the retrieval according to the retrieval conditions includes: matching the text vector corresponding to the target document identifier from the vector database as candidate text vectors to obtain multiple candidate text vectors; calculating the similarity between the query vector and each candidate text vector to obtain the similarity corresponding to each candidate text vector; comparing the similarity corresponding to each candidate text vector, and determining the target text vector from each candidate text vector based on the comparison result.

[0012] In one embodiment of the present invention, after storing the configured text vectors into a vector database, the method further includes: receiving document update information from an enterprise, the document update information including a document identifier to be updated and a corresponding new version document, the enterprise being the sender of the document information; dividing the new version document into multiple text segments, and performing vector conversion on each text segment to obtain multiple new text vectors corresponding to the new version document; configuring the document identifier to be updated on each new text vector, and replacing each original text vector corresponding to the document identifier to be updated in the vector database with each configured new text vector.

[0013] In one embodiment of the present invention, after forming a mapping relationship pair between the access permission data and the document identifier and storing it in the mapping relationship library, the method further includes: receiving permission change information from an enterprise, the permission change information including a document identifier to be changed and corresponding new access permission data, the enterprise being the sender of the access permission data; determining a mapping relationship pair to be changed from the mapping relationship library based on the document identifier to be changed, and replacing the access permission data in the mapping relationship pair to be changed with the new access permission data.

[0014] In one embodiment of the present invention, before obtaining the user's question request information, the method further includes: obtaining the user's login request information, the login request information including authentication information; initiating enterprise identity authentication for the user to the enterprise based on the authentication information, and obtaining the target identity identifier after successful authentication; establishing a session channel with the client based on the target identity identifier, so that the user can conduct enterprise knowledge Q&A through the session channel, wherein the client is the sending end of the login request information and the question request information.

[0015] The present invention also provides an enterprise knowledge question-and-answer system, the system comprising: a receiving module, configured to acquire user question request information, the question request information including question text and target identity identifier; a retrieval module, configured to generate a query vector based on the question text, and perform a retrieval based on the query vector and the target identity identifier to obtain a target text vector; and an answer generation module, configured to generate answer text based on the target text vector and the question text.

[0016] The present invention also provides an electronic device, the electronic device comprising: one or more processors; and a storage device for storing one or more programs, wherein when the one or more programs are executed by the one or more processors, the electronic device enables the enterprise knowledge question-and-answer method as described above.

[0017] The beneficial effects of this invention are as follows: This invention proposes an enterprise knowledge question-and-answer method, system, and electronic device. The method obtains the question text and target identity identifier through a question-and-answer process, generates a query vector based on the question text, and uses both the query vector and the target identity identifier as the retrieval basis. This enables rapid retrieval while preventing unauthorized user access, effectively reducing the risk of data leakage and improving the security of enterprise knowledge question-and-answer. After retrieving the target text vector, the answer text is generated based on the target text vector and the question text, achieving a leap from returning a document to directly answering the question, reducing the burden of information screening and integration for employees, and improving knowledge acquisition efficiency. Attached Figure Description

[0018] The accompanying drawings, which are incorporated in and constitute a part of this specification, illustrate embodiments consistent with the invention and, together with the description, serve to explain the principles of the invention. It is obvious that the drawings described below are merely some embodiments of the invention, and those skilled in the art can obtain other drawings based on these drawings without any inventive effort.

[0019] In the attached diagram:

[0020] Figure 1 This is a schematic diagram illustrating the implementation environment of an enterprise knowledge question-answering method according to an embodiment of the present invention; Figure 2 This is a flowchart illustrating an enterprise knowledge question-and-answer method according to an embodiment of the present invention. Figure 3 This is a block diagram of an enterprise knowledge question-and-answer system provided in an embodiment of the present invention; Figure 4 This is a block diagram of another enterprise knowledge question-and-answer system provided in an exemplary embodiment of the present invention; Figure 5 yes Figure 4 The diagram illustrates the knowledge question-and-answer process of the enterprise knowledge question-and-answer system in an exemplary embodiment shown in the example. Figure 6 yes Figure 4 The diagram illustrates a multi-terminal interaction of the enterprise knowledge question-and-answer system in an exemplary embodiment. Figure 7 This is a schematic diagram of the structure of an electronic device provided in an embodiment of the present invention. Detailed Implementation

[0021] The following specific examples illustrate the implementation of the present invention. Those skilled in the art can easily understand other advantages and effects of the present invention from the content disclosed in this specification. The present invention can also be implemented or applied through other different specific embodiments. Various details in this specification can also be modified or changed based on different viewpoints and applications without departing from the spirit of the present invention. In the absence of conflict, the following embodiments and features in the embodiments can be combined with each other.

[0022] It should be noted that the illustrations provided in the following embodiments are only schematic representations of the basic concept of the present invention. The drawings only show the components related to the present invention and are not drawn according to the actual number, shape and size of the components in the actual implementation. In the actual implementation, the form, quantity and proportion of each component can be arbitrarily changed, and the layout of the components may also be more complex.

[0023] In the following description, numerous details are explored to provide a more thorough explanation of embodiments of the invention. However, it will be apparent to those skilled in the art that embodiments of the invention may be practiced without these specific details. In other embodiments, well-known structures and devices are shown in block diagram form rather than in detail to avoid obscuring embodiments of the invention.

[0024] The embodiments of the present invention provide an enterprise knowledge question-answering method, an enterprise knowledge question-answering system, and an electronic device, which will be described in detail below.

[0025] Please see Figure 1 , Figure 1 This is a schematic diagram illustrating the implementation environment of an enterprise knowledge question-answering method according to an embodiment of the present invention, such as... Figure 1 As shown, the implementation environment can include a client 110 and a server 120. The client 110 can be a mobile phone, tablet, computer, smart TV, central control screen, smart wearable device, etc. The server 120 can be a standalone physical server, a server cluster or distributed system composed of multiple physical servers, or a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, CDN (Content Delivery Network), and big data and artificial intelligence platforms. No restrictions are placed here. Users can ask questions through the client 110, which will generate a question request and send it to the server 120. The server 120 will perform document retrieval based on the received question request, generate an answer based on the retrieved content, and return it to the client 110.

[0026] Indicatively, server 120 obtains a user's question request information sent by client 110, which includes question text and a target identity identifier. A query vector is generated based on the question text, and a search is performed using the query vector and the target identity identifier to obtain a target text vector. Finally, an answer text is generated based on the target text vector and the question text. As can be seen, the technical solution of this embodiment obtains question text and a target identity identifier through a question-and-answer method, generates a query vector based on the question text, and uses both the query vector and the target identity identifier as the retrieval basis. This enables rapid retrieval while preventing unauthorized user access, effectively reducing the risk of data leakage and improving the security of enterprise knowledge Q&A. After retrieving the target text vector, the answer text is generated based on the target text vector and the question text, achieving a leap from returning a document to directly answering, reducing the burden of information screening and integration for employees, and improving knowledge acquisition efficiency.

[0027] Please see Figure 2 , Figure 2 This is a flowchart illustrating an enterprise knowledge question-answering method according to an embodiment of the present invention. This enterprise knowledge question-answering method can be applied to... Figure 1 The implementation environment shown is specifically executed by server 120 within that implementation environment. It should be understood that this enterprise knowledge question-answering method can also be applied to other exemplary implementation environments and executed by devices in other implementation environments. This embodiment does not limit the implementation environment to which the enterprise knowledge question-answering method is applicable. Figure 2 As shown, in an exemplary embodiment, the enterprise knowledge question-answering method includes at least steps S210 to S230, which are described in detail below: Step S210: Obtain the user's question request information.

[0028] Step S220: Generate a query vector based on the question text in the question request information, and perform retrieval based on the query vector and the target identity identifier in the question request information to obtain the target text vector.

[0029] Step S230: Generate the answer text based on the target text vector and the question text.

[0030] In step S210, the question request information includes the question text and the target identity identifier. Users can submit questions via voice or text input on the client side. The client generates the question text based on the user's voice or text input and adds the target identity identifier to the question text, forming the question request information which is then sent to the server. The target identity identifier refers to the user's personal identification, such as at least one of the user's ID card number, name, or mobile phone number. The target identity identifier can also be the user's corporate identification, such as at least one of the user's employee ID, employment contract number, or corporate email address; there are no restrictions here.

[0031] In step S220, a vector database can be pre-established. Documents are vectorized to form text vectors, which are then stored in the vector database. Search criteria are constructed based on the query vector and the target identity identifier. Text vectors related to the query vector and conforming to the permissions corresponding to the target identity identifier are retrieved from the vector database according to the search criteria and used as target text vectors. This enables authorized document retrieval, preventing unauthorized user access and reducing the risk of data leakage. The target text vector can be one, two, or more.

[0032] In some embodiments, a relationship between documents and identities can be pre-established. Based on the target identity and this relationship, text vectors that the user has the right to access are obtained from a vector database as candidate text vectors. These candidate text vectors are then matched with query vectors, and the relevant text vectors are determined based on the matching results as target text vectors. This enables access-based document retrieval.

[0033] In other embodiments, a pre-established association between documents and identity identifiers can be created. Text vectors in the vector database are matched with query vectors, and relevant text vectors are determined based on the matching results. These are then used as text vectors to be filtered. Based on the target identity identifier and the association, permission filtering is applied to the text vectors to be filtered to obtain text vectors that the user has permission to access, which are then used as target text vectors. This also enables permission-based document retrieval.

[0034] In some embodiments, generating a query vector based on the question text includes: extracting keywords from the question text, performing vector transformation on the extracted keywords to form a query vector; or, performing semantic analysis on the question text using natural language processing technology to obtain the user's intent, and generating a query vector based on the intent.

[0035] In step S230, the target text vector can be used as context, combined with the question text, and carrying preset prompt words, and sent to the large language model. The large language model then generates the answer text. The large language model can be a pre-trained question-and-answer model or an AI dialogue assistant program. Taking an AI dialogue assistant program as an example, a pre-configured interface can be used to call the AI ​​dialogue assistant program to combine the target text vector, question text, and prompt words to generate the answer text and return it to the client.

[0036] In one embodiment of the present invention, before step S210, the method further includes: obtaining user login request information, the login request information including authentication information; initiating enterprise identity authentication for the user to the enterprise based on the authentication information, and obtaining the target identity identifier after successful authentication; establishing a session channel with the client based on the target identity identifier, so that the user can conduct enterprise knowledge Q&A through the session channel, wherein the client is the sending end of the login request information and the question request information.

[0037] Most corporate Q&A platforms employ an independent account system, which presents two major security risks: first, users can log in directly after registration, making it impossible for the platform to verify their true corporate identity; second, after a user leaves the company, the platform cannot obtain the latest identity status in real time, allowing former employees to still access company documents. This embodiment verifies corporate identity during login, ensuring the authenticity and validity of the user's corporate identity. This dynamic identity verification mechanism reduces the risk of access by non-company personnel and the continued access of former employees to sensitive company documents, further enhancing the security of corporate data.

[0038] In this embodiment, a single sign-on method can be used to authenticate the user's corporate identity and obtain the target identity identifier. The target identity identifier refers to the user's identity identifier information within the enterprise, which may be the user's employee number, employment contract number, or enterprise email address.

[0039] For example, a user can log in via a client by entering their username and password. The client uses the username and password as authentication information, or at least one of the associated mobile phone number, email address, or ID card number, and sends a login request containing authentication information to the server. The server sends an authentication request to the enterprise based on the authentication information, so that the enterprise can authenticate the user's identity. The enterprise checks whether an identity identifier related to the authentication information exists. If it exists, the authentication is successful, and the enterprise returns authentication information containing the target identity identifier to the server. If it does not exist, the authentication fails, and the enterprise returns authentication failure information. After successful authentication, the server establishes a session channel with the client based on the target identity identifier in the authentication information. This session channel enables the transmission of question-and-answer data between the client and the server. When a user asks a question, the client adds the target identity identifier to the question text, forms a question request, and transmits the question request to the server through the session channel. When the server generates the answer text, it transmits the answer text to the client through the session channel.

[0040] In one embodiment of the present invention, retrieval based on a query vector and a target identity identifier includes: performing a permission query based on the target identity identifier to obtain a target document identifier, wherein the target document identifier is the identifier information of a document to which the user has access rights; and using the query vector and the target document identifier as retrieval conditions, and performing a retrieval according to the retrieval conditions to obtain a target text vector. This embodiment uses the target document identifier to represent the user's access rights to a document. By performing a permission query based on the target identity identifier to obtain the target document identifier, and then using the query vector and the target document identifier as retrieval conditions, permission management and vector retrieval are decoupled. Permission changes do not require rebuilding the vector index, facilitating the addition, deletion, and modification of document access permissions, and reducing operational costs.

[0041] In this embodiment, document identifiers can be pre-configured for text vectors in the vector database. A document identifier is a unique identifier for the document to which a text vector belongs. The target document identifier can be compiled into an expression natively supported by the vector database, used to synchronously perform permission checks during the approximate nearest neighbor retrieval process. For example, a corresponding text vector can be obtained from the vector database based on the target document identifier as a candidate text vector. The candidate text vector is then matched with the query vector for similarity, and the relevant text vector is determined based on the similarity matching result as the target text vector. Alternatively, text vectors in the vector database can be matched with the query vector for similarity, and the relevant text vector is determined based on the similarity matching result as the text vector to be filtered. Permission filtering is then applied to the text vector to be filtered based on the target document identifier to obtain the target text vector. The target document identifier can be one, two, or more.

[0042] In some embodiments, document identifiers and access permissions can be pre-configured for each document, and a mapping table or database of document identifiers and access permissions can be established. The user's enterprise role information, including job title, rank, and department, is determined based on the target identity identifier. This enterprise role information is compared with the access permissions in the mapping table or database to determine the document identifier corresponding to the document the user has permission to access, which is then used as the target document identifier. For example, determining the user's enterprise role information based on the target identity identifier includes: pre-establishing a correspondence between identity identifiers and enterprise role information, and determining the enterprise role information corresponding to the target identity identifier based on this correspondence; or, querying the enterprise on-site in real-time for the enterprise role information corresponding to the target identity identifier based on the target identity identifier.

[0043] In other embodiments, corresponding document identifiers and identity identifiers can be pre-configured for each document, and a mapping table or mapping database of document identifiers and identity identifiers can be established. The identity identifier corresponding to a document represents the identity identifier of a user with access rights. The document identifier corresponding to the identity identifier that is identical to the target identity identifier in the mapping table or mapping database is used as the target document identifier.

[0044] In one embodiment of the present invention, before step S220, the method further includes: obtaining document information, the document information including a document and a document identifier of the document; dividing the document into multiple text segments, and performing vector transformation on each text segment to obtain multiple text vectors corresponding to the document; configuring a document identifier for each text vector, and storing the configured text vectors into a vector database.

[0045] This embodiment divides documents into small segments and converts them into vectors, enabling precise semantic location of specific knowledge points during retrieval, reducing data processing volume and interference from invalid information for subsequent answer generation; and by centrally managing text vectors in a vector database, it facilitates unified maintenance of text vectors.

[0046] In this embodiment, document information can be uploaded manually or retrieved from the enterprise. Based on the retrieved document information, an enterprise knowledge base (i.e., a vector database) is built on the server. Taking retrieving document information from the enterprise as an example, documents and their corresponding document identifiers can be obtained through the enterprise's document storage system. For example, the connection method between the server and the enterprise's document storage system can be configured, authorizing the server to read the documents stored in the document storage system and the document identifiers of each document as an application. For different types of documents, different tools can be selected to parse them into Markdown (a lightweight markup language) format files. The Markdown format files are sliced ​​using a text slicer, and the sliced ​​text fragments are vectorized using vector models such as Qwen3-Reranker-8B (Qwen3, Reranker, 8B: 8 Billion, representing the number of parameters in the model) to obtain high-dimensional vectors, which serve as text vectors. When storing the text vectors in the vector database, each text vector is associated with a document identifier, thereby completing the construction of the enterprise knowledge base.

[0047] In one embodiment of the present invention, after storing the configured text vectors into a vector database, the method further includes: obtaining the access permission data of the document, wherein the access permission data includes at least one of job permission, rank permission and department permission; associating the access permission data with the document identifier to form a mapping relationship pair between the access permission data and the document identifier and storing it in the mapping relationship library.

[0048] This embodiment binds document identifiers to permissions, rather than to individual user identities. When a user changes roles or positions, only the user's role needs to be changed; there is no need to modify the mapping relationship between document identifiers and access permission data, making permission management more flexible. By centrally managing the mapping relationship between document identifiers and access permission data in a mapping relationship database, it is easy to maintain the mapping relationship pairs uniformly. By storing documents and the mapping relationship between documents and permissions separately, subsequent updates to documents or adjustments to permissions will not affect each other.

[0049] In this embodiment, document access permission data can be uploaded manually or obtained through the enterprise's permission system. A mapping relationship library is then built on the server based on the document's access permission data and document identifier. The access permission data represents the scope of access permissions for a document, such as the department, job level, or position that can access the document, or a combination thereof. For example, access permission data for each document can be obtained through the permission system's permission interface, converted into permission metadata, and a mapping relationship library can be created. Furthermore, a mapping relationship between the document identifier and permission metadata for the same document can be established and stored in the mapping relationship library.

[0050] In one embodiment of the present invention, performing permission query based on the target identity identifier includes: initiating a permission query for the user to the enterprise based on the target identity identifier, obtaining permission information returned by the enterprise, wherein the permission information includes the target document identifier.

[0051] Some enterprise knowledge-based Q&A platforms simulate access control through static role assignment, fixing the binding relationship between users and enterprise roles. This approach is difficult to adapt to complex organizational structure changes or temporary authorization scenarios. This embodiment requests user permissions from the enterprise in real time, enabling the enterprise to verify user permissions and return the target document identifier that the user has read permissions for. This allows for immediate response to enterprise organizational adjustments, such as department mergers, job transfers, and employee onboarding and offboarding, and also meets the needs of temporary authorization and special approval scenarios, ensuring that permission verification is always based on the latest status.

[0052] In this embodiment, the user permissions corresponding to the target identity can be queried through the permission interface of the permission system to obtain permission information. The permission information includes a list of document IDs (identifications) that the user has read permissions for, and the list of document IDs is formed by at least one target document identifier.

[0053] In another embodiment of the present invention, permission query based on target identity includes: initiating a role query for the user to the enterprise based on the target identity, obtaining the enterprise role information to which the user belongs returned by the enterprise, wherein the enterprise role information includes at least one of job position, job level and department; matching the enterprise role information with the access permission data in the mapping relationship database, and taking the document identifier corresponding to the successfully matched access permission data as the target document identifier.

[0054] Compared to linking target identity identifiers with enterprise role information on a knowledge Q&A platform, this embodiment requests user role queries from the enterprise in real time, enabling the enterprise to verify the user's role and return the user's enterprise role information. This allows for timely responses to enterprise organizational restructuring, such as department mergers, job transfers, and employee onboarding and offboarding. Through multi-dimensional combinations of positions, job levels, and departments, cross-dimensional and refined access control can be achieved.

[0055] In this embodiment, "job title" refers to a user's functional role, such as product manager or R&D engineer; "job level" refers to a user's job grade, such as director or ordinary employee; and "department" refers to the organizational unit to which a user belongs, such as finance department or marketing department. These three dimensions—job title, job level, and department—can be used individually or in combination. For example, the access permission scope of a document can be determined based on both job title and department, or the access permission scope of a document can be determined based on job level, achieving more granular access control.

[0056] In one embodiment of the present invention, the retrieval according to the retrieval conditions includes: matching the text vector corresponding to the target document identifier from the vector database as candidate text vectors to obtain multiple candidate text vectors; calculating the similarity between the query vector and each candidate text vector to obtain the similarity corresponding to each candidate text vector; comparing the similarity corresponding to each candidate text vector, and determining the target text vector from each candidate text vector based on the comparison results.

[0057] Some enterprise knowledge-based Q&A platforms often perform permission filtering after retrieval, i.e., recalling and then removing documents. This not only wastes computing resources but may also lead to the accidental exposure of unauthorized information due to intermediate result caching. This embodiment performs permission filtering first, using the text vector after permission filtering as the search scope for similarity retrieval. On the one hand, this ensures that the search scope is limited to documents that the user has access to, reducing the risk of unauthorized documents being exposed or leaked during the retrieval process. On the other hand, it reduces the search volume for similarity retrieval, reduces computing overhead, and thus improves retrieval response speed.

[0058] In this embodiment, the similarity corresponding to the candidate text vector represents the similarity between the query vector and the candidate text vector. At least one of the following can be calculated between the query vector and the candidate text vector: cosine similarity, Euclidean distance, and Manhattan distance. The similarity between the query vector and the candidate text vector is determined based on the calculation results and used as the similarity corresponding to the candidate text vector. For example, the final similarity between the query vector and the candidate text vector can be determined by combining the cosine similarity and Euclidean distance, along with their corresponding weights.

[0059] In some embodiments, comparing the similarity of each candidate text vector includes: comparing the similarity of each candidate text vector with a preset similarity threshold, and taking the candidate text vector with a similarity greater than the preset similarity threshold as the target text vector.

[0060] In other embodiments, the similarity comparison of each candidate text vector includes: comparing the similarity of each candidate text vector with a preset similarity threshold, taking the candidate text vector with a similarity greater than the preset similarity threshold as the text vector to be recommended, and selecting the text vector to be recommended that meets a preset number of similarity thresholds as the target text vector in a manner from high to low similarity.

[0061] In other embodiments, the similarity of each candidate text vector is compared, including: sorting each candidate text vector according to the similarity value, and selecting a preset number of candidate text vectors as the target text vector from the sorted candidate text vectors in descending order of similarity.

[0062] In one embodiment of the present invention, after storing the configured text vectors into a vector database, the method further includes: receiving document update information from an enterprise, the document update information including a document identifier to be updated and a corresponding new version document, the enterprise being the sender of the document information; dividing the new version document into multiple text segments and performing vector conversion on each text segment to obtain multiple new text vectors corresponding to the new version document; configuring a document identifier to be updated for each new text vector, and replacing the original text vectors corresponding to the document identifier to be updated in the vector database with the configured new text vectors.

[0063] Related knowledge Q&A platforms typically store documents manually, which not only increases labor costs but also easily leads to problems such as inconsistent document versions and delayed updates, disrupting consistency with the enterprise's original knowledge management system. This embodiment achieves synchronous updates of text vectors in the vector database by directly sending document information and document update information from the enterprise to the server, avoiding the delays and inconsistent document versions caused by manual operations.

[0064] In this embodiment, the server can use at least one of event-driven and timed polling methods to obtain document information and document update information from the enterprise, ensuring that the text vectors in the vector database are consistent with the documents in the enterprise document storage system.

[0065] In one embodiment of the present invention, after forming a mapping relationship pair between access permission data and document identifier and storing it in the mapping relationship library, the method further includes: receiving permission change information from the enterprise, the permission change information including the document identifier to be changed and the corresponding new access permission data, the enterprise being the sender of the access permission data; determining the mapping relationship pair to be changed from the mapping relationship library according to the document identifier to be changed, and replacing the access permission data in the mapping relationship pair to be changed with the new access permission data.

[0066] Related knowledge Q&A platforms typically store document access permission data manually, which not only increases labor costs but also easily leads to problems such as inconsistent permissions and delayed updates, disrupting consistency with the enterprise's original permission management system. This embodiment directly sends access permission data and permission change information from the enterprise end to the server, achieving synchronous updates of mapping relationships in the mapping relationship database, avoiding the delays and inconsistent permissions caused by manual operations.

[0067] In this embodiment, the server can use at least one of event-driven and timed polling methods to obtain access permission data and permission change information from the enterprise, ensuring that the mapping relationship pairs in the mapping relationship database are consistent with the permission data in the enterprise permission system.

[0068] Please see Figure 3 , Figure 3 This is a block diagram of an enterprise knowledge question-and-answer system provided in an embodiment of the present invention. This system can be applied to... Figure 1 The implementation environment shown is specifically configured in server 120. This system can also be applied to other exemplary implementation environments and specifically configured in other devices. This embodiment does not limit the implementation environment to which the system is applicable.

[0069] like Figure 3 As shown, the exemplary enterprise knowledge question-and-answer system includes: a receiving module 310, used to obtain user question request information, the question request information including question text and target identity identifier; a retrieval module 320, used to generate a query vector based on the question text, and perform retrieval based on the query vector and target identity identifier to obtain a target text vector; and an answer generation module 330, used to generate answer text based on the target text vector and question text.

[0070] In this embodiment, the receiving module 310 can be a data receiver, application server, API (Application Programming Interface) gateway, or other hardware device, or a Web (web page) service framework, message queue consumer, or other software program. The retrieval module 320 can be a dedicated vector retrieval hardware, in-memory computing server, or other hardware device, or a model inference engine, vector plugin, vector retrieval library, or other software program. The answer generation module 330 can be an inference accelerator card, GPU (Graphics Processing Unit) server, or other hardware device, or a large language model inference framework, generative AI (Artificial Intelligence) model, or other software program. No restrictions are imposed here.

[0071] In one embodiment of the present invention, the enterprise knowledge question-and-answer system further includes an identity authentication module, which is used to initiate enterprise identity authentication for the user based on the identity authentication information, and obtain the target identity identifier after the authentication is successful; wherein, the receiving module 310 is also used to obtain the user's login request information, which includes identity authentication information.

[0072] In one embodiment of the present invention, the enterprise knowledge question-and-answer system further includes an authorization module, which is used to initiate an authorization query for the user to the enterprise based on the target identity identifier to obtain the target document identifier; wherein, the retrieval module 320 performs a retrieval using the query vector and the target document identifier as retrieval conditions to obtain the target text vector.

[0073] In one embodiment of the present invention, the enterprise knowledge question answering system further includes a knowledge base construction module, which is used to obtain document information, including the document and the document identifier of the document; divide the document into multiple text segments, and perform vector transformation on each text segment to obtain multiple text vectors corresponding to the document; configure document identifiers for each text vector, and store the configured text vectors into a vector database; A vector database is used to match the text vector corresponding to the target document identifier as candidate text vectors, resulting in multiple candidate text vectors. The similarity between the query vector and each candidate text vector is calculated to obtain the similarity between each candidate text vector. The similarity between each candidate text vector is compared, and the target text vector is determined from the candidate text vectors based on the comparison results.

[0074] Please see Figure 4 , Figure 4 This is a block diagram of another enterprise knowledge question-answering system provided by an exemplary embodiment of the present invention, such as... Figure 4As shown, the enterprise knowledge Q&A system includes: an enterprise identity federated authentication module, used to authenticate users through enterprise single sign-on and obtain the user's target identity identifier; a permission data synchronization and mapping module, used to connect to the enterprise's permission system's permission interface, obtain the access permission data of each document, convert the access permission data into permission metadata, establish a mapping relationship between permission metadata and document identifiers and store it in the mapping relationship database; or, connect to the enterprise's permission system's permission interface, query user permissions based on the target identity identifier to obtain the target document identifier; a knowledge base construction module, used to read documents from the enterprise's document storage system, slice the documents to generate text fragments, perform vectorization processing, associate the text vectors with document identifiers and store them in the vector database; a dynamic retrieval and filtering module, used to generate a query vector based on the question text in the question request information after receiving the user's question request information, form a retrieval request based on the query vector, and inject the target document identifier as a permission filtering condition into the retrieval request before initiating a retrieval in the vector database, so that the vector database returns the target text vector that the user has the right to access; and a large model, used to generate answer text based on the target text vector and question text and return it to the user.

[0075] In this embodiment, when a user initiates a question request, the enterprise knowledge Q&A system obtains the corresponding document access permissions (i.e., target document identifier) ​​in real time based on the user's real identity within the enterprise. During the retrieval phase, it dynamically filters the text vectors in the vector database, returning only the content the user is authorized to access. By deeply integrating with the enterprise's existing identity authentication and permission management system, this system effectively ensures data security and permission compliance during the Q&A process, fully meeting the enterprise's dual needs for intelligent Q&A and fine-grained access control.

[0076] In some embodiments, the determination of the target document identifier includes: the permission data synchronization and mapping module matching the enterprise role information corresponding to the target identity identifier with the permission metadata in the mapping relationship database, and taking the document identifier corresponding to the successfully matched permission metadata as the target document identifier; or, the permission data synchronization and mapping module requesting to query user permissions from the enterprise's permission system based on the target identity identifier to obtain permission information, which includes a list of document IDs formed by the target document identifier.

[0077] In some embodiments, the enterprise knowledge question answering system further includes a vector database for storing text vectors, and for performing similarity searches on the text vectors corresponding to the target document identifier and returning the target text vector.

[0078] In some embodiments, the enterprise identity federated authentication module is also used to query the user's role and obtain the user's enterprise role information.

[0079] In some embodiments, the permission data synchronization and mapping module synchronizes permission changes from the enterprise's permission system in an event-driven and timed polling manner, ensuring that the permission metadata in the mapping relationship database is consistent with the enterprise source system (i.e., the permission system).

[0080] In some embodiments, the dynamic retrieval filtering module compiles the permission filtering conditions into expressions natively supported by the vector database, which are used to synchronously perform permission checks during the approximate nearest neighbor retrieval process.

[0081] It should be understood that the Enterprise Identity Federated Authentication Module is a specific example of the Identity Authentication Module, the Permission Data Synchronization and Mapping Module is a specific example of the Permission Authentication Module, the Dynamic Search Filtering Module is a specific example of the Search Module 320, and the Large Model, also known as the Large Language Model, is a specific example of the Answer Generation Module 330.

[0082] Please see Figure 5 , Figure 5 yes Figure 4 The diagram illustrates the knowledge question-answering process of the enterprise knowledge question-answering system in an exemplary embodiment, as shown in the example. Figure 5 As shown, the knowledge-based question-and-answer process of this enterprise knowledge-based question-and-answer system is as follows: Step S510: The user logs into the enterprise knowledge Q&A system. The enterprise identity federated authentication module authenticates the user's identity and obtains the user's target identity identifier after the identity authentication is successful. Step S520: When a user asks a question, the permission data synchronization and mapping module queries the permission information corresponding to the target identity identifier, obtains the target document identifier, and the dynamic retrieval and filtering module generates a query vector based on the question text and initiates a retrieval request based on the query vector and the target document identifier. Step S530: The vector database filters text vectors based on the target document identifier in the retrieval request, and performs similarity retrieval on the filtered text vectors based on the query vector in the retrieval request to obtain the target text vector; Step S540: The large model generates the answer text based on the question text and the target text vector and returns it to the user.

[0083] For specific details regarding the knowledge-based question-and-answer process, please refer to the descriptions in the aforementioned embodiments; they will not be repeated here. This enterprise knowledge-based question-and-answer system can perform real-time enterprise identity authentication and identify the user's document access permissions within the enterprise when a user asks a question. It generates answers only based on documents the user is authorized to view, thereby ensuring intelligent question-and-answer capabilities while strictly protecting enterprise data security and compliance.

[0084] Please see Figure 6 , Figure 6 yes Figure 4The illustrated embodiment of the enterprise knowledge question-answering system is a multi-terminal interaction diagram in an exemplary embodiment, as shown below. Figure 6 As shown, this enterprise knowledge Q&A system achieves enterprise knowledge Q&A through interaction with the user terminal (i.e., the client) and the enterprise system (i.e., the enterprise terminal). The multi-terminal interaction logic is as follows: The enterprise knowledge Q&A system retrieves documents stored in the enterprise's document storage system through its knowledge base construction module. The connection method with the document storage system can be pre-configured in the system's management backend, authorizing the system to read the document storage system's content as an application. Different tools are automatically selected to parse different document types into .md format files. A text slicer is used to slice the .md format files into multiple text fragments. The Qwen3-Reranker-8B vector model is used to vectorize these text fragments into high-dimensional vectors, which serve as text vectors. When storing these text vectors in the vector database, a document identifier is associated with each text vector, thus completing the construction of the enterprise knowledge base. Users log in to the enterprise knowledge Q&A system on the user's end via single sign-on; the enterprise knowledge Q&A system requests the authentication system in the enterprise system to authenticate the user's identity through the enterprise identity federated authentication module. After the identity authentication is successful, the system obtains the user's target identity identifier and establishes a session channel with the user's end so that the user can start Q&A through the session channel. When a user asks a question, the enterprise knowledge Q&A system receives the user's question request information through the dynamic retrieval and filtering module. Then, through the permission data synchronization and mapping module, it requests the user's permission information from the enterprise system's permission system. This permission information includes a list of document IDs with read permissions, i.e., a list of document IDs formed by the target document identifier. After obtaining the permission information, the dynamic retrieval and filtering module converts the question text into a query vector to form a retrieval request. It injects the target document identifier as a permission filter condition into the retrieval request to initiate a retrieval request to the vector database. The vector database performs a similarity search on the text vectors corresponding to the target document identifier and returns the Top K most relevant text vectors as the target text vector. The Top K most relevant text vectors refer to the K text vectors with the highest similarity ranking, where K is a preset number. After receiving the target text vector returned by the vector database, the dynamic retrieval and filtering module combines it with the question text as context, includes built-in prompts, and sends it to the large model. The large model generates accurate and reliable answer text based on a secure and authorized context and returns it to the user.

[0085] For details regarding the multi-terminal interaction logic, please refer to the descriptions in the aforementioned embodiments; they will not be repeated here. This enterprise knowledge Q&A system can deeply integrate with an enterprise's existing identity authentication and document permission management system without copying the original documents. It dynamically identifies the user's access permissions when asking questions and performs precise content filtering during the retrieval phase, ensuring that the Q&A results only contain information that the user is authorized to view. This balances intelligence and security, meeting the enterprise's dual needs for data compliance and efficient knowledge services.

[0086] It should be noted that the system provided in the above embodiments and the enterprise knowledge question-answering method provided in the above embodiments belong to the same concept. The specific way each module performs its operation has been described in detail in the method embodiments, and will not be repeated here. In practical applications, the system provided in the above embodiments can be assigned to different functional modules as needed, that is, the internal structure of the system can be divided into different functional modules to complete all or part of the functions described above. This is not a limitation here.

[0087] In one embodiment of the present invention, an electronic device is also provided, comprising: one or more processors; and a storage device for storing one or more programs, wherein when the one or more programs are executed by the one or more processors, the electronic device enables the enterprise knowledge question-and-answer method provided in the above embodiments.

[0088] Please see Figure 7 , Figure 7 This is a schematic diagram of the structure of an electronic device according to an embodiment of the present invention. It should be noted that... Figure 7 The electronic device 700 shown is merely an example and should not be construed as limiting the functionality and scope of use of the embodiments of the present invention.

[0089] like Figure 7 As shown, the electronic device 700 includes a processor 701, a memory 702, and a communication bus 703; the communication bus 703 is used to connect the processor 701 and the memory 702; the processor 701 is used to execute a computer program stored in the memory 702 to implement one or more methods in the above embodiments.

[0090] The electronic device provided in this embodiment of the invention includes a processor, a memory, a transceiver, and a communication interface. The memory and the communication interface are connected to the processor and the transceiver and complete communication between them. The memory is used to store computer programs, the communication interface is used to perform communication, and the processor and the transceiver are used to run the computer programs, so that the electronic device performs the various steps of the above method.

[0091] In embodiments of the present invention, the memory may include random access memory (RAM) and may also include non-volatile memory, such as at least one disk storage device.

[0092] The processors mentioned above can be general-purpose processors, including central processing units (CPUs), network processors (NPs), etc.; they can also be digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or other programmable logic devices, discrete gate or transistor logic devices, or discrete hardware components.

[0093] The above embodiments are merely illustrative of the principles and effects of the present invention and are not intended to limit the invention. Any person skilled in the art can modify or alter the above embodiments without departing from the spirit and scope of the present invention. Therefore, all equivalent modifications or alterations made by those skilled in the art without departing from the spirit and technical concept disclosed in the present invention should still be covered by the claims of the present invention.

Claims

1. A method for answering enterprise knowledge questions, characterized in that, The method includes: Obtain user's question request information, which includes question text and target identity identifier; A query vector is generated based on the question text, and the target text vector is obtained by searching based on the query vector and the target identity identifier. The answer text is generated based on the target text vector and the question text.

2. The enterprise knowledge question-and-answer method according to claim 1, characterized in that, Retrieval based on the query vector and the target identity identifier includes: Based on the target identity identifier, an access permission query is performed to obtain the target document identifier, which is the identification information of the document that the user has access permission to; Using the query vector and the target document identifier as search criteria, and performing a search according to the search criteria, the target text vector is obtained.

3. The enterprise knowledge question-and-answer method according to claim 2, characterized in that, Before performing the retrieval based on the query vector and the target identity identifier, the method further includes: Obtain document information, which includes the document and its document identifier; The document is divided into multiple text segments, and each text segment is vectorized to obtain multiple text vectors corresponding to the document. Configure the document identifier for each text vector, and store the configured text vectors into the vector database.

4. The enterprise knowledge question-and-answer method according to claim 3, characterized in that, After storing the configured text vectors into the vector database, the method further includes: Obtain the access permission data of the document, wherein the access permission data includes at least one of job position permissions, job level permissions, and department permissions; The access permission data and the document identifier are associated to form a mapping relationship pair between the access permission data and the document identifier, and the pair is stored in the mapping relationship library.

5. The enterprise knowledge question-and-answer method according to claim 3, characterized in that, Access control queries based on the target identity include: Based on the target identity identifier, an access permission query for the user is initiated to the enterprise, and access permission information is returned by the enterprise, including the target document identifier.

6. The enterprise knowledge question-and-answer method according to claim 4, characterized in that, Access control queries based on the target identity include: Based on the target identity identifier, a role query for the user is initiated to the enterprise, and the enterprise returns the enterprise role information to which the user belongs. The enterprise role information includes at least one of position, job level, and department. The enterprise role information is matched with the access permission data in the mapping relationship database, and the document identifier corresponding to the successfully matched access permission data is used as the target document identifier.

7. The enterprise knowledge question-and-answer method according to any one of claims 3-6, characterized in that, Searching according to the search criteria includes: The text vector corresponding to the target document identifier is matched from the vector database to obtain multiple candidate text vectors; The similarity between the query vector and each candidate text vector is calculated to obtain the similarity between each candidate text vector. The similarity of each candidate text vector is compared, and the target text vector is determined from each candidate text vector based on the comparison results.

8. The enterprise knowledge question-and-answer method according to claim 3, characterized in that, After storing the configured text vectors into the vector database, the method further includes: Receive document update information from the enterprise, the document update information including the document identifier to be updated and the corresponding new version document, the enterprise being the sender of the document information; The new version document is divided into multiple text segments, and each text segment is vectorized to obtain multiple new text vectors corresponding to the new version document. Configure the document identifier to be updated for each new text vector, and replace each original text vector corresponding to the document identifier to be updated in the vector database with each new text vector that has been configured.

9. The enterprise knowledge question-and-answer method according to claim 4, characterized in that, After forming the mapping pair between the access permission data and the document identifier and storing it in the mapping database, the method further includes: The system receives permission change information from the enterprise, which includes the document identifier to be changed and the corresponding new access permission data. The enterprise is the sender of the access permission data. Based on the document identifier to be changed, determine the mapping relationship pair to be changed from the mapping relationship library, and replace the access permission data in the mapping relationship pair to be changed with the new access permission data.

10. The enterprise knowledge question-and-answer method according to claim 1, characterized in that, Before obtaining the user's question request information, the method further includes: Obtain the user's login request information, which includes authentication information; Based on the authentication information, the enterprise side is initiated to authenticate the user's enterprise identity, and the target identity identifier is obtained after successful authentication. A session channel is established with the client based on the target identity identifier, so that the user can conduct enterprise knowledge Q&A through the session channel, wherein the client is the sending end of the login request information and the question request information.

11. An enterprise knowledge question-and-answer system, characterized in that, The system includes: The receiving module is used to acquire user question request information, which includes question text and target identity identifier; The retrieval module is used to generate a query vector based on the question text, and to retrieve the target text vector based on the query vector and the target identity identifier. The answer generation module is used to generate answer text based on the target text vector and the question text.

12. An electronic device, characterized in that, The electronic device includes: One or more processors; A storage device for storing one or more programs, which, when executed by one or more processors, cause the electronic device to implement the enterprise knowledge question-answering method as described in any one of claims 1-10.