Knowledge recommendation method, system and device based on scene perception and dynamic permission

Abstract

The application provides a knowledge recommendation method, system and device based on scene perception and dynamic permission, the method comprising: acquiring all documents in a knowledge base and the secret levels of the documents, and establishing a mapping relationship according to the similarity of keywords and page scenes in each document; acquiring the query intention of a user and the permission level of the user, selecting target documents according to the query intention and the mapping relationship, and sorting the target documents to generate an initial recommendation list; in turn, judging whether the secret level of each target document in the initial recommendation list is greater than the permission level of the user; if yes, then judging whether the target document is a top-secret document; in response to the target document being a top-secret document, eliminating the target document from the initial recommendation list; in response to the target document not being a top-secret document, hiding the entity content in the target document in the initial recommendation list to generate a coded document. The problems of mismatch between a recommendation scene and a business scene and security hindering knowledge sharing are solved.

Description

Technical Field

[0001] This application relates to the field of computer technology, and in particular to knowledge recommendation methods, systems and devices based on scene awareness and dynamic permissions. Background Technology

[0002] With the deepening of digital transformation in the power industry, provincial-level operational knowledge platforms (such as power grid resource platforms and customer service platforms) have accumulated massive amounts of operational knowledge assets, including interface specifications, operation and maintenance manuals, and fault reference databases. In actual operation, the efficient acquisition and secure sharing of knowledge from large amounts of multi-dimensional data faces significant challenges. For example, scenario fragmentation leads to inaccurate recommendations; traditional search engines mainly rely on keyword matching, but the same keyword can have vastly different meanings in different business scenarios. Furthermore, there is a conflict between data security and knowledge reuse. Power data includes sensitive information, and high-value documents containing even small amounts of sensitive information cannot be shared with frontline operation and maintenance personnel, hindering the transmission of experience. Summary of the Invention

[0003] In view of this, the purpose of this application is to propose a knowledge recommendation method, system and device based on scene awareness and dynamic permissions, which solves the problems of mismatch between recommendation scenarios and business scenarios and security obstacles to knowledge sharing.

[0004] To achieve one of the aforementioned objectives, this application provides a knowledge recommendation method based on scene awareness and dynamic permissions, the method comprising: Obtain all documents in the knowledge base and their security classification, and establish a mapping relationship between the keywords in each document and the page scene. Obtain the user's query intent and user's permission level, select target documents based on the query intent and the mapping relationship, sort the target documents, and generate an initial recommendation list; The system sequentially determines whether the security level of each target document in the initial recommendation list is greater than the user's permission level; if so, it continues to determine whether the target document is a top-secret document; if the target document is a top-secret document, the target document is removed from the initial recommendation list. If the target document is not a top-secret document, the entity content in the target document is hidden in the initial recommendation list, and a masked document is generated.

[0005] As a further improvement to one embodiment of this application, the step of establishing a mapping relationship based on the similarity between keywords in each document and the page scene includes: Construct a feature vector for each page scene, wherein the feature vector consists of page identifier, functional domain encoding, and associated department features; Keywords in the document are extracted using the term frequency-inverse document frequency algorithm. The similarity between the vector of the keyword and each feature vector is calculated, and a mapping relationship is established based on the similarity.

[0006] As a further improvement to one embodiment of this application, the step of obtaining the user's query intent and the user's permission level includes: Identify the user's access path. When the user accesses a page, obtain a multi-dimensional context request tensor. The multi-dimensional context request tensor is used to represent the query intent and the permission level. The multidimensional context request tensor is parsed to generate the user's identity identifier, the user's permission level, the user's historical behavior sequence, and the keywords of the query statement entered by the user.

[0007] As a further improvement to one embodiment of this application, the step of selecting target documents based on the query intent and the mapping relationship, sorting the target documents, and generating an initial recommendation list includes: Based on the query statement in the query intent, a preliminary detection is performed in the knowledge base to generate a candidate document set; Based on the query intent and the mapping relationship, the confidence score of the target document in the candidate document set is calculated. Based on the confidence score of the target document, the target documents are arranged in order to generate the initial recommendation list.

[0008] As a further improvement to one embodiment of this application, the step of calculating the confidence score of the target document in the candidate document set includes: The confidence score is calculated using the following formula: ; Among them, S final (d) k ) is the target document d k The confidence score, Sim(Q, d) k I(ID) represents the semantic similarity score between the query and the target document. page d k The scene indicator function (N) outputs 1 if the tags of the target document match the identifier of the current page, and 0 otherwise. N(Heat) is the heat value of the target document. λ is the time-dependent attenuation factor, and t is the attenuation coefficient. now t represents the current time. pub The value represents the publication time, and α, β, and γ are dynamic weights.

[0009] As a further improvement to one embodiment of this application, after sequentially determining whether the security level of each target document in the initial recommendation list is greater than or equal to the user's permission level, the method further includes: If not, then the target document can be displayed in plaintext.

[0010] As a further improvement to one embodiment of this application, the step of hiding the entity content of the target document in the initial recommendation list and generating a masked document in response to the target document not being a top-secret document includes: If the target document is not a top-secret document, then the sensitive nodes that need to be covered in the target document are located using real-time naming recognition technology. The sensitive nodes are replaced using an execution character stream mask to generate the masked document.

[0011] Based on the same inventive concept, this application also provides a knowledge recommendation system based on scene awareness and dynamic permissions, including: The acquisition module is used to acquire all documents in the knowledge base and the security level of the documents, and to establish a mapping relationship between the keywords in the documents and the similarity between the page scene; The list generation module is used to obtain the user's query intent and the user's permission level, select target documents according to the query intent and the mapping relationship, sort the target documents, and generate an initial recommendation list; The judgment module sequentially determines whether the security level of each target document in the initial recommendation list is greater than the user's permission level; if so, it continues to determine whether the target document is a top secret document. The first response module, in response to the fact that the target document is a top-secret document, removes the top-secret document from the initial recommendation list; The second response module, in response to the fact that the target document is not a top-secret document, hides the entity content in the target document in the initial recommendation list and generates a masked document.

[0012] As a further improvement to one embodiment of this application, the system further includes: The front-end interaction layer and the server are configured to obtain a multi-dimensional context request tensor when a user accesses a page, and send the multi-dimensional context to the server. The server-side includes a feature extraction module, a hybrid sorting engine, and a dynamic desensitization rendering engine; The feature extraction module is used to parse the multidimensional context request tensor to generate the user's identity identifier, the user's permission level, the user's historical behavior sequence, and the keywords of the query statement entered by the user; The hybrid sorting module is used to perform preliminary detection in the knowledge base based on the query statement in the query intent and the mapping relationship, generate a candidate document set, calculate the confidence score of the target document in the candidate document set, and arrange the documents in order according to the confidence score of the target document to generate the initial recommendation list. The dynamic desensitization rendering engine is used to locate sensitive nodes that need to be masked in the non-top-secret target document using real-time naming recognition technology, and replace the sensitive nodes using execution character stream masking to generate the masked document; The data storage layer includes a graph database and a document object storage, wherein the graph database stores the mapping relationship and the document object storage stores the documents.

[0013] Based on the same inventive concept, this application also provides a non-transitory computer-readable storage medium that stores computer instructions for causing a computer to execute a knowledge recommendation method based on scene awareness and dynamic permissions.

[0014] Based on the same inventive concept, this application also provides an electronic device, including: a processor and a memory; the memory stores a computer program, which, when executed by the processor, causes the processor to perform the steps of the knowledge recommendation method based on scene awareness and dynamic permissions.

[0015] Compared with existing technologies, the technical advantages of this invention are as follows: by constructing a mapping relationship between scenarios and knowledge bases, accurate scenario-based recommendations are achieved, effectively solving the retrieval problem of homonymous but different meanings; furthermore, based on entity recognition and subsequent hiding processing, fine-grained secure access is achieved, with "visible titles, shared experiences, and hidden sensitive data," breaking the traditional "black and white" access control, enabling low-privilege users to learn the content of core documents, while core data is strictly protected. Attached Figure Description

[0016] To more clearly illustrate the technical solutions in this application or related technologies, the drawings used in the description of the implementation methods or related technologies will be briefly introduced below. Obviously, the drawings described below are only the implementation methods of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.

[0017] Figure 1 A flowchart of a knowledge recommendation method based on scene awareness and dynamic permissions provided in one embodiment of this application; Figure 2 A schematic diagram of a knowledge recommendation system based on scene awareness and dynamic permissions provided for the implementation of this application; Figure 3 A schematic diagram of a dynamic desensitization rendering engine provided for an embodiment of this application; Figure 4 This is a schematic diagram of the hardware structure of an electronic device provided for an embodiment of this application. Detailed Implementation

[0018] The present invention will now be described in detail with reference to the specific embodiments shown in the accompanying drawings. However, these embodiments do not limit the present invention, and any structural, methodological, or functional modifications made by those skilled in the art based on these embodiments are included within the scope of protection of the present invention.

[0019] It should be noted that, unless otherwise defined, the technical or scientific terms used in the embodiments of this application should have the ordinary meaning understood by those skilled in the art to which this application pertains. The terms "first," "second," and similar terms used in the embodiments of this application do not indicate any order, quantity, or importance, but are merely used to distinguish different components. Terms such as "comprising" or "including" mean that the element or object preceding the word encompasses the elements or objects listed following the word and their equivalents, without excluding other elements or objects.

[0020] With the digital transformation of the power industry, efficiently and securely acquiring accurate knowledge from massive amounts of data faces enormous challenges.

[0021] For example, fragmented scenarios lead to inaccurate recommendations. Traditional search engines primarily rely on keyword matching. However, the same keyword can have different meanings in different business scenarios. For instance, "anomaly handling" on a "marketing electricity bill collection page" means financial process correction, while on an "equipment operation and maintenance page" it means physical line troubleshooting. This lack of scenario awareness results in a low signal-to-noise ratio for the recommendation results. Another example is the conflict between data security and knowledge reuse. Power data contains sensitive information (such as substation coordinates and power supply personnel phone numbers). Existing access control mainly uses coarse-grained RBAC (role-based access control), i.e., "file-level" blocking—if permissions are insufficient, it is completely invisible. This prevents high-value documents containing a small amount of sensitive information from being shared with frontline operations and maintenance personnel, hindering the transfer of experience.

[0022] Existing technical solutions may employ recommendation techniques, such as collaborative filtering or simple semantic similarity calculations, but these do not incorporate the user's current business operation context (e.g., page ID, DOM structure features) into the ranking weight. Alternatively, permission-based techniques can be used to filter data at the database query layer. If the conditions are not met, no data is returned.

[0023] Existing technologies have the following drawbacks: First, they lack runtime scenario awareness, failing to differentiate user needs across various business processing stages, resulting in uniform recommendation results. Second, their "one-size-fits-all" access control lacks the ability to provide partial visibility, shielding large amounts of general knowledge content to protect only a small amount of sensitive data, leading to a waste of knowledge assets. Third, static data masking lacks flexibility; traditional masking typically involves masking data upon entry into the database, failing to dynamically determine whether to display plaintext or masked text based on the visitor's access level.

[0024] To address the aforementioned problems, this application provides a knowledge recommendation method based on scene awareness and dynamic permissions, such as... Figure 1 As shown, it includes the following steps: Step S100: Obtain all documents in the knowledge base and their security levels, and establish a mapping relationship based on the similarity between keywords in each document and the page scene.

[0025] Specifically, this step is the initialization process, providing a data foundation for subsequent steps. By establishing mapping relationships between keywords, we can understand the user's intent when staying on a particular page, effectively building a connection between the page and the knowledge. Establishing mapping relationships in advance allows for rapid matching of document-scene relevance during online runtime. This is based on precise scene mapping for specific business systems, avoiding performance delays caused by real-time calculations, providing a data foundation for contextualized recommendations, and solving the problem of "the same keyword having different meanings in different business scenarios."

[0026] In one possible implementation of this application, step S100, which establishes a mapping relationship based on the similarity between keywords in the document and the page scene, includes the following steps: Step S110: Construct a feature vector for each page scene. The feature vector consists of the page's identifier, functional domain encoding, and associated department features.

[0027] Specifically, first define the system front-end page set P = {p1, p2, ..., pn}. For each page p i Define the features and construct the scene feature vector, expressed as the following formula: ; Among them, V scene ID is the feature vector of the scene. page v is the identifier for the page. func For functional domain encoding, v dept Characteristics of related departments.

[0028] It should be noted that ID pageThe page identifier specifically refers to the unique code (OPS_LOSS_CHECK) of the front-end route in the middleware system. This identifier is not only a page index, but also a core parameter for constructing the "scenario feature vector," used to map the user's business intent (such as "equipment maintenance" or "marketing and charging") on the server side. Compared to the context analysis commonly used in existing technologies, it can more accurately determine the user's intent, providing more accurate reference data for selecting target documents in subsequent steps.

[0029] Step S120: Use the term frequency-inverse document frequency algorithm to extract keywords from the document, calculate the similarity between the keyword vector and each feature vector, and establish a mapping relationship based on the similarity.

[0030] Specifically, the Term Frequency-Inverse Document Frequency (TF-IDF) algorithm is used to extract keywords from the knowledge base, calculate their similarity to the vectors of each scenario, and establish a mapping relationship in the database. The TF-IDF algorithm is used to evaluate the importance of keywords in the document set, thereby establishing the initial association mapping weight between "knowledge documents" and "business scenarios".

[0031] In a specific implementation, a "scene node - document node" connection edge is established in a graph database (such as Neo4j), and the weight of the edge is the similarity value.

[0032] Step S200: Obtain the user's query intent and user's permission level, select target documents based on query intent and mapping relationship, sort the target documents, and generate an initial recommendation list.

[0033] Specifically, by associating scenarios with knowledge and analyzing user queries, the system identifies user intent and provides an initial recommendation list that matches that intent, thus achieving accurate scenario-based recommendations.

[0034] In one possible implementation of this application, obtaining the user's query intent and user's permission level in step S200 includes: Step S210: Identify the user's access path. When the user accesses a page, obtain the multidimensional context request tensor. The multidimensional context request tensor is used to represent the query intent and permission level.

[0035] Step S220: Parse the multidimensional context request tensor to generate the user's identity identifier, user's permission level, user's historical behavior sequence, and keywords of the query statement entered by the user.

[0036] Specifically, when a user visits a page, the front-end software development kit (SDK) retrieves the multidimensional context request tensor in real time and sends it to the server. The context request tensor is represented as: ; Among them, T req For the multidimensional context request tensor, ID current-page This represents the page the user is currently visiting. A vector representing the user's permission levels. Q is the user's historical behavior sequence. input These are the keywords in the user's query.

[0037] It should be noted that the context request tensor T of the defined mathematical structure rep This method aggregates multi-source user features, including not only query terms but also user roles, departments, current pages, and short-term behavior sequences in vector form, which serve as input to the recommendation algorithm. The keywords in the query statement represent explicit intent, while the currently accessed page represents contextual intent, reflecting the current stage of the business process.

[0038] In specific implementations, the user's permission level vector includes the user's role level or the tag of the part they belong to. The user's historical behavior sequence is a short-term behavior sequence, more specifically, it can be an embedding representation of the user's five most recent click paths.

[0039] In one possible implementation of this application, step S200 includes: Step S220: Based on the query statement in the query intent, perform preliminary detection in the knowledge base to generate a candidate document set.

[0040] Step S230: Calculate the confidence score of the target documents in the candidate document set according to the query intent and mapping relationship, and arrange the target documents in order according to the confidence score of the target documents to generate an initial recommendation list.

[0041] Specifically, the server receives a user request, performs a preliminary search in the knowledge base, and retrieves a set of relevant candidate documents. The documents in the candidate document set are then sorted according to their confidence scores to generate an initial recommendation list with a specific order.

[0042] In one possible implementation of this application, calculating the confidence score in step S220 includes: By incorporating a modified version of Newton's law of cooling, a hybrid ranking model is constructed, and a confidence score is calculated for each document: ; Among them, S final (d) k ) is the target document d k The confidence score, Sim(Q, d) k I(ID) represents the semantic similarity score between the query and the target document.page d k The `<target>` tag is the scene indicator function. If the target document's tags match the current page's identity, the scene indicator function outputs 1; otherwise, it outputs 0. `N` (Heat) represents the target document's heat value. λ is the time-dependent attenuation factor, and t is the attenuation coefficient. now t represents the current time. pub The value represents the publication time, and α, β, and γ are dynamic weights. The dynamic weight β ensures that specific documents are prioritized for particular scenarios.

[0043] It should be noted that the target document's popularity score represents a normalized representation of access frequency or clicks, used to measure the document's popularity. The timeliness decay factor ensures that the score for older documents automatically decreases. The popularity score and the timeliness decay factor together constitute the popularity weight to be decayed over time. Dynamic weights are automatically adjusted based on user profiles. After calculating the confidence score of the target document using the above formula, newly published and popular target documents score higher, while older documents score lower over time (i.e., t...). now -t pub (The increase in the weight of popular documents) will automatically reduce the weight of even highly popular documents. This is in line with the design concept of incorporating the transformation of Newton's law of cooling to automatically reduce the weight of outdated knowledge.

[0044] In other implementations of this application, the current intent can be predicted using a Long Short-Term Easy Network (LSTM) model by utilizing the user's historical click stream.

[0045] Step S300: Sequentially determine whether the security level of each target document in the initial recommendation list is greater than the user's permission level; if so, continue to determine whether the target document is a top secret document.

[0046] Specifically, the initial recommendation list contains all user-related documents, but a significant portion of these documents have security requirements and need to be removed to prevent encrypted data leakage. User permission levels are represented by permission vector U. auth The document's security classification is indicated by D. level This means that if U auth ≥D level If U is identified as a high-privilege user, the document will be output as plaintext. auth <D level The system has been determined to have insufficient permissions, and the process will proceed to the next step.

[0047] In one possible implementation of this application, after step S300 sequentially determining whether the security level of each target document in the initial recommendation list is greater than the user's permission level, the method further includes: Step S301: If not, then confirm that the document can be displayed in plain text.

[0048] Specifically, if the security level of the target document is less than or equal to the user's access level, the entire content of the document can be displayed to the user.

[0049] In step S410, in response to the target document being a top-secret document, the target document is removed from the initial recommendation list.

[0050] In step S420, in response to the fact that the target document is not a top-secret document, the entity content in the target document is hidden in the initial recommendation list, and a masked document is generated.

[0051] Specifically, when a user's viewing permissions are insufficient, it is necessary to further determine whether the target document is a top-secret document. If it is a top-secret document, the user with the current permission level will definitely not be able to view it, and the top-secret document will be directly presented in the recommendation list. If it is not a top-secret document, it means that the user with the current permissions only does not have permission to view the key entities in the document, but can still view other content. Therefore, the entity parts of this type of document are redacted before being made available for the user to view.

[0052] It should be noted that a secure rendering technique is used, which does not modify the original database content when the server responds to an HTTP request. Instead, it replaces the sensitive entity data stream with mask characters in memory in real time according to the current user's permission level.

[0053] In one possible implementation of this application, step S420 includes: Step S421: In response to the fact that the target document is not a top secret document, the sensitive nodes that need to be covered in the document are located using real-time naming recognition technology.

[0054] Step S422: Use the execution character stream mask to replace sensitive nodes and generate a masked document.

[0055] Specifically, sensitive nodes in the target document are masked using desensitization techniques. First, named real-time recognition technology (NER dynamic desensitization) is used to locate sensitive nodes in the target document, which are then represented as follows: ; Specifically, Set sens For the set of sensitive nodes that need to be de-identified, pos i The position of the i-th sensitive entity in the target document (e.g., character offset or byte position), type i Let be the type label of the i-th sensitive entity (such as [PHONE] phone number, [LOCATION] coordinates, [IP] address, etc.), n be the total number of sensitive entities identified in the target document, and i=1 indicates from the 1st sensitive entity to the nth.

[0056] After performing character masking to replace sensitive nodes, for example, the phone number 12345678 will be masked as 12xxxx78, and the coordinates [120, 5, 30, 2] will be masked as [hidden].

[0057] In other possible implementations of this application, front-end JavaScript is used for masking, that is, the server returns plaintext, and the front-end displays it with the masked text.

[0058] In one possible implementation of this application, the processed data stream, i.e., the list of documents after removing top-secret documents and replacing them with coded documents, is assembled into JSON format and returned to the front end for rendering and display.

[0059] In one embodiment of this application, a knowledge recommendation method based on scene awareness and dynamic permissions includes: Step S1: The front-end software development kit captures the user's page context and query intent in real time and assembles them into a multi-dimensional context request tensor.

[0060] Step S2: The server receives the request and performs a preliminary coarse-sorting retrieval in the knowledge base.

[0061] Step S3: Calculate the hybrid score using scene features and semantic model.

[0062] Step S4: Generate an initial recommendation list containing multiple target documents based on the scores.

[0063] Step S5: Traverse the list and determine if the user role level is greater than or equal to the document security level. If yes, proceed to S8; otherwise, proceed to S6.

[0064] Step S6: Determine whether the current target document is classified as top secret. If so, trigger the circuit breaker mechanism to remove the target document from the recommendation list and make it invisible to the user. If not, it means that the target document can be viewed in anonymized form, and proceed to S7.

[0065] Step S7: Call the NER algorithm to identify sensitive entities in the target document and perform real-time mask replacement.

[0066] Step S8 returns the final list containing "plaintext documents" and "de-identified documents" to the front-end for rendering.

[0067] In a specific embodiment of this application, a knowledge recommendation method based on scene awareness and dynamic permissions includes: In step S101, the system pre-processes the documents in the knowledge base. For example, document d1, "2023 Sensitive Electricity Consumption Report for Large Industrial Customers," is identified as containing the keywords "electricity consumption" and "payment," and is marked as Level 3 (Confidential); document d2, "Power Supply Guarantee Plan for a Military Management Area," is marked as Level 5 (Top Secret). Simultaneously, a scenario association is established, creating a strong mapping between the keyword "electricity consumption" and the "Customer Panoramic View" page.

[0068] Step S102: When employee A enters "electricity consumption analysis" in the search box, the front-end SDK captures and generates tensor T. req Calculation formula: ; The request was sent to the server.

[0069] In steps S103-S105, the recommendation engine first recalls relevant documents d1, d2, etc. Then, it calculates the confidence score using a nonlinear mixture objective function. The system detects that the user is currently in the View-Cust-001 scene, thus triggering the scene weighting logic: Calculation formula: ; Because document d1's tags closely match the current page, its beta score is 1, significantly boosting d1's overall ranking and placing it at the top of the recommended list. In contrast, generic documents score lower due to mismatched context.

[0070] Step S106: The system iterates through the initial recommendation list. ① Document d1 (Confidential, Level 3): User permissions (Level 2) are lower than the document's security level (Level 3), so it is determined that permissions are insufficient, and proceeds to S106. ② Document d2 (Top Secret, Level 5): User permissions (Level 2) are lower than the document's security level (Level 5), so it is determined that permissions are insufficient, and proceeds to S107.

[0071] Step S107, Top Secret Circuit Breaker Determination. For document d2, the system reads its attributes and finds that it is tagged with Tag: Top_secrt (Top Secret). According to the circuit breaker mechanism of this method, d2 is directly removed from the recommended list. Employee A cannot see the document at all in the final structure, thus physically isolating the risk of core secret leakage. For document d1, the system reads its attributes and finds that it is tagged with Tag: Confidential (Confidential, but anonymization is allowed). The determination passes, proceed to step S108.

[0072] Step S108, NER dynamic desensitization. The system scans the content of document d1 in real time and calls the Named Entity Recognition (NER) model. The NER model locates the customer phone number 13988886666 and the transformer coordinates [119.2, 29.5] in the text. The system performs character replacement in memory: 13988886666 → 139xxxx6666; [119.2, 29.5] → [data hiding].

[0073] In step S109, the JSON data finally returned to the front end shows that the summary and body of document d1 have been de-identified. Employee A can only see the business data that has been securely processed, but cannot see the plaintext of sensitive entities, nor can he see the top-secret document d2.

[0074] The beneficial effects of the knowledge recommendation method based on scene awareness and dynamic permissions disclosed in the embodiments of this application are as follows: This method introduces indicator functions based on page representations, enabling the recommendation algorithm to possess business context awareness, effectively solving the retrieval problem of homonymous names and improving the accuracy of scene perception. Utilizing innovative dynamic mask injection technology, it breaks the "black and white" access control, allowing low-privilege users to learn the operation process of core documents, while core sensitive data is strictly protected, greatly promoting knowledge reuse and balancing security and sharing. By introducing a modified version of Newton's cooling formula, it automatically reduces the weight of outdated knowledge, minimizes the spread of misleading information, and achieves scientific timeliness management.

[0075] Another embodiment of this application discloses a knowledge recommendation system based on scene awareness and dynamic permissions, such as... Figure 2 As shown, it includes the following modules: The acquisition module is used to acquire all documents in the knowledge base and their security levels, and to establish a mapping relationship between the keywords in the documents and the similarity between the page scenes. The list generation module is used to obtain the user's query intent and user's permission level, select target documents based on the query intent and mapping relationship, sort the target documents, and generate an initial recommendation list; The judgment module sequentially checks whether the security level of each target document in the initial recommendation list is greater than the user's permission level; if so, it continues to determine whether the target document is a top secret document. The first response module, in response to the target document being a top-secret document, removes the top-secret document from the initial recommendation list; The second response module, in response to the target document not being a top-secret document, hides the entity content in the target document in the initial recommendation list and generates a masked document. In one possible implementation of this application, the system includes: The front-end interaction layer and the server-side are used to obtain the multi-dimensional context request tensor when the user accesses the page, and send the multi-dimensional context to the server. The server-side includes a feature extraction module, a hybrid sorting engine, and a dynamic desensitization rendering engine; The feature extraction module is used to parse the multidimensional context request tensor and generate the user's identity identifier, user's permission level, user's historical behavior sequence, and keywords of the query statement; The hybrid sorting module is used to perform preliminary detection in the knowledge base based on the query statement and mapping relationship, generate a candidate document set, calculate the confidence score of the target documents in the candidate document set, and arrange the target documents in order according to the confidence score to generate an initial recommendation list; The dynamic desensitization rendering engine is used to locate sensitive nodes that need to be masked in non-top-secret target documents using real-time named recognition technology, and replace sensitive nodes by executing character stream masks to generate masked documents; The data storage layer consists of a graph database and a document object store. The graph database stores mapping relationships, and the document object store stores the documents.

[0076] In one possible implementation of this application, such as Figure 3 As shown, the dynamic data masking rendering engine includes an input end, a processing end, and an output end. The input end is the original document data stream, which contains plaintext sensitive information. After the processing end locates the numeric string "123456789" as the [PHONE] entity, the access control logic determines that the current user has low privileges and triggers the masking rule. The output end shows the final response stream output to the browser, where the original numeric string has been replaced with 12xxxx789 in real time. This process demonstrates that data masking occurs during the server-side response phase, physically preventing the leakage of sensitive data.

[0077] Figure 4 This diagram illustrates a more specific hardware structure of an electronic device provided in this embodiment. The device may include: a processor 1010, a memory 1020, an input / output interface 1030, a communication interface 1040, and a bus 1050. The processor 1010, memory 1020, input / output interface 1030, and communication interface 1040 are interconnected internally via the bus 1050.

[0078] The processor 1010 can be implemented using a general-purpose CPU (Central Processing Unit), microprocessor, application-specific integrated circuit (ASIC), or one or more integrated circuits, and is used to execute relevant programs to implement the technical solutions provided in the embodiments of this specification.

[0079] The memory 1020 can be implemented in the form of ROM (Read Only Memory), RAM (Random Access Memory), static storage device, dynamic storage device, etc. The memory 1020 can store the operating system and other application programs. When the technical solutions provided in the embodiments of this specification are implemented by software or firmware, the relevant program code is stored in the memory 1020 and is called and executed by the processor 1010.

[0080] The input / output interface 1030 is used to connect input / output modules to realize information input and output. The input / output modules can be configured as components in the device (not shown in the figure) or externally connected to the device to provide corresponding functions. Input devices may include keyboards, mice, touch screens, microphones, various sensors, etc., and output devices may include displays, speakers, vibrators, indicator lights, etc.

[0081] The communication interface 1040 is used to connect the communication module (not shown in the figure) to enable communication between this device and other devices. The communication module can communicate via wired means (such as USB, network cable, etc.) or wireless means (such as mobile network, WIFI, Bluetooth, radio (shortwave / ultra-shortwave) communication, satellite communication, data link communication, etc.).

[0082] Bus 1050 includes pathways for transmitting information between various components of the device, such as processor 1010, memory 1020, input / output interface 1030, and communication interface 1040.

[0083] It should be noted that although the above-described device only shows the processor 1010, memory 1020, input / output interface 1030, communication interface 1040, and bus 1050, in specific implementations, the device may also include other components necessary for normal operation. Furthermore, those skilled in the art will understand that the above-described device may only include the components necessary for implementing the embodiments described in this specification, and need not include all the components shown in the figures.

[0084] The electronic device described above is used to implement the corresponding knowledge recommendation method based on scene awareness and dynamic permissions in any of the foregoing embodiments, and has the beneficial effects of the corresponding method implementation methods, which will not be elaborated here.

[0085] Based on the same inventive concept, corresponding to any of the above-described embodiments, this application also provides a non-transitory computer-readable storage medium storing computer instructions for causing the computer to execute the knowledge recommendation method based on scene awareness and dynamic permissions as described in any of the above embodiments.

[0086] The computer-readable medium in this embodiment includes permanent and non-permanent, removable and non-removable media, and information storage can be implemented by any method or technology. Information can be computer-readable instructions, data structures, program modules, or other data. Examples of computer storage media include, but are not limited to, phase-change memory (PRAM), static random access memory (SRAM), dynamic random access memory (DRAM), other types of random access memory (RAM), read-only memory (ROM), electrically erasable programmable read-only memory (EEPROM), flash memory or other memory technologies, CD-ROM, digital versatile optical disc (DVD) or other optical storage, magnetic tape, magnetic magnetic disk storage or other magnetic storage devices, or any other non-transfer medium that can be used to store information accessible by a computing device.

[0087] The computer instructions stored in the storage medium of the above embodiments are used to cause the computer to execute the knowledge recommendation method based on scene awareness and dynamic permissions as described in any of the above embodiments, and have the beneficial effects of the corresponding method implementation, which will not be repeated here.

[0088] Those skilled in the art should understand that the discussion of any of the above embodiments is merely exemplary and is not intended to imply that the scope of this application (including the claims) is limited to these examples; this manner of description is merely for clarity, and those skilled in the art should consider the specification as a whole. Within the framework of this application, the above embodiments or the technical features of different embodiments can also be appropriately combined, the steps can be implemented in any order, and there are many other variations of different aspects of the embodiments of this application as described above, which are not provided in the details for the sake of brevity.

[0089] Additionally, to simplify the description and discussion, and to avoid obscuring the embodiments of this application, the well-known power / ground connections to integrated circuit (IC) chips and other components may or may not be shown in the provided drawings. Furthermore, the apparatus may be shown in block diagram form to avoid obscuring the embodiments of this application, and this also takes into account the fact that the details of the implementation of these block diagram apparatuses are highly dependent on the platform on which the embodiments of this application will be implemented (i.e., these details should be entirely within the understanding of those skilled in the art). While specific details (e.g., circuits) are set forth to describe exemplary embodiments of this application, it will be apparent to those skilled in the art that the embodiments of this application can be implemented without these specific details or with variations thereof. Therefore, these descriptions should be considered illustrative rather than restrictive.

[0090] Although this application has been described in conjunction with specific embodiments thereof, many substitutions, modifications, and variations of these embodiments will be apparent to those skilled in the art from the foregoing description. For example, other memory architectures (e.g., dynamic RAM (DRAM)) may use the embodiments discussed.

[0091] The embodiments described herein are intended to cover all such substitutions, modifications, and variations that fall within the broad scope of the appended claims. Therefore, any omissions, modifications, equivalent substitutions, improvements, etc., made without departing from the spirit and principles of the embodiments described herein should be included within the protection scope of this application.

Claims

1. A knowledge recommendation method based on scene awareness and dynamic permissions, characterized in that the method... include: Obtain all documents in the knowledge base and their security classification, and establish a mapping relationship between the keywords in each document and the page scene. Obtain the user's query intent and user's permission level, select target documents based on the query intent and the mapping relationship, sort the target documents, and generate an initial recommendation list; The system sequentially determines whether the security level of each target document in the initial recommendation list is greater than the user's permission level; if so, it continues to determine whether the target document is a top-secret document. If the target document is a top-secret document, then the target document is removed from the initial recommendation list; If the target document is not a top-secret document, the entity content in the target document is hidden in the initial recommendation list, and a masked document is generated.

2. The knowledge recommendation method based on scene awareness and dynamic permissions according to claim 1, characterized in that, The process of establishing a mapping relationship based on the similarity between keywords in each document and the page scene includes: Construct a feature vector for each page scene, wherein the feature vector consists of page identifier, functional domain encoding, and associated department features; Keywords in the document are extracted using the term frequency-inverse document frequency algorithm. The similarity between the vector of the keyword and each feature vector is calculated, and a mapping relationship is established based on the similarity.

3. The knowledge recommendation method based on scene awareness and dynamic permissions according to claim 1, characterized in that, The process of obtaining the user's query intent and user's permission level includes: Identify the user's access path. When the user accesses a page, obtain a multi-dimensional context request tensor. The multi-dimensional context request tensor is used to represent the query intent and the permission level. The multidimensional context request tensor is parsed to generate the user's identity identifier, the user's permission level, the user's historical behavior sequence, and the keywords of the query statement entered by the user.

4. The knowledge recommendation method based on scene awareness and dynamic permissions according to claim 1, characterized in that, The process involves selecting target documents based on the query intent and the mapping relationship, sorting the target documents, and generating an initial recommendation list, including: Based on the query statement in the query intent, a preliminary detection is performed in the knowledge base to generate a candidate document set; Based on the query intent and the mapping relationship, the confidence score of the target document in the candidate document set is calculated. Based on the confidence score of the target document, the target documents are arranged in order to generate the initial recommendation list.

5. The knowledge recommendation method based on scene awareness and dynamic permissions according to claim 4, characterized in that, The calculation of the confidence score of the target document in the candidate document set includes: The confidence score is calculated using the following formula: ； Among them, S final (d) k ) is the target document d k The confidence score, Sim(Q, d) k I(ID) represents the semantic similarity score between the query and the target document. page d k The scene indicator function (N) outputs 1 if the tags of the target document match the identifier of the current page, and 0 otherwise. N(Heat) is the heat value of the target document. λ is the time-dependent attenuation factor, and t is the attenuation coefficient. now t represents the current time. pub The value represents the publication time, and α, β, and γ are dynamic weights.

6. The knowledge recommendation method based on scene awareness and dynamic permissions according to claim 1, characterized in that, After sequentially determining whether the security level of each target document in the initial recommendation list is greater than or equal to the user's permission level, the method further includes: If not, then the target document can be displayed in plaintext.

7. The knowledge recommendation method based on scene awareness and dynamic permissions according to claim 1, characterized in that, In response to the target document not being a top-secret document, the entity content of the target document is hidden in the initial recommendation list, and a masked document is generated, including: If the target document is not a top-secret document, then the sensitive nodes that need to be covered in the target document are located using real-time naming recognition technology. The sensitive nodes are replaced using an execution character stream mask to generate the masked document.

8. A knowledge recommendation system based on scene awareness and dynamic permissions, characterized in that, The system includes: The acquisition module is used to acquire all documents in the knowledge base and the security level of the documents, and to establish a mapping relationship between the keywords in the documents and the similarity between the page scene; The list generation module is used to obtain the user's query intent and the user's permission level, select target documents according to the query intent and the mapping relationship, sort the target documents, and generate an initial recommendation list; The judgment module sequentially determines whether the security level of each target document in the initial recommendation list is greater than the user's permission level; if so, it continues to determine whether the target document is a top secret document. The first response module, in response to the fact that the target document is a top-secret document, removes the top-secret document from the initial recommendation list; The second response module, in response to the fact that the target document is not a top-secret document, hides the entity content in the target document in the initial recommendation list and generates a masked document.

9. The knowledge recommendation system based on scene awareness and dynamic permissions according to claim 8, the system further includes: The front-end interaction layer and the server are configured to obtain a multi-dimensional context request tensor when a user accesses a page, and send the multi-dimensional context to the server. The server-side includes a feature extraction module, a hybrid sorting engine, and a dynamic desensitization rendering engine; The feature extraction module is used to parse the multidimensional context request tensor to generate the user's identity identifier, the user's permission level, the user's historical behavior sequence, and the keywords of the query statement entered by the user; The hybrid sorting module is used to perform preliminary detection in the knowledge base based on the query statement in the query intent and the mapping relationship, generate a candidate document set, calculate the confidence score of the target document in the candidate document set, and arrange the documents in order according to the confidence score of the target document to generate the initial recommendation list. The dynamic desensitization rendering engine is used to locate sensitive nodes that need to be masked in the non-top-secret target document using real-time naming recognition technology, and replace the sensitive nodes using execution character stream masking to generate the masked document; The data storage layer includes a graph database and a document object storage, wherein the graph database stores the mapping relationship and the document object storage stores the documents.

10. An electronic device, characterized in that, include: Processor and memory; The memory stores a computer program that, when executed by the processor, causes the processor to perform the steps of the knowledge recommendation method based on scene awareness and dynamic permissions as described in any one of claims 1 to 7.

Images