Archive destruction method, device, equipment and storage medium

By obtaining the destruction authorization code and matching it with RFID tags, combined with automated video recording and evidence preservation, the problem of the disconnect between physical and digital data in the process of archive destruction is solved, and efficient, accurate and secure closed-loop management of archive destruction is achieved.

CN122179110APending Publication Date: 2026-06-09北京合思信息技术有限公司

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
北京合思信息技术有限公司
Filing Date
2026-03-02
Publication Date
2026-06-09

AI Technical Summary

Technical Problem

In the current process of destroying archives, physical destruction and digital destruction are disconnected, there is a lack of effective monitoring, and authorization and execution are separated, resulting in low accuracy and efficiency of destruction, and difficulty in tracing responsibility.

Method used

By obtaining a destruction authorization code to bind the file destruction task, RFID tags and cameras are used to achieve precise matching between physical and digital files, automated video recording and evidence preservation, forming a digital twin closed-loop management system to ensure that physical destruction and digital status are synchronized.

Benefits of technology

It achieves high efficiency, accuracy, and security in the process of destroying archives, eliminates discrepancies between accounts and actual records, provides irrefutable evidence, and improves compliance and efficiency.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122179110A_ABST
    Figure CN122179110A_ABST
Patent Text Reader

Abstract

This application provides a method, apparatus, device, and storage medium for document destruction, relating to the field of document destruction technology. The method includes: obtaining a destruction authorization code based on a destruction operation; the destruction authorization code is information generated for a document destruction task; the document destruction task includes multiple physical documents to be destroyed, each corresponding to a digital virtual document. The method involves obtaining and displaying a list of document identifiers corresponding to the destruction authorization code; if a physical document to be destroyed is determined to be in the list, a physical destruction procedure is initiated to perform the destruction. If a destruction completion signal is generated, the signal is uploaded to a server, so that the server updates the status of the digital virtual document corresponding to the physical document to be destroyed to "destroyed" based on the destruction completion signal. This method aims to improve the accuracy and efficiency of document destruction during the document destruction process.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This application relates to the field of archive destruction technology, and more specifically, to an archive destruction method, apparatus, equipment, and storage medium. Background Technology

[0002] Currently, all types of archives (especially accounting archives and contract archives) have legally mandated retention periods. Upon expiration of the retention period, archives must be appraised and destroyed according to prescribed procedures to free up storage space, reduce management costs, and protect information security. Archive destruction is an extremely serious and sensitive process, involving not only the destruction of the physical entity but also the alteration and eventual deletion of the corresponding digital archives within the information system.

[0003] In existing technologies, the process of destroying archives typically involves completing the approval process for destruction in the management system, with frontline personnel carrying out the specific archive destruction operations. The destruction process relies on manual supervision and the signature confirmation of paper lists.

[0004] However, in existing technologies, because the destruction process relies on manual supervision and signed confirmation of paper lists, it may be difficult to ensure that every file that should be destroyed is destroyed, and it is also difficult to prevent files that should not be destroyed from being destroyed by mistake. Once a problem occurs, it is very difficult to trace the source and determine responsibility, resulting in low accuracy and low efficiency in the destruction of files. Summary of the Invention

[0005] The purpose of this application is to provide a method, apparatus, device, and storage medium for destroying archives, thereby solving the aforementioned problems in the prior art and improving the accuracy and efficiency of archive destruction during the process.

[0006] Firstly, a method for destroying archives is provided, which may include: Based on the destruction operation, a destruction authorization code is obtained; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file. Obtain and display the list of file identifiers to be destroyed corresponding to the destruction authorization code; if it is determined that the physical file to be destroyed is in the list of file identifiers to be destroyed, then start the physical destruction procedure to perform the destruction. If a destruction completion signal is generated, the destruction completion signal is uploaded to the server so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

[0007] Secondly, a file destruction device is provided, which may include: The acquisition module is used to acquire a destruction authorization code based on the destruction operation; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file. The destruction module is used to obtain and display a list of file identifiers to be destroyed corresponding to the destruction authorization code; if it is determined that the physical file to be destroyed is in the list of file identifiers to be destroyed, the physical destruction program is started to perform the destruction. An update module is used to upload a destruction completion signal to the server if a destruction completion signal is generated, so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

[0008] Thirdly, an electronic device is provided, which includes a processor, a communication interface, a memory, and a communication bus, wherein the processor, the communication interface, and the memory communicate with each other through the communication bus; Memory, used to store computer programs; When a processor executes a program stored in memory, it implements any of the steps described in the first aspect above.

[0009] Fourthly, a computer-readable storage medium is provided, wherein a computer program is stored therein, and when executed by a processor, the computer program implements the steps of any of the methods described in the first aspect above.

[0010] This application provides a method, apparatus, device, and storage medium for document destruction. Based on a destruction operation, a destruction authorization code is obtained. The destruction authorization code is information generated for a document destruction task. The document destruction task includes multiple physical documents to be destroyed, each corresponding to a digital virtual document. A list of document identifiers corresponding to the destruction authorization code is obtained and displayed. If a physical document to be destroyed is determined to be in the list, a physical destruction procedure is initiated to execute the destruction. If a destruction completion signal is generated, it is uploaded to a server so that the server updates the status of the digital virtual document corresponding to the physical document to be destroyed to "destroyed" based on the destruction completion signal. In this solution, the destruction authorization code is bound to the document destruction task, ensuring that only officially approved document destruction tasks can be executed by the physical device. By determining whether the physical document to be destroyed is in the list of document identifiers, precise document object matching is achieved, ensuring that the destroyed physical document corresponds precisely to the same object as the digital document destroyed by the system command. After the physical destruction is confirmed, the final state change of the digital document is automatically triggered, achieving automatic synchronization of document status and eliminating any time lag or human error. Therefore, through the above methods, a true "digital twin" closed loop is formed, from online digital instructions to offline physical actions, and then from physical results back to digital status. This establishes a closed-loop management system that ensures precise synchronization, strong correlation, and auditability between the "end of the digital archive lifecycle" and the "end of the physical form of the physical archive." It enables the simultaneous destruction of physical and digital archives based on destruction authorization codes and Internet of Things (IoT) linkage, significantly improving the efficiency and accuracy of the destruction work and greatly enhancing the security and compliance of the destruction process. Attached Figure Description

[0011] To more clearly illustrate the technical solutions of the embodiments of this application, the accompanying drawings used in the embodiments of this application will be briefly introduced below. It should be understood that the following drawings only show some embodiments of this application and should not be regarded as a limitation of the scope. For those skilled in the art, other related drawings can be obtained based on these drawings without creative effort.

[0012] Figure 1 A flowchart illustrating a method for destroying archives provided in this application embodiment; Figure 2 A flowchart illustrating a method for destroying archives provided in this application embodiment; Figure 3 This is a schematic diagram of the structure of an archive destruction device provided in an embodiment of this application; Figure 4 This is a schematic diagram of the structure of an electronic device provided in an embodiment of this application. Detailed Implementation

[0013] The technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only a part of the embodiments of this application, and not all of the embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application. Unless otherwise defined, the technical or scientific terms used in this application should have the ordinary meaning understood by those skilled in the art. The words "first," "second," and similar terms used in this application do not indicate any order, quantity, or importance, but are only used to distinguish different components. The words "comprising" or "including," etc., mean that the element or object preceding the word covers the element or object listed after the word and its equivalents, but do not exclude other elements or objects. The words "connected," "coupled," or "connected," etc., are not limited to physical or mechanical connections, but can include electrical connections, whether direct or indirect. "Up," "down," "left," "right," etc., are only used to indicate relative positional relationships. When the absolute position of the described object changes, the relative positional relationship may also change accordingly.

[0014] Currently, all types of archives (especially accounting archives and contract archives) have legally mandated retention periods. Upon expiration of the retention period, archives must be appraised and destroyed according to prescribed procedures to free up storage space, reduce management costs, and protect information security. Archive destruction is an extremely serious and sensitive process, involving not only the destruction of the physical entity but also the alteration and eventual deletion of the corresponding digital archives within the information system.

[0015] In one example, the document destruction process typically involves an approval process completed within the management system, followed by the actual destruction operations performed by frontline staff. The destruction process relies on manual supervision and signed confirmation of paper lists. Specifically, the document destruction process often suffers from the following problems: The disconnect between physical and digital destruction: The destruction of physical archives (such as sending them to paper mills for pulping or to professional companies for shredding) and the change of status of digital archives (marked as "destroyed" in the system) are usually two independent and asynchronous operations. Staff may select "destroy" in the system, but the physical archives may not actually be destroyed for various reasons (such as forgetting or misplacement), and vice versa. This phenomenon leads to discrepancies between records and actual physical archives, posing significant compliance risks and potential information leaks.

[0016] The lack of process monitoring and evidence preservation: The destruction process often relies on manual supervision and signed confirmation of paper lists. The lack of objective and automated monitoring methods makes it difficult to ensure that every file that should be destroyed is destroyed, and also makes it difficult to prevent the accidental destruction of files that should not be destroyed. Once a problem occurs, subsequent tracing and determination of responsibility are extremely difficult.

[0017] The disconnect between authorization and execution: The approval process for destruction is completed within the management system, but the actual execution is carried out by frontline personnel in the physical world. The lack of an effective and mandatory technical link between authorization and physical execution creates the possibility of authorization abuse or execution errors.

[0018] However, in existing technologies, because the destruction process relies on manual supervision and signed confirmation of paper lists, it may be difficult to ensure that every file that should be destroyed is destroyed, and it is also difficult to prevent files that should not be destroyed from being destroyed by mistake. Once a problem occurs, it is very difficult to trace the source and determine responsibility, resulting in low accuracy and low efficiency in the destruction of files.

[0019] Therefore, the existing archive destruction process suffers from core problems such as a severe disconnect between the digital and physical worlds, a lack of effective process monitoring, unclear responsibilities, and significant operational risks.

[0020] The file destruction method provided in this application embodiment can be applied in a system architecture that may include: a server in the enterprise's backend and terminals of enterprise employees. The terminal is an electronic device, such as a smart file destruction machine. The interaction between the server and the terminal is not limited to the enterprise's backend and employees, but can also occur between enterprises, etc., without limitation. The server can be a physical server, a server cluster composed of multiple physical servers, or a distributed system. It can also be a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (CDNs), and big data and artificial intelligence platforms. The terminal can be a user equipment (UE) such as a mobile phone, smartphone, laptop, digital broadcast receiver, personal digital assistant (PDA), tablet computer (PAD), handheld device, in-vehicle device, wearable device, computing device or other processing device connected to a wireless modem, mobile station (MS), mobile terminal, etc. The terminal and the server can be connected directly or indirectly through wired or wireless communication methods, which is not limited in this application.

[0021] The preferred embodiments of this application are described below with reference to the accompanying drawings. It should be understood that the preferred embodiments described herein are for illustration and explanation only and are not intended to limit this application. Furthermore, the embodiments and features in the embodiments of this application can be combined with each other without conflict.

[0022] Figure 1 This is a flowchart illustrating a file destruction method provided in an embodiment of this application. Figure 1 As shown, the method may include: Step S101: Based on the destruction operation, obtain the destruction authorization code; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file.

[0023] For example, when a user initiates a destruction request to the server through the file management system on their terminal device, after the destruction request for one or a batch of digital files has gone through a legally mandated multi-level approval process and is finally approved, the server does not immediately change the file status to "destroyed." Instead, the server generates a unique, time-limited, one-time "destruction authorization code" (which can be a numeric string, QR code, or NFC command, etc.) for this file destruction task and binds this destruction authorization code to a list of IDs of the physical files to be destroyed, each corresponding to a digital virtual file. This destruction authorization code is then sent to the designated destruction executor via system message or mobile app.

[0024] The pre-installed intelligent document destruction machine is a professional shredding device integrating an industrial control computer, barcode scanner, RFID reader / writer, and camera. Staff must first verify their identity on the machine (e.g., by swiping an employee card or using fingerprint recognition). After successful verification, they enter or scan the destruction authorization code.

[0025] Step S102: Obtain and display the list of file identifiers to be destroyed corresponding to the destruction authorization code; if it is determined that the physical file to be destroyed is in the list of file identifiers to be destroyed, then start the physical destruction procedure to perform the destruction.

[0026] For example, the intelligent document destruction machine sends the destruction authorization code to the server for verification. After the server verifies the code, it sends the list of document identifiers to be destroyed (i.e., the list of document IDs to be destroyed) bound to the destruction authorization code to the intelligent document destruction machine. The intelligent document destruction machine then enters a "standby" state and displays the list of physical documents to be destroyed on the screen, i.e., the list of document identifiers to be destroyed.

[0027] The destruction personnel remove one document from the list of physical files to be destroyed. Each document has a pre-embedded RFID tag containing a unique identifier (ID). For each document, the personnel scan it on the RFID reader of the intelligent document destruction machine. After reading the document ID, the machine checks if the ID exists in the currently loaded "List of Document Identifiers to be Destroyed".

[0028] If the ID matches: The smart document destruction machine's screen will display "Verification Passed," and the physical destruction process will be initiated. This involves unlocking the feed inlet, allowing the personnel performing the destruction to place the document inside. Simultaneously, the smart document destruction machine's built-in wide-angle camera will begin recording video.

[0029] If the ID does not match: The intelligent document destruction machine will issue an audible and visual alarm, and the screen will display "Document error, destruction prohibited" and the feed inlet will remain locked.

[0030] Only after verification will the intelligent document destruction machine start the shredding motor to physically destroy the placed documents.

[0031] Optionally, the system can check whether the ID exists in the currently loaded "List of Files to be Destroyed". Alternatively, it can use image recognition technology to identify the ID on the physical file to be destroyed and determine whether the ID exists in the currently loaded "List of Files to be Destroyed". Or, multiple destruction personnel can manually check the ID separately, and when the ID is confirmed to be correct, the destruction personnel can trigger the confirmation button, thereby confirming that the ID exists in the currently loaded "List of Files to be Destroyed". There are no limitations on this method.

[0032] Step S103: If a destruction completion signal is generated, the destruction completion signal is uploaded to the server so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to "destroyed" based on the destruction completion signal.

[0033] For example, once a file has been completely destroyed (the passage through the inlet and outlet can be detected by sensors), the destruction machine performs the following operations: Generate a destruction completion signal; stop recording, and encrypt and upload the video clip containing the entire process of "file scanning-placement-shredding" to the evidence storage area of ​​the server after associating it with the file's ID.

[0034] Send a destruction completion signal containing the file ID to the server. The destruction completion signal indicates a confirmation message that "physical destruction is complete".

[0035] After the server receives this confirmation message and verifies that the video evidence has been successfully uploaded, it will automatically update the status of the corresponding digital virtual file in the database from "pending destruction" to "destroyed". The file destruction task ends when all physical files in the list to be destroyed have completed this process.

[0036] The method provided in this application embodiment obtains a destruction authorization code based on a destruction operation. The destruction authorization code is information generated for an archive destruction task. The archive destruction task includes multiple physical archives to be destroyed, and each physical archive corresponds to a digital virtual archive. A list of archive identifiers to be destroyed corresponding to the destruction authorization code is obtained and displayed. If it is determined that a physical archive to be destroyed is in the list of archive identifiers to be destroyed, the physical destruction procedure is initiated to execute the destruction. If a destruction completion signal is generated, the destruction completion signal is uploaded to the server so that the server updates the status of the digital virtual archive corresponding to the physical archive to be destroyed to "destroyed" based on the destruction completion signal. In this solution, the destruction authorization code is bound to the archive destruction task to ensure that only officially approved archive destruction tasks can be executed by physical devices. By determining whether the physical archive to be destroyed is in the list of archive identifiers to be destroyed, precise archive object matching is achieved, ensuring that the destroyed physical archive corresponds precisely to the same object as the digital archive destroyed by the system command. After the physical destruction is confirmed, the final status change of the digital archive is automatically triggered, achieving automatic synchronization of archive status and eliminating any time difference or human error. Therefore, through the above methods, a true "digital twin" closed loop is formed, from online digital instructions to offline physical actions, and then from physical results back to digital status. This establishes a closed-loop management system that ensures precise synchronization, strong correlation, and auditability between the "end of the digital archive lifecycle" and the "end of the physical form of the physical archive." It enables the simultaneous destruction of physical and digital archives based on destruction authorization codes and Internet of Things (IoT) linkage, significantly improving the efficiency and accuracy of the destruction work and greatly enhancing the security and compliance of the destruction process.

[0037] Figure 2 A flowchart illustrating a method for destroying archives provided in this application is shown below. Figure 2 As shown, in this embodiment... Figure 1 Based on the embodiments, the method is described in detail below, and the method includes: Step S201: Based on the authentication operation, identify the current executor; wherein the identification method includes at least one of the following: work card verification, biometric verification or password verification.

[0038] For example, firstly, the intelligent document destruction machine is a paper shredder and also an Internet of Things (IoT) terminal, with an embedded industrial PC at its core. External components: Touchscreen display for human-machine interaction; Multi-functional card reader supporting employee IC cards and QR code scanning; High-frequency / UHF RFID reader for reading document tags; At least one high-definition wide-angle camera installed to capture a complete view of the feed inlet and operating area; Multiple sensors, such as an infrared sensor to detect the insertion of objects and a current sensor to monitor motor load and determine the disposal process; Network module (wired or 4G / 5G) for real-time communication with the server.

[0039] Secondly, the authorized executor's dual identity verification process includes: the authorized executor tapping their work card on the card reader and / or entering their personal PIN code. The intelligent document destruction machine sends the identity information to the server for verification to confirm whether the employee has the authority to perform the destruction operation.

[0040] In this step, the identity of the current executor is verified based on the current executor's authentication operation; wherein the identity verification method includes at least one or more of the following: work card verification, biometric verification, password verification or personal PIN code, etc.

[0041] Step S202: Based on the destruction operation, obtain the destruction authorization code; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file.

[0042] In one example, the server generates the destruction authorization code in the following ways: the server generates a string based on the task identifier, timestamp, and random factor of the file destruction task; the server binds and stores the string with the list of file identifiers to be destroyed, the authorized executor identifier, and the validity period of a preset time period to generate the destruction authorization code.

[0043] For example, firstly, for the preset approval workflow, the archivist sends a destruction request to the server through the archival management system on the terminal device. The destruction request includes a list of archives to be destroyed. This destruction request will then be routed to relevant department heads, the financial director, the legal department, etc., for electronic approval according to the preset workflow engine.

[0044] Once the final node of the approval workflow is approved, the server triggers an "authorization code generation" microservice to generate a destruction authorization code. The destruction authorization code has the following attributes: Uniqueness: A high-strength random string or QR code payload is generated using a UUID or a hash algorithm combining a timestamp and task ID. Validity: An expiration date is set for the authorization code, such as 24 hours. The code automatically expires after this period to prevent the risk of long-term possession. Binding: A relational table is created in the database to strongly bind the destruction authorization code to the task ID, the list of files to be destroyed, and the authorized executor ID of this file destruction task.

[0045] The server pushes the destruction authorization code to a dedicated app on the authorized user's PC or mobile device via a secure internal messaging channel. If the destruction authorization code is a QR code, it can be displayed directly on the screen for easy scanning.

[0046] After successful identity verification in the previous step, the smart document destruction machine's interface prompts the user to enter a destruction authorization code to authorize the task. The authorized person enters the code via the touchscreen or scans the QR code on their mobile phone. The smart document destruction machine then sends the destruction authorization code to the server. The server verifies the code's validity and expiration date, and confirms whether the current operator is the authorized person for that code.

[0047] Only after both identity verification and task verification are passed will the server send the detailed information of this file destruction task (such as task name and list of files to be destroyed) to the intelligent file destruction machine, and the task will be successfully loaded.

[0048] Optionally, the server may generate the destruction authorization code in the following ways: the server generates a string based on the task identifier, timestamp, and random factor of the file destruction task; or the server binds and stores the string with a list of file identifiers to be destroyed, the authorized executor identifier, and the validity period of a preset time period to generate the destruction authorization code, etc. There are no restrictions on this.

[0049] Therefore, the "code + signature" dual verification mechanism combines the dual verification of the "task" (via the destruction authorization code) and the "item" (via the RFID tag), ensuring the accuracy of the operation. Furthermore, traditional destruction equipment can be transformed into an intelligent Internet of Things (IoT) terminal integrating human-computer interaction, multi-factor authentication, automatic evidence storage, and network communication capabilities, thereby improving the accuracy of document destruction during the document destruction process.

[0050] Step S203: Obtain and display the list of files to be destroyed corresponding to the destruction authorization code.

[0051] In one example, the destruction authorization code has a validity period of a preset time period; step S203 includes: if the server determines that the destruction authorization code is obtained within the preset time period, then the server obtains and displays the list of files to be destroyed corresponding to the destruction authorization code.

[0052] For example, the process begins with individual verification and physical destruction. First, all physical archives to be included in this management system are embedded with a passive, intelligent archive carrier containing a unique archive ID—an RFID tag—during their creation. For mandatory "one item, one code" verification, an authorized person picks up an archive from the pile to be destroyed and scans it against the RFID sensor area of ​​the intelligent archive destruction machine. The intelligent archive destruction machine's IPC reads the archive ID from the RFID tag. The IPC then searches and matches the ID against a list of archive identifiers to be destroyed loaded in its local memory.

[0053] Step S204: If it is determined that the physical file to be destroyed is in the list of files to be destroyed, then start the physical destruction procedure to perform the destruction.

[0054] In one example, S204 includes: scanning to determine the identifier of the entity file to be destroyed; if the identifier of the entity file to be destroyed is found in the list of file identifiers to be destroyed, then unlocking the preset destruction inlet and starting recording; if the identifier is not found in the list of file identifiers to be destroyed, then issuing an alarm and locking the destruction inlet.

[0055] For example, if a match is successful, a green "√" is displayed on the screen, along with a summary of the file's name and other information, for the operator to visually confirm. Simultaneously, the IPC controls an electromagnetic lock to unlock the feed inlet baffle.

[0056] If the matching fails, a red "X" will appear on the screen, accompanied by a rapid alarm sound. This could be due to the wrong file being used, or a mismatch between the system and the actual item. The feed inlet will remain locked, forcibly interrupting the operation.

[0057] Secondly, the process is automated and recorded. The moment RFID verification is successful, the IPC activates the camera to begin recording video via software commands. The video fully records the operator placing the verified document into the feed inlet and the entire process of the equipment starting the shredding process. The video stream can be watermarked in real-time with the document's ID and a timestamp. Therefore, by recording the destruction process, the key physical destruction steps are automatically and objectively recorded, achieving automatic evidence preservation and forming irrefutable evidence.

[0058] Step S205: If a destruction completion signal is generated, the destruction completion signal is uploaded to the server so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to "destroyed" based on the destruction completion signal.

[0059] In one example, S205 includes: the physical file to be destroyed has an identifier; if the physical file to be destroyed is detected to have been destroyed based on a preset sensor, the recording of the current file destruction process is stopped, and destruction video data is generated; the destruction video data is associated with the identifier of the destruction video data, and the associated destruction video data and identifier are sent to the server; a destruction completion signal containing the identifier is generated and sent to the server, so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

[0060] In one example, the recording is initiated when the identifier is found to be in the list of files to be destroyed; the destruction video data includes scanning the physical file to be destroyed, the physical file to be destroyed entering the preset destruction inlet, and the destruction and shredding process of the physical file to be destroyed.

[0061] For example, this step synchronizes destruction confirmation and status feedback, completing a closed-loop feedback from the physical world to the digital world. First, the completion confirmation of physical destruction is performed. Specifically, the intelligent document destruction machine determines whether a document has completely passed through the shredding device by monitoring the infrared sensor at the feed inlet (from being blocked to being unobstructed) and / or the load current of the shredding motor (from high load to no load).

[0062] Secondly, the automated operations on the device side are executed. Specifically, after confirming that physical destruction is complete, the IPC of the intelligent document destruction machine immediately performs the following atomic operations: Stop recording, generate and destroy video data, and compress the previously recorded and destroyed video data.

[0063] The compressed, destroyed video data is uploaded to a media server or object storage (such as S3, for example only) via an Application Programming Interface (API). During upload, the destroyed video data is associated with an identifier for the physical file to be destroyed; that is, the filename or metadata must contain the file's ID.

[0064] If the intelligent archive destruction machine receives a response from the server, it determines that the video upload was successful (for example, by receiving a 200 OK response from the server). Then, it generates a destruction completion signal containing an identifier and sends a lightweight destruction completion signal to the server. For example, the destruction completion signal is an HTTP POST or MQTT message with the content {"archive_id": "ARCHIVE_ID_XXX", "status": "PHYSICALLY_DESTROYED", "video_proof_url": "URL_TO_VIDEO"}.

[0065] Next, the final state change on the server side. After receiving a destruction completion signal indicating "physical destruction complete," the server executes a database transaction: First, verify the legitimacy of the message and confirm that the video evidence URL associated with the identifier in the destruction completion signal is valid, and that the video evidence URL stores compressed destruction video data.

[0066] Then, in the master archive table used to store digital virtual archives, the record with archive_id = ARCHIVE_ID_XXX is located, and the value of the status field is updated from 'PENDING_DESTRUCTION' to 'DESTROYED'. Simultaneously, the destruction log table records the operator, time, device ID, and video evidence link for this destruction. Finally, the transaction is committed, completing the status change of the archive. Only when this database transaction is successfully completed is the lifecycle of this digital archive truly ended in the system. The entire process requires no further manual intervention within the system.

[0067] Optionally, the recording is initiated when the identity identifier is found in the list of files to be destroyed. The destruction video data includes scanning the physical file to be destroyed, the physical file to be destroyed entering the preset destruction inlet, and the destruction and shredding process of the physical file to be destroyed.

[0068] Therefore, the construction of an automated chain of evidence involves designing a mechanism that automatically records the physical destruction process and associates the video evidence with specific file IDs for storage, thus achieving objective evidence preservation of the process. The automatic feedback loop for state changes constructs a complete technical loop from the completion of physical device execution to the automatic sending of a confirmation message to the server, and then to triggering automatic updates to the server's database state.

[0069] The method provided in this application embodiment identifies the current executor based on an identity verification operation; wherein the identity verification method includes at least one of the following: work card verification, biometric verification, or password verification. Based on a destruction operation, a destruction authorization code is obtained; the destruction authorization code is information generated for a file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file. A list of file identifiers to be destroyed corresponding to the destruction authorization code is obtained and displayed. If it is determined that a physical file to be destroyed is in the list of file identifiers to be destroyed, a physical destruction procedure is initiated to perform the destruction. If a destruction completion signal is generated, the destruction completion signal is uploaded to the server, so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to "destroyed" based on the destruction completion signal. Therefore, through the above methods, a true "digital twin" closed loop is formed, from online digital instructions to offline physical actions, and then from physical results back to digital status. This establishes a closed-loop management system that ensures precise synchronization, strong correlation, and auditability between the "end of the digital archive lifecycle" and the "end of the physical form of the physical archive." It enables the simultaneous destruction of physical and digital archives based on destruction authorization codes and Internet of Things (IoT) linkage, significantly improving the efficiency and accuracy of the destruction work and greatly enhancing the security and compliance of the destruction process.

[0070] In one example, this application embodiment also provides a file destruction system, which includes: a server capable of generating and managing destruction authorization codes; and an intelligent file destruction machine configured to perform the steps of the above-described method. This system can manage the entire process from destruction approval, authorization issuance, execution monitoring to final status confirmation.

[0071] Therefore, the specific beneficial effects are as follows: This achieves mandatory synchronization between physical and digital data: through a dual binding of "authorization code + RFID," it ensures that only the physical entity corresponding to an authorized digital file can be physically destroyed. Furthermore, an automatic data transmission mechanism ensures that the digital status is only updated for physically destroyed files. This fundamentally eliminates the problem of discrepancies between records and reality.

[0072] This significantly enhances the security and compliance of the destruction process: a one-time, time-limited authorization code mechanism, along with individual verification of operators and archive entities, minimizes the possibility of misoperation and deliberate damage. The entire process is video-recorded, providing irrefutable objective evidence for auditing and accountability, fully meeting the most stringent compliance requirements.

[0073] This significantly improves the efficiency and accuracy of the destruction process: transforming the cumbersome manual verification, signing, and supervision process into a highly efficient and precise "scan-to-place" assembly line operation. The system automatically completes all recording and status updates, reducing manpower and avoiding errors that may occur with manual recording.

[0074] A complete lifecycle closed-loop management system has been established: the destruction process is also included in the management scope of the digital twin, realizing the digital, automated, and traceable closed-loop management of the entire lifecycle from file creation, circulation, storage to final destruction.

[0075] Corresponding to the above method, embodiments of this application also provide an archive destruction device, such as... Figure 3 As shown, the device includes: The acquisition module 41 is used to acquire a destruction authorization code based on the destruction operation; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file. The destruction module 42 is used to obtain and display a list of file identifiers to be destroyed corresponding to the destruction authorization code; if it is determined that the physical file to be destroyed is in the list of file identifiers to be destroyed, the physical destruction program is started to perform the destruction. The update module 43 is used to upload the destruction completion signal to the server if a destruction completion signal is generated, so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

[0076] The functions of each functional unit of the archive destruction device provided in the above embodiments of this application can be realized through the above methods and steps. Therefore, the specific working process and beneficial effects of each unit in the archive destruction device provided in the embodiments of this application will not be repeated here.

[0077] This application also provides an electronic device, such as... Figure 4 As shown, it includes a processor 510, a communication interface 520, a memory 530, and a communication bus 540, wherein the processor 510, the communication interface 520, and the memory 530 communicate with each other through the communication bus 540.

[0078] Memory 530 is used to store computer programs; The processor 510 performs the above steps when executing the program stored in the memory 530.

[0079] The communication bus mentioned above can be a Peripheral Component Interconnect (PCI) bus or an Extended Industry Standard Architecture (EISA) bus, etc. This communication bus can be divided into address bus, data bus, control bus, etc. For ease of illustration, only one thick line is used to represent it in the diagram, but this does not mean that there is only one bus or one type of bus.

[0080] The communication interface is used for communication between the aforementioned electronic devices and other devices.

[0081] The memory may include random access memory (RAM) or non-volatile memory (NVM), such as at least one disk storage device. Optionally, the memory may also be at least one storage device located remotely from the aforementioned processor.

[0082] The processors mentioned above can be general-purpose processors, including central processing units (CPUs), network processors (NPs), etc.; they can also be digital signal processors (DSPs), application-specific integrated circuits (ASICs), field-programmable gate arrays (FPGAs), or other programmable logic devices, discrete gate or transistor logic devices, or discrete hardware components.

[0083] The implementation methods and beneficial effects of the various components of the electronic device in the above embodiments for solving the problem can be found in [reference needed]. Figure 1 The steps in the illustrated embodiments are used to implement the electronic device. Therefore, the specific working process and beneficial effects of the electronic device provided in this application will not be repeated here.

[0084] In another embodiment provided in this application, a computer-readable storage medium is also provided, which stores instructions that, when executed on a computer, cause the computer to perform any of the file destruction methods described in the above embodiments.

[0085] In another embodiment provided in this application, a computer program product containing instructions is also provided, which, when run on a computer, causes the computer to perform any of the file destruction methods described in the above embodiments.

[0086] Those skilled in the art will understand that the embodiments in this application can be provided as methods, systems, or computer program products. Therefore, the embodiments in this application can take the form of a completely hardware embodiment, a completely software embodiment, or an embodiment combining software and hardware aspects. Furthermore, the embodiments in this application can take the form of a computer program product implemented on one or more computer-usable storage media (including but not limited to disk storage, CD-ROM, optical storage, etc.) containing computer-usable program code.

[0087] This application describes embodiments of methods, apparatus (systems), and computer program products according to embodiments of this application with reference to flowchart illustrations and / or block diagrams. It will be understood that each block of the flowchart illustrations and / or block diagrams, and combinations of blocks in the flowchart illustrations and / or block diagrams, can be implemented by computer program instructions. These computer program instructions can be provided to a processor of a general-purpose computer, special-purpose computer, embedded processor, or other programmable data processing apparatus to produce a machine, such that the instructions, which execute via the processor of the computer or other programmable data processing apparatus, generate instructions for implementing the flowchart illustrations. Figure 1 One or more processes and / or boxes Figure 1 A device that provides the functions specified in one or more boxes.

[0088] These computer program instructions may also be stored in a computer-readable storage medium that can direct a computer or other programmable data processing device to function in a particular manner, such that the instructions stored in the computer-readable storage medium produce an article of manufacture including instruction means, which are implemented in a process Figure 1 One or more processes and / or boxes Figure 1 The function specified in one or more boxes.

[0089] These computer program instructions may also be loaded onto a computer or other programmable data processing equipment to cause a series of operational steps to be performed on the computer or other programmable equipment to produce a computer-implemented process, thereby providing instructions that execute on the computer or other programmable equipment for implementing the process. Figure 1 One or more processes and / or boxes Figure 1 The steps of the function specified in one or more boxes.

[0090] Although preferred embodiments have been described in this application, those skilled in the art, upon learning the basic inventive concept, can make other changes and modifications to these embodiments. Therefore, the appended claims are intended to be interpreted as including the preferred embodiments as well as all changes and modifications falling within the scope of the embodiments of this application.

[0091] Obviously, those skilled in the art can make various modifications and variations to the embodiments of this application without departing from the spirit and scope of the embodiments of this application. Therefore, if these modifications and variations to the embodiments of this application fall within the scope of the claims in this application and their equivalents, then this application also intends to include these modifications and variations.

Claims

1. A method for destroying archives, characterized in that, The method includes: Based on the destruction operation, a destruction authorization code is obtained; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file. Obtain and display the list of file identifiers to be destroyed corresponding to the destruction authorization code; if it is determined that the physical file to be destroyed is in the list of file identifiers to be destroyed, then start the physical destruction procedure to perform the destruction. If a destruction completion signal is generated, the destruction completion signal is uploaded to the server so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

2. The method as described in claim 1, characterized in that, If it is determined that the physical file to be destroyed is in the list of files to be destroyed, then the physical destruction procedure is initiated to perform the destruction, including: Scan to determine the identity identifier of the entity file to be destroyed; if the identity identifier of the entity file to be destroyed is determined to be in the list of file identifiers to be destroyed, then unlock the preset destruction inlet and start recording; If it is determined that the identity identifier is not in the list of files to be destroyed, an alarm is issued and the destruction inlet is locked.

3. The method as described in claim 1, characterized in that, The physical file to be destroyed corresponds to an identity identifier; if a destruction completion signal is generated, the destruction completion signal is uploaded to the server, so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed to destroyed based on the destruction completion signal, including: If the sensor detects that the entity file to be destroyed has been destroyed, the recording of the current file destruction process is stopped, and destruction video data is generated. Associate the destroyed video data with the identity identifier of the entity file to be destroyed, and send the associated destroyed video data and the identity identifier to the server; A destruction completion signal containing the identity identifier is generated and sent to the server so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

4. The method as described in claim 3, characterized in that, The video recording is initiated when the identity identifier is determined to be in the list of files to be destroyed; the destruction video data includes scanning the physical file to be destroyed, the physical file to be destroyed entering a preset destruction inlet, and the destruction and shredding process of the physical file to be destroyed.

5. The method as described in claim 1, characterized in that, The server generates and destroys authorization codes in the following ways: The server generates a string based on the task identifier, timestamp, and random factor of the file destruction task. The server binds and stores the string with the list of files to be destroyed, the authorized executor's identifier, and the validity period of a preset time period, and generates a destruction authorization code.

6. The method as described in claim 1, characterized in that, Before the step of obtaining the destruction authorization code based on the destruction operation, the method further includes: Based on the authentication operation, the identity of the current executor is identified; wherein the identity identification method includes at least one of the following: work card verification, biometric verification, or password verification.

7. The method according to any one of claims 1-6, characterized in that, The destruction authorization code has a preset validity period; Obtain and display a list of file identifiers to be destroyed corresponding to the destruction authorization code, including: If the server determines that it will obtain the destruction authorization code within a preset time period, it will obtain and display a list of file identifiers to be destroyed corresponding to the destruction authorization code.

8. An archive destruction device, characterized in that, The device includes: The acquisition module is used to acquire a destruction authorization code based on the destruction operation; the destruction authorization code is information generated for the file destruction task; the file destruction task includes multiple physical files to be destroyed, and each physical file to be destroyed corresponds to a digital virtual file. The destruction module is used to obtain and display a list of file identifiers to be destroyed corresponding to the destruction authorization code; if it is determined that the physical file to be destroyed is in the list of file identifiers to be destroyed, the physical destruction program is started to perform the destruction. An update module is used to upload a destruction completion signal to the server if a destruction completion signal is generated, so that the server updates the status of the digital virtual file corresponding to the physical file to be destroyed to destroyed as destroyed based on the destruction completion signal.

9. An electronic device, characterized in that, The electronic device includes a processor, a communication interface, a memory, and a communication bus, wherein the processor, the communication interface, and the memory communicate with each other through the communication bus; Memory, used to store computer programs; A processor, when executing a program stored in memory, implements the method of any one of claims 1-7.

10. A computer-readable storage medium, characterized in that, The computer-readable storage medium stores a computer program that, when executed by a processor, implements the method described in any one of claims 1-7.