Task processing method and apparatus, electronic device, and storage medium
By dynamically acquiring the resource permission declarations and environmental security risk information of the target node, it ensures that the target model only accesses necessary resources within the authorized scope, thus solving the problem of unauthorized access caused by static permission mechanisms and improving security and compliance.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- PENG CHENG LAB
- Filing Date
- 2026-02-06
- Publication Date
- 2026-06-12
AI Technical Summary
In existing technologies, the target model's calls to functional modules or service interfaces rely on a static, tightly coupled permission declaration mechanism, which makes it easy for the model to call device data without authorization, resulting in poor security, especially in highly sensitive scenarios where there are risks of data leakage and privacy.
By dynamically acquiring resource permission declaration information and environmental security risk information of the target node, and performing real-time verification based on the principle of least privilege required by the task, the target model is ensured to access necessary resources only within the authorized scope and to process data in a preset isolated environment.
It effectively prevents unauthorized access to resources by the model, improves the security of the node where the resource is accessed, avoids security vulnerabilities and unauthorized access risks caused by static permission mechanisms, and ensures network security and compliance.
Smart Images

Figure CN122197044A_ABST
Abstract
Description
Technical Field
[0001] This application relates to the field of data processing technology, specifically to a task processing method, apparatus, electronic device, and storage medium. Background Technology
[0002] With the improvement of Large Language Model (LLM) capabilities, building models capable of autonomously calling tools, accessing data sources, and interacting with external systems has become an important development direction for Artificial Intelligence (AI). For example, a model can autonomously decide to call external tools or services with specific functions, such as file editors or database query tools, to complete complex modeling tasks. In related technologies, the target model calls relevant functional modules or service interfaces according to the task requirements to execute the modeling task.
[0003] However, the target model's calls to relevant functional modules or service interfaces usually rely on a static, tightly coupled permission declaration mechanism. Therefore, in practical applications, the model may overstep its authority to call device data, resulting in poor security of the node where the called resource is located. Summary of the Invention
[0004] This application provides a task processing method, apparatus, electronic device, and storage medium that can prevent unauthorized access to data resources and improve the security of the node where the data resources are accessed.
[0005] To achieve the above objectives, one embodiment of this application provides a task processing method, including: Determine the target model task corresponding to the target model, and generate the data acquisition request corresponding to the target model task; Send data acquisition requests to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node; Based on environmental safety risk information, the resource permission declaration information is filtered and processed to obtain the target resource permission declaration information of the target node. The data acquisition requests are analyzed based on the target model task to determine the minimum requests required to execute the target model task. The request permissions corresponding to the minimum requests are then verified based on the target resource permission declaration information to obtain the verification results. When the verification result shows that the requested permission matches the permission declaration information of the target resource, the request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the data processing result; The data processing results are input into the target model so that the target model can output the task processing results corresponding to the target model task based on the data processing results.
[0006] In some embodiments, the resource permission declaration information is filtered based on environmental security risk information to obtain the target resource permission declaration information of the target node, including: The network risk level of the target node is determined based on environmental safety risk information; Based on the network risk level and the preset environmental security mapping rules, the current prohibited authorization information corresponding to the target node is determined; Based on the current prohibited authorization information, the resource permission declaration information is filtered to obtain the target resource permission declaration information of the target node.
[0007] In some embodiments, the data acquisition request is analyzed based on the target model task to determine the minimum request required to perform the target model task, including: Semantic analysis is performed on the target model task to determine the target data operation information corresponding to the target model task; Based on the target data operation information and the preset data operation mapping rules, the minimum request required to execute the target model task is determined.
[0008] In some embodiments, the minimum request required to perform the target model task is determined based on the target data operation information and preset data operation mapping rules, including: Obtain the historical request processing results between the target model and the target node; Based on historical request processing results, target data operation information, and preset data operation mapping rules, the minimum request required to execute the target model task is determined.
[0009] In some embodiments, after obtaining the verification result, the method further includes: When the verification result shows that the requested permission matches the target resource permission declaration information, permission configuration information is generated based on the target model task and minimum request. The storage permission configuration information is used to process the request data corresponding to the new data acquisition request in a preset isolation environment according to the permission configuration information when the new data acquisition request is the same as the data acquisition request and the new resource permission declaration information is the same as the target resource permission declaration. This results in the data processing of the new data acquisition request. The data processing results corresponding to the new data acquisition request are input into the new model, so that the new model can output the new task processing results corresponding to the new model task based on the new data processing results.
[0010] In some embodiments, the target node includes a local node and a remote node; The request data corresponding to the data acquisition request is processed in a preset isolated environment to obtain the data processing results, including: If the request permission corresponding to the minimum request is to request data from the local node, the requested data is obtained from the local node according to the data retrieval request, and the requested data is processed in a preset isolation environment to obtain the data processing result; If the minimum request corresponds to the request permission characterization of requesting to obtain data from a remote node, the data acquisition request is sent to the remote node so that the remote node can process the request data corresponding to the data acquisition request in a preset remote isolation environment and obtain the remote data processing result. The remote data processing results are processed in a preset isolated environment to obtain the data processing results.
[0011] In some embodiments, processing the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result further includes: The request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the initial data processing result; The number of append requests received when the data acquisition request is processed in a preset isolation environment is counted. When the number of additional requests reaches the preset request count threshold, the initial data processing result is updated based on the preset default result to obtain the data processing result.
[0012] To achieve the above objectives, one embodiment of this application provides a task processing apparatus, including: The request generation module is used to determine the target model task corresponding to the target model and generate the data acquisition request corresponding to the target model task. The data acquisition request sending module is used to send data acquisition requests to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node. The target resource permission declaration information determination module is used to filter and process resource permission declaration information based on environmental security risk information to obtain the target resource permission declaration information of the target node. The verification module is used to analyze the data acquisition request based on the target model task, determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request based on the target resource permission declaration information to obtain the verification result. The data processing result generation module is used to process the request data corresponding to the data acquisition request in a preset isolation environment when the verification result shows that the request permission matches the target resource permission declaration information, and obtain the data processing result. The data processing result sending module is used to input the data processing results into the target model, so that the target model can output the task processing results corresponding to the target model task based on the data processing results.
[0013] To achieve the above objectives, one aspect of this application provides a computer-readable storage medium storing multiple instructions adapted for loading by a processor to execute the steps in the task processing method provided in this application.
[0014] To achieve the above objectives, one aspect of this application provides a computer device, including a memory, a processor, and a computer program stored in the memory and capable of running on the processor. When the processor executes the computer program, it implements the steps in the task processing method provided in this application.
[0015] To achieve the above objectives, one aspect of this application provides a computer program product, including a computer program or instructions, which, when executed by a processor, implement the steps in the task processing method provided in this application.
[0016] The task processing method, apparatus, electronic device, and storage medium proposed in this application determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task; send the data acquisition request to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node; perform information filtering processing on the resource permission declaration information according to the environmental security risk information to obtain the target resource permission declaration information of the target node; analyze the data acquisition request according to the target model task to determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request according to the target resource permission declaration information to obtain the verification result; when the verification result shows that the request permission matches the target resource permission declaration information, process the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result; input the data processing result into the target model so that the target model outputs the task processing result corresponding to the target model task based on the data processing result.
[0017] This application embodiment dynamically acquires the resource permission declaration information and environmental security risk information of the target node, and verifies the requested permissions in real time based on the principle of least privilege required by the task. This ensures that the target model only accesses necessary resources within the authorized scope, effectively preventing the model from making unauthorized calls to resources. At the same time, data processing is only allowed in the isolated environment when the requested permissions match the authorized scope of the target node. This significantly improves the security of the node where the called resources are located, avoiding security vulnerabilities and illegal access risks caused by static and tightly coupled permission mechanisms. Thus, under the premise of ensuring network security, it supports the target model to complete complex tasks efficiently and compliantly.
[0018] Other features and advantages of this application will be set forth in the following description and will be apparent in part from the description or may be learned by practicing the application. The objectives and other advantages of this application may be realized and obtained by means of the structures particularly pointed out in the description, claims and drawings. Attached Figure Description
[0019] To more clearly illustrate the technical solutions in the embodiments of this application, the accompanying drawings used in the description of the embodiments will be briefly introduced below. Obviously, the accompanying drawings described below are only some embodiments of this application. For those skilled in the art, other drawings can be obtained based on these drawings without creative effort.
[0020] Figure 1 This is a schematic diagram of the system framework corresponding to the task processing method provided in the embodiments of this application; Figure 2 This is a flowchart illustrating the task processing method provided in an embodiment of this application; Figure 3 This is a schematic diagram of the module structure of the task processing device provided in the embodiments of this application; Figure 4 This is a schematic diagram of the hardware structure of the electronic device provided in the embodiments of this application. Detailed Implementation
[0021] To enable those skilled in the art to better understand the solutions of this application, the technical solutions of the embodiments of this application will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of this application, and not all embodiments. Based on the embodiments of this application, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of this application.
[0022] It should be noted that in each specific embodiment of this application, when a data acquisition request is made for a target model task, permission or consent from the relevant personnel managing the target model is obtained first. Furthermore, the collection, use, and processing of this data comply with relevant laws, regulations, and standards. In addition, when this application embodiment needs to obtain sensitive personal information of relevant personnel, separate permission or consent from the relevant personnel is obtained through pop-ups or redirection to a confirmation page. Only after obtaining the separate permission or consent of the relevant personnel is the necessary data acquisition request obtained to enable the normal operation of this application embodiment. Other data obtained in this application embodiment are all authorized and legal data, and will not be described in detail here.
[0023] This application can be used in a wide variety of general-purpose or special-purpose computer system environments or configurations. Examples include: personal computers, server computers, handheld or portable devices, tablet devices, multiprocessor systems, microprocessor-based systems, programmable consumer computer devices, minicomputers, mainframe computers, and distributed computing environments including any of the above systems or devices. This application can be described in the general context of computer-executable instructions executed by a computer, such as program modules. Generally, program modules include routines, programs, objects, components, data structures, etc., that perform specific tasks or implement specific abstract data types. This application can also be practiced in distributed computing environments where tasks are performed by remote processing devices connected via a communication network. In distributed computing environments, program modules can reside in local and remote computer storage media, including storage devices.
[0024] The technical problems existing in the related technologies are as follows: With the improvement of LLM capabilities, building models capable of autonomously calling tools, accessing data sources, and interacting with external systems has become an important direction for AI development. For example, a model can autonomously decide to call external tools or services with specific functions, such as file editors or database query tools, to complete complex modeling tasks. In related technologies, the target model calls relevant functional modules or service interfaces according to the task requirements to execute the modeling task.
[0025] However, the target model's calls to relevant functional modules or service interfaces usually rely on a static, tightly coupled permission declaration mechanism. Therefore, in practical applications, the model may overstep its authority to call device data, resulting in poor security of the node where the called resource is located.
[0026] For example, in scenarios with extremely high requirements for data security and permission compliance, such as intelligent office assistants, medical diagnostic aids, or enterprise-level AI agents, large language models often need to dynamically call sensitive local or remote services (such as reading user logs, accessing patient medical record databases, and performing financial system operations). Because related technologies employ statically preset permission declaration mechanisms (such as hard-coded API whitelists or fixed role authorization policies), the model cannot perceive the security risk level, resource sensitivity, or environmental trust status of the current calling context at runtime. When task requirements change or abnormal input such as injection attacks or unauthorized access attempts occurs, the model may, based on overly broad or expired permission configurations, arbitrarily access data resources it shouldn't have access to (such as unauthorized reading of other users' files or performing unauthorized database write operations). This not only exposes the resource's host node to the risk of data leakage, tampering, or abuse but may also violate privacy regulations due to blurred permission boundaries. More seriously, static permission mechanisms lack the ability to dynamically adapt to the principle of least privilege—even if the task only needs to read a specific field in a table, the model may still be granted full database access, resulting in permission redundancy and an expanded attack surface. Therefore, when faced with complex and ever-changing task intentions, open interactive environments, and highly sensitive external systems, existing technologies struggle to effectively constrain the model's calling behavior, severely weakening the security, controllability, and compliance of AI systems in real production environments.
[0027] The task processing method, apparatus, electronic device, and storage medium proposed in this application determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task; send the data acquisition request to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node; perform information filtering processing on the resource permission declaration information according to the environmental security risk information to obtain the target resource permission declaration information of the target node; analyze the data acquisition request according to the target model task to determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request according to the target resource permission declaration information to obtain the verification result; when the verification result shows that the request permission matches the target resource permission declaration information, process the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result; input the data processing result into the target model so that the target model outputs the task processing result corresponding to the target model task based on the data processing result.
[0028] This application embodiment dynamically acquires the resource permission declaration information and environmental security risk information of the target node, and verifies the requested permissions in real time based on the principle of least privilege required by the task. This ensures that the target model only accesses necessary resources within the authorized scope, effectively preventing the model from making unauthorized calls to resources. At the same time, data processing is only allowed in the isolated environment when the requested permissions match the authorized scope of the target node. This significantly improves the security of the node where the called resources are located, avoiding security vulnerabilities and illegal access risks caused by static and tightly coupled permission mechanisms. Thus, under the premise of ensuring network security, it supports the target model to complete complex tasks efficiently and compliantly.
[0029] The specific details regarding the task processing method, apparatus, electronic device, and storage medium provided in the embodiments of this application will be described in detail below.
[0030] Please see Figure 1 , Figure 1 This is a schematic diagram of the system framework corresponding to the task processing method provided in the embodiments of this application. The task processing method provided in the embodiments of this application can be applied to this system framework.
[0031] It includes terminal 140, Internet 130, gateway 120, server 110, etc.
[0032] Terminal 140 or server 110 can be a device that performs task processing methods.
[0033] Terminal 140 includes, but is not limited to, mobile phones, tablets, computers, and intelligent computing centers. Terminal 140 can be a single device or a collection of multiple devices. For example, multiple computers can be interconnected via a local area network, sharing a single monitor to work collaboratively, thus forming a terminal 140. Terminal 140 can communicate with the Internet 130 via wired or wireless means to exchange data.
[0034] Server 110 refers to a computer system capable of providing certain services to terminal 140. Compared to ordinary terminal 140, server 110 has higher requirements in terms of stability, security, and performance. Server 110 can be a standalone physical server, a server cluster or distributed system composed of multiple physical servers, or a cloud server providing basic cloud computing services such as cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (CDN), and big data and artificial intelligence platforms.
[0035] Gateway 120, also known as an internetwork connector or protocol converter, is a computer system or device that acts as a translator, enabling network interconnection at the transport layer. It bridges the gap between two systems using different communication protocols, data formats, languages, or even completely different architectures. Gateways can also provide filtering and security functions. Messages sent from terminal 140 to server 110 are forwarded to the corresponding server 110 via gateway 120. Messages sent from server 110 to terminal 140 are also forwarded to the corresponding terminal 140 via gateway 120.
[0036] The embodiments of this application can be applied to various scenarios: (1) intelligent government affairs and public service platforms, for example, the service platform needs to retrieve sensitive user information across departments, and when a citizen asks "Do I meet the application conditions for a certain subsidy?", the model needs to securely access multiple government databases; (2) financial risk control and compliance review platforms, for example, the risk control model needs to determine "whether customer A has engaged in high-frequency cross-border transfers in the past 6 months" through data retrieved from cross-platforms; (3) medical and health AI-assisted diagnostic systems, for example, in hospitals or remote diagnosis and treatment platforms, LLM may need to call electronic medical record systems, image databases or laboratory result interfaces to support diagnostic recommendations. The above are just examples, and the application scenarios involved in the task processing method proposed in this application are far more than those shown in the examples. The specific method proposed in this application can be selected according to the actual situation.
[0037] Next, we will describe it from the perspective of the task processing device (which can also be simply referred to as "device" for ease of description). The task processing device is usually set up in the local node, such as... Figure 2 As shown, Figure 2 This is a flowchart illustrating the task processing method provided in an embodiment of this application. The task processing method is applied to a task processing device. Figure 2 The method may include, but is not limited to, the following steps 210 to 260. When the task processing device executes the task processing method, the specific process is as follows. It should be noted first that this embodiment... Figure 2 The order of steps 210 to 260 is not specifically limited. The order of steps can be adjusted or some steps can be reduced or added according to actual needs.
[0038] Step 210: Determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task; Step 220: Send a data acquisition request to the corresponding target node and receive the resource permission declaration information and environmental security risk information returned by the target node; Step 230: Based on the environmental safety risk information, perform information filtering on the resource permission declaration information to obtain the target resource permission declaration information of the target node; Step 240: Analyze the data acquisition request based on the target model task, determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request based on the target resource permission declaration information to obtain the verification result; Step 250: When the verification result shows that the requested permission matches the target resource permission declaration information, the request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the data processing result. Step 260: Input the data processing results into the target model so that the target model can output the task processing results corresponding to the target model task based on the data processing results.
[0039] Steps 210 to 260 are described in detail below.
[0040] In step 210, the target model task corresponding to the target model is determined, and a data acquisition request corresponding to the target model task is generated.
[0041] In this application, the target model refers to a large language model or other artificial intelligence model that undertakes core intelligent reasoning or task execution functions. The target model has the ability to understand user intent, plan task steps, and invoke external tools or data sources. For example, in systems such as intelligent customer service, medical assisted diagnosis, or enterprise automated agents, the target model is the AI entity that actually generates responses, makes decisions, or coordinates resources.
[0042] The target model task refers to the specific work objective that the target model needs to accomplish. Target model tasks usually have clear semantic intent and execution boundaries. For example, a target model task could be "query a user's order records for the past three months", "analyze a patient's latest test report and provide preliminary suggestions", or "extract a list of customers that meet specific conditions from the database". The target model task will be adaptively adjusted according to the actual situation.
[0043] Furthermore, in order to complete the target model task, the target model needs to access a local or remote server to obtain the relevant data necessary for completing the target model task. Based on this, the task processing device generates a corresponding data acquisition request. And... In step 220, a data acquisition request is sent to the corresponding target node, and the resource permission declaration information and environmental security risk information returned by the target node are received.
[0044] In this context, the target node can be either a local node or a remote node. A node can be a server, a device, or any logical or physical entity with an independent network address capable of providing computing, storage, communication, or service functions. A local node refers to the node deployed on the device; when the target model executes its task, it may only need to retrieve relevant data stored on the local node. A remote node refers to other nodes in a different network environment than the local node. Different nodes typically store different data; that is, the data required by the target model to execute its task may not only exist on the local node but may also exist on a remote node.
[0045] Furthermore, if it is a local node, the device sends the data acquisition request to the local node's processor, which then retrieves the relevant resource permission declaration information and environmental security risk information based on the request. If it is a remote node, the device sends the data acquisition request to the remote node's processor, which then retrieves the relevant resource permission declaration information and environmental security risk information based on the request. Additionally, the local and remote nodes communicate via the Model Context Protocol (MCP), ensuring standardized, context-aware, and secure interaction when the large language model calls external tools or accesses data.
[0046] The resource permission declaration information describes the structured permission policy specified by the current node, which resources are allowed to be accessed and what operations can be performed by external callers. This information typically includes multiple metadata entries such as accessible data fields, supported operation types (e.g., read / write / delete), applicable roles or identity conditions, and validity period. For example, one entry in the resource permission declaration information might state: "Only the user's own transaction records for the past 30 days are allowed to be read, and the original ID must not be exported." Depending on the specific circumstances, the resource permission declaration information can be pre-configured statically or dynamically updated at intervals; this embodiment does not impose any limitations on this.
[0047] For example, resource permission declaration information can be the metadata file manifest used by the manifest to declare permissions. It should be noted that the manifest mainly focuses on topic permissions at the level of "readable / writable file" and "network access", and it lacks fine constraints on specific paths, domain names and variable names.
[0048] Among them, environmental security risk information refers to contextual data reflecting the current security status of the operating environment, synchronously provided by the target node when responding to a request. Environmental security risk information typically includes network location (used to help assess whether the node is in a high-risk location), hardware compliance (used to help assess the node's hardware security), and session authentication strength (used to help assess whether the node has completed multi-dimensional security authentication), etc. Environmental security risk information is obtained by the target node in real time after receiving a data acquisition request and is dynamically updated.
[0049] It is understood that the embodiments of this application achieve refined and context-aware permission control of model calling behavior by obtaining resource permission declaration information and environmental security risk information returned by the target node, effectively supporting a unified authorization mechanism: regardless of whether the target node is deployed locally or in the cloud, its permission declaration is uniformly received and parsed by the task processing device for subsequent screening and verification, ensuring that all external resource access goes through a user-auditable authorization process, thereby avoiding the permission expansion problem caused by overly broad preset permissions or lack of environmental awareness in the traditional static authorization mode.
[0050] In step 230, the resource permission declaration information is filtered based on the environmental safety risk information to obtain the target resource permission declaration information of the target node.
[0051] In some embodiments, after acquiring environmental security risk information and resource permission declaration information, the device performs information filtering on the resource permission declaration information based on the environmental security risk information to obtain target resource permission declaration information corresponding to the local node or remote node. The target resource permission declaration information refers to the effective permission boundaries applicable to the current task context, obtained after dynamic filtering and adjustment, taking into account the original resource permissions declared by the target node and the current environmental security risk status. The target resource permission declaration information is not a preset static permission list, but rather the result of information filtering based on environmental risks.
[0052] For example, if environmental security risk information indicates that the network location of the corresponding node is a high-risk location, even if the target node originally allowed to read complete user data, the filtered target resource permission declaration information may only allow access to a portion of the anonymized fields, or directly prohibit sensitive operations. The target resource permission declaration information serves as the basis for subsequent least privilege verification to ensure that the target model can only access relevant data under secure and compliant conditions.
[0053] In some embodiments, the resource permission declaration information is filtered based on environmental security risk information to obtain the target resource permission declaration information of the target node, including: (1.1) Determine the current network risk level of the target node based on environmental security risk information; (1.2) Based on the network risk level and the preset environmental security mapping rules, determine the current prohibited authorization information corresponding to the target node; (1.3) Based on the current prohibited authorization information, the resource permission declaration information is filtered to obtain the target resource permission declaration information of the target node.
[0054] The network risk level refers to the security status level of the target node's operating environment, used to characterize the trustworthiness of the current access context. For example, the network environment of the target node is assessed based on environmental security risk information to obtain a corresponding network security assessment score, and the network risk level corresponding to the current network security assessment score is determined according to a pre-set score-level mapping rule.
[0055] Among them, the environmental security mapping rule refers to a pre-configured set of security policy rules used to associate and map network risk levels with specific permission restrictions to determine the dynamic access permissions that should be prohibited for target nodes under different security contexts. The environmental security mapping rule explicitly specifies which resource operations or data fields should not be authorized for access when a target node is at a certain network risk level. For example, the environmental security mapping rule can be defined as follows: if the network risk level is high, then write operations on all user information and read permissions for sensitive fields such as user identity information are prohibited; if it is medium risk, then data export operations are prohibited. In this way, the device can automatically generate matching currently prohibited authorization information based on real-time environmental risk assessment, and then filter the resource permission declaration information using this information to obtain the target resource permission declaration information for the target node.
[0056] For example, if the security risk information of an environment is: "The request source IP is 10.24.56.18 (belonging to the company's office intranet), the terminal device has passed the MDM compliance check, and the current session has completed two-factor authentication", then the network risk level corresponding to the target node can be determined as low risk; conversely, if the security risk information shows that the request comes from an unregistered mobile device under a public wireless network and only uses password authentication, it may be determined as high risk.
[0057] It is understood that the embodiments of this application generate a prohibited authorization range in real time based on the security status of the network environment in which the target node is currently located, and filter out target resource permission declaration information that only contains necessary and compliant permissions, thereby significantly improving the fineness and security of permission control. While ensuring the normal execution of model tasks, it minimizes the attack surface and avoids sensitive data from being illegally obtained or abused due to excessively open permissions.
[0058] In step 240, the data acquisition request is analyzed according to the target model task to determine the minimum request required to execute the target model task, and the request permission corresponding to the minimum request is verified according to the target resource permission declaration information to obtain the verification result.
[0059] In some embodiments, the data acquisition requests given by the target model task may not be reasonable. For example, a target model task may only require permission A, but the data acquisition request may request permissions A and B. If permission verification is blindly performed based on the data acquisition request without analysis, permission bloat can easily occur. Therefore, in addition to clarifying the permissions that the target node can currently grant, it is also necessary to clarify the minimum permissions required by the target model to achieve precise alignment between permission requests and task intent.
[0060] Furthermore, after determining the minimum requests required for the target model task, the target resource permission declaration information and the minimum requests are compared. The verification result is considered successful only if the minimum requests are fully contained within the authorization scope defined by the target resource permission declaration information; otherwise, the verification result is considered a mismatch. Thus, this embodiment ensures that any resource access behavior initiated by the target model not only conforms to the minimum necessary principle required by the task but is also strictly limited by the dynamically opened permission boundaries of the target node in the current security context, thereby effectively preventing unauthorized calls, permission abuse, and sensitive data leakage.
[0061] In some embodiments, the data acquisition request is analyzed based on the target model task to determine the minimum request required to perform the target model task, including: (2.1) Perform semantic analysis on the target model task to determine the target data operation information corresponding to the target model task; (2.2) Based on the target data operation information and the preset data operation mapping rules, determine the minimum request required to execute the target model task.
[0062] In some embodiments, to determine the minimum permissions required by the target model task, semantic analysis of the target model task is necessary to identify and extract the specific data operation intentions upon which the target model task depends during execution, thereby determining the corresponding target data operation information. The target data operation information refers to the specific structured description extracted after semantic analysis of the target model task, which characterizes the data resources that the task needs to access or operate during execution. This includes the target data object (such as a database table, file path, or interface endpoint), operation type (such as read, write, query), involved data fields (such as user identity, transaction amount), and necessary constraints (such as time range, filtering conditions, or pagination parameters).
[0063] Further, data operation mapping rules are obtained. Data operation mapping rules refer to a pre-configured set of strategic mapping relationships used to transform the target data operation information obtained through semantic analysis into a minimum request that conforms to the principle of least privilege. These rules define which data objects, fields, or operation types are within the necessary access scope under a specific task intent, and which are redundant or sensitive content that should be removed.
[0064] For example, firstly, the data objects, operation types, field lists, and constraints contained in the target data operation information are parsed. Then, based on the permission pruning strategy defined for this type of task intent in the data operation mapping rules, the data elements that are directly related to and indispensable to the task objective are identified, while redundant, irrelevant, or sensitive fields and operations are removed. For instance, if a target data operation information indicates that the current target model task requires the operation of "consumption statistics, requiring the acquisition of order number, product name, shipping address, and payment amount from the user's order table," and the data operation mapping rules specify that "when the target model task is consumption statistics, only the 'payment amount' field and time range constraints are allowed to be retained," then a request containing only the necessary fields and conditions is generated accordingly. The final output minimum request is the minimum data access scope strictly limited to the completion of the target model task, ensuring that the permission request meets both functional requirements and the principle of least privilege.
[0065] It is understood that the embodiments of this application first perform semantic analysis on the target model task to accurately extract its real data operation requirements and obtain target data operation information; then, combined with preset data operation mapping rules, determine the minimum request to obtain relevant data, thereby effectively avoiding the problem of excessive permission requests caused by overly broad or redundant model-generated requests or interference from prompts, ensuring that subsequent permission verification and data access are strictly limited to the minimum range actually required by the task, thereby significantly reducing the risk of unauthorized calls and sensitive data leakage, and improving network security, compliance and the accuracy of resource calls.
[0066] In some embodiments, the minimum request required to perform the target model task is determined based on the target data operation information and preset data operation mapping rules, including: (2.2.1) Obtain the historical request processing results between the target model and the target node; (2.2.2) Based on the historical request processing results, target data operation information and preset data operation mapping rules, determine the minimum request required to execute the target model task.
[0067] In some embodiments, data operation mapping rules are typically user-preset, and therefore their update frequency is low. When the device determines the minimum request required to execute the target model task based on the data operation mapping rules, the determined minimum request may exceed the required permission range because the data operation mapping rules are not updated in time. Consequently, when verifying the request permission corresponding to the minimum request based on the target resource permission declaration information, the verification result is often that the request permission does not match the target resource permission declaration information. Furthermore, the target model may frequently or repeatedly access the same target node, and the data acquisition request may be the same. If the data operation mapping rules are not updated, the subsequent verification of the minimum request is likely to fail no matter what, resulting in a waste of computing resources during the verification process.
[0068] Furthermore, by obtaining the historical request processing results between the target model and the target node, this embodiment of the application can determine the minimum request required to execute the target model task based on the past data acquisition situation of both parties and in conjunction with the data operation mapping rules. For example, the target model receives a user's question: "Is it suitable for outdoor running in location A tomorrow?". To complete this model task, it needs to call an external weather service from the target node to obtain meteorological data. The preset data operation mapping rules define that such tasks can request fields such as "temperature, humidity, precipitation probability, and UV index". However, due to recent policy adjustments, the external weather service has disabled access to the "UV index" field by default, but the mapping rules on the device side have not been updated synchronously. If the minimum request is generated only based on the mapping rules, the device will continue to include the UV index, causing subsequent verifications to fail repeatedly because the field is not in the target resource permission declaration information currently returned by the target node, resulting in a permission mismatch. By obtaining historical request processing results between the target model and the weather service, the device can identify that all requests containing the UV index within the past week were rejected or returned null values. Only requests for "temperature, humidity, and precipitation probability" can successfully obtain data. Therefore, the device will dynamically correct the mapping rule output based on historical experience, actively remove unusable fields, and generate a practically feasible minimum request, thereby avoiding invalid verification and resource waste, and ensuring the real-time accuracy of the generated minimum request.
[0069] It is understood that, based on ensuring that requests strictly follow the principle of least privilege, this application embodiment introduces historical request processing results as a basis for dynamic optimization, enabling the system to learn and adapt to the actual authorization preferences and security policy evolution of the target node, thereby reducing invalid or high-risk permission requests and improving task execution efficiency and permission verification success rate.
[0070] In some embodiments, after obtaining the verification result, the method further includes: (3.1) When the verification result shows that the requested permission matches the target resource permission declaration information, generate permission configuration information based on the target model task and minimum request; (3.2) Storage permission configuration information: When the new data acquisition request corresponding to the new model is the same as the data acquisition request, and the new resource permission declaration information is the same as the target resource permission declaration, the request data corresponding to the new data acquisition request is processed in the preset isolation environment according to the permission configuration information to obtain the data processing result corresponding to the new data acquisition request. (3.3) Input the data processing results corresponding to the new data acquisition request into the new model so that the new model can output the new task processing results corresponding to the new model task based on the new data processing results.
[0071] In some embodiments, when the verification result shows that the requested permission matches the target resource permission declaration information, the device will generate corresponding permission configuration information based on the current target model task and the determined minimum request. The permission configuration information refers to metadata records formed by structurally encapsulating the access context of this successful verification. Its content includes, but is not limited to: the target model task identifier, the specific fields and operation scope of the minimum request, the target node identifier, a snapshot of the target resource permission declaration information, and the authorization validity period. The verification result is used to characterize a compliant data access authorization credential under specific task and permission boundaries, providing a basis for rapid reuse in subsequent similar scenarios.
[0072] Furthermore, the generated permission configuration information is persistently stored. When the device subsequently receives a request from a new model that is the same as the previously processed data acquisition request, and the new resource permission declaration information obtained from the target node is also consistent with the previous target resource permission declaration information, the device can directly call the stored permission configuration information to avoid repeated semantic analysis, permission verification and other processes. Then, the request data corresponding to the new data acquisition request is processed in a preset isolation environment to obtain the data processing result corresponding to the new data acquisition request.
[0073] The preset isolation environment refers to a controlled sandbox created by the local node. This sandbox ensures that external data undergoes necessary calculations or desensitization without exposing its original sensitive content, thus guaranteeing data security. The new model can be the target model or any other model besides the target model. The definitions of the new model, new data acquisition requests, new resource permission declarations, and new task processing results are similar to those of the target model and will not be elaborated upon here.
[0074] It is understood that, for repetitive and context-stable task requests, this application embodiment avoids repeatedly performing computationally intensive operations such as semantic analysis and dynamic verification on the same requests by storing and reusing verified permission configuration information, which significantly reduces system overhead and response latency. At the same time, since the reuse premise is that the new data acquisition request and the new resource permission declaration information have not changed, no new security risks are introduced. This not only improves task processing efficiency but also maintains the rigor and consistency of permission control, which is especially suitable for high-frequency calls to external services (such as weather queries, exchange rate acquisition, calendar synchronization, etc.).
[0075] In step 250, when the verification result shows that the requested permission matches the target resource permission declaration information, the request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the data processing result.
[0076] The pre-configured isolation environment refers to a secure execution space that is logically or physically isolated from the target model's operating environment. It is used to process the request data corresponding to the data acquisition request in a controlled manner after the permission verification is passed. The pre-configured isolation environment is usually implemented using sandbox, container, trusted execution environment or virtualization isolation technology to ensure that external data cannot directly expose the original sensitive content to the target model during processing, nor can it produce side effects on the host system or other tasks. All data operations are completed under limited permissions and monitoring, and only the data processing results after de-identification, aggregation or format conversion are output, thereby effectively preventing data leakage, pollution or malicious injection.
[0077] Furthermore, in this embodiment of the application, subsequent processing of the request data corresponding to the data acquisition request is only permitted when the verification result confirms that the requested permission matches the target resource permission declaration information, and this processing must be performed in a preset isolation environment. Since the preset isolation environment is a security-restricted execution space isolated from the main running environment of the target model, it can ensure that sensitive operations such as necessary reading, filtering, desensitization, format conversion, or aggregation of the original request data are not directly exposed to the target model in plaintext.
[0078] It is understood that this embodiment generates a data acquisition request through a target model task and obtains the current resource permission declaration information and environmental security risk information from the target node. Subsequently, the permission declaration is dynamically filtered based on the environmental risk to form context-aware target resource permission declaration information. Next, the minimum request required for execution is extracted through task semantic analysis, and its validity is verified according to the authorization scope based on the target resource permission declaration information. Only when the verification passes is the original request data processed in a preset isolated environment, ensuring that sensitive information is not directly accessed by the model. Thus, this embodiment achieves closed-loop control of "on-demand authorization, dynamic verification, and secure isolation," effectively preventing unauthorized resource calls and improving the security of the node where the called resource resides.
[0079] In some embodiments, the request data corresponding to the data acquisition request is processed in a preset isolated environment to obtain the data processing result, including: (4.1) If the request permission corresponding to the minimum request is to request data from the local node, the requested data is obtained from the local node according to the data acquisition request, and the requested data is processed in the preset isolation environment to obtain the data processing result; (4.2) If the request permission corresponding to the minimum request is to request data from the remote node, the data acquisition request is sent to the remote node so that the remote node can process the request data corresponding to the data acquisition request in the preset remote isolation environment and obtain the remote data processing result. (4.3) The remote data processing results are processed in a preset isolation environment to obtain the data processing results.
[0080] In some embodiments, if the request permission corresponding to the minimum request is a request to obtain data from a local node, the device directly reads the corresponding request data from the local node according to the data acquisition request, and processes the request data in a preset isolation environment to obtain a data processing result. If the request permission corresponding to the minimum request is a request to obtain data from a remote node, the device sends the data acquisition request to the corresponding remote node, so that the remote node processes the request data in a preset remote isolation environment on its side to generate a remote data processing result.
[0081] The preset remote isolation environment refers to the isolation environment deployed on a remote node. It can be a sandbox, container, or other trusted execution environment. Regardless of whether the target node is a local node or a remote node, its function is to ensure that external data cannot directly expose the original sensitive content to the target model during the processing, and to ensure that all related data operations are completed under limited permissions and monitoring, and only output the data processing results after desensitization, aggregation, or format conversion, thereby effectively preventing data leakage, pollution, or malicious injection.
[0082] Furthermore, after the remote node receives the remote data processing result, the device places the remote data processing result received from the remote node into a local preset isolation environment for further data processing, and finally obtains a data processing result in a unified format.
[0083] It is understandable that regardless of whether the required data resources are located on a local node or a remote node, the device implements a unified permission verification mechanism and isolation processing procedure, achieving consistency and security alignment in "local-remote" permission control. Thus, this embodiment avoids the permission control blind spots caused by bypassing security checks through local calls in traditional methods, and also prevents uncontrollable risks introduced by remote services due to the lack of standardized interfaces.
[0084] In some embodiments, processing the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result further includes: (5.1) Process the request data corresponding to the data acquisition request in a preset isolation environment to obtain the initial data processing result; (5.2) Count the number of append requests received when the request data corresponding to the data acquisition request is processed in the preset isolation environment; (5.3) When the number of additional requests reaches the preset request number threshold, the initial data processing result is updated based on the preset default result to obtain the data processing result.
[0085] In some embodiments, after processing the request data corresponding to the data acquisition request in a preset isolation environment, an initial data processing result is obtained as an intermediate output. This initial data processing result is not directly sent to the target model as the final data processing result. Instead, the number of append requests received during the data processing of the request data corresponding to the data acquisition request in the preset isolation environment is counted after obtaining the initial data processing result. The number of append requests refers to additional data request instructions initiated before the data acquisition request is completed, due to task context updates, user interaction, or model introspection mechanisms.
[0086] It should be noted that since large language modeling tasks typically have explicit and convergent data requirements, when the number of append requests reaches a preset threshold, it is reasonable to infer that the current access behavior is abnormal or potentially malicious. This is because large language modeling tasks usually have explicit and convergent data requirements, and the append requests initiated during a single task execution should be limited and reasonable. If append requests are frequently received during the processing of the same data acquisition request in a preset isolated environment, exceeding the preset threshold, it indicates that the attacker may be conducting probing operations such as unauthorized access through the relevant data transmission channels, or that the attacker is continuously trying to expand the access boundaries through the relevant data transmission channels. Such behavior violates the principle of least privilege and task atomicity, not only consuming a large amount of system resources, but also potentially posing a risk of covert permission enumeration or data leakage of the target node.
[0087] Furthermore, when the number of append requests reaches a preset threshold, it is considered suspicious or malicious behavior, and data expansion is forcibly terminated and restricted output is returned through a preset default result. The preset default result refers to security data pre-set during the initialization or task configuration phase to replace dynamically generated content in abnormal or excessive scenarios. Its form can be a fixed value, an empty field, a placeholder, or a de-identified generic response such as "No supplementary information available" or "Insufficient permissions to obtain more data." The preset default result does not rely on external real-time queries and does not contain sensitive information. Its purpose is to quickly terminate uncertain interactions and ensure data security when risky situations such as the number of append requests exceeding the preset threshold, data processing timeouts, or permission verification failures occur.
[0088] To facilitate understanding, the following complete examples illustrate two instances of the task processing method provided in the embodiments of this application: (1) Taking a 3D printing management server as an example: First, the device clones its source code and documentation, automatically generates an initial manifest, and performs multiple rounds of permission reasoning based on the manifest to confirm that it has the necessary permissions to read and write to the file system, access to network clients, and read environment variables. Then, the runtime verifies and traverses each object in the data acquisition request to confirm that they are all within the scope of the permissions to be granted and there are no unauthorized items. When entering the authorization interaction, the interface or policy engine prompts item by item to verify the data acquisition request. The requests to be verified may include, but are not limited to: whether to allow access to the specified configuration directory, whether to allow writing to the output directory, whether to allow making requests to a specific domain name, and whether to inject various environment variables. When all requests are approved, the sandbox starts: the container mounts the configuration directory as read-only and the output directory as writable, injects the agreed environment variables, and sets a whitelist. During execution, the server completes file reading and writing and printing status query normally, and the audit layer records each slice call and network request. No abnormal mode appears. Finally, since the behavior is consistent with the declaration, the policy loop does not need to be adjusted. This minimum permission configuration can be cached later to accelerate restart.
[0089] (2) Taking the supply chain backdoor as an example: The initial manifest is generated in the same way, but after multiple rounds of reasoning, only its network client access requirements for external APIs are retained, and no reasonable local file write or read requirements are found; the startup preparation lists candidate runtime permissions that only include the target domain name "api.chucknorris.io:443"; if the server attempts to declare additional file write permissions or environment variable access during the verification phase, it is judged as unauthorized and directly rejected by the permission verification; during the authorization interaction, the user only agrees to network access for the single domain name and does not grant file system or environment variable permissions; after the sandbox starts, the container only mounts the code directory as read-only and does not provide any sensitive paths; during execution, when the backdoor logic attempts to read "~ / .ssh / id_rsa" and send it to a non-whitelisted address, it is blocked and recorded as an audit event because of the missing file system permissions (FS) and the domain name is not in ALLOWED_EGRESS. Repeated similar failures trigger an increase in the risk count of the policy module. The closed-loop policy can automatically downgrade the server (e.g., shorten the session, increase manual review) or temporarily block its calls. Users and audit reports can clearly see that the least privilege effectively blocks potential data leakage, thereby verifying the security benefits of the fine-grained control mechanism.
[0090] In step 260, the data processing results are input into the target model so that the target model outputs the task processing results corresponding to the target model task based on the data processing results.
[0091] In some embodiments, the data processing results obtained after authorization verification and security processing are input into the target model, enabling the target model to perform inference or generation based on this controlled, desensitized data content that conforms to the principle of least privilege, thereby outputting task processing results corresponding to the target model's task. Since the input data has been filtered and securely transformed in a preset isolated environment, the target model can only access necessary and compliant information and cannot directly access the original sensitive resources. This ensures the realization of the task function while effectively preventing data leakage or unauthorized use, achieving a synergistic unity of security and utility.
[0092] like Figure 3 As shown, Figure 3 This is a schematic diagram of the module structure of a task processing device provided in an embodiment of this application. The task processing device 300 may include the following modules 310 to 360: The request generation module 310 is used to determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task. The data acquisition request sending module 320 is used to send data acquisition requests to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node. The target resource permission declaration information determination module 330 is used to filter and process the resource permission declaration information based on environmental security risk information to obtain the target resource permission declaration information of the target node; The verification module 340 is used to analyze the data acquisition request based on the target model task, determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request based on the target resource permission declaration information to obtain the verification result. The data processing result generation module 350 is used to process the request data corresponding to the data acquisition request in a preset isolation environment when the verification result is that the request permission matches the target resource permission declaration information, and obtain the data processing result. The data processing result sending module 360 is used to input the data processing results into the target model, so that the target model can output the task processing results corresponding to the target model task based on the data processing results.
[0093] In some embodiments, the target resource permission declaration information determination module 330 is used for: The network risk level of the target node is determined based on environmental safety risk information; Based on the network risk level and the preset environmental security mapping rules, the current prohibited authorization information corresponding to the target node is determined; Based on the current prohibited authorization information, the resource permission declaration information is filtered to obtain the target resource permission declaration information of the target node.
[0094] In some embodiments, the verification module 340 is used for: Semantic analysis is performed on the target model task to determine the target data operation information corresponding to the target model task; Based on the target data operation information and the preset data operation mapping rules, the minimum request required to execute the target model task is determined.
[0095] In some embodiments, the verification module 340 is further configured to: Obtain the historical request processing results between the target model and the target node; Based on historical request processing results, target data operation information, and preset data operation mapping rules, the minimum request required to execute the target model task is determined.
[0096] In some embodiments, the verification module 340 is further configured to: When the verification result shows that the requested permission matches the target resource permission declaration information, permission configuration information is generated based on the target model task and minimum request. The storage permission configuration information is used to process the request data corresponding to the new data acquisition request in a preset isolation environment according to the permission configuration information when the new data acquisition request is the same as the data acquisition request and the new resource permission declaration information is the same as the target resource permission declaration. This results in the data processing of the new data acquisition request. The data processing results corresponding to the new data acquisition request are input into the new model, so that the new model can output the new task processing results corresponding to the new model task based on the new data processing results.
[0097] In some embodiments, the target node includes a local node and a remote node; In some embodiments, the data processing result generation module 350 is used for: If the request permission corresponding to the minimum request is to request data from the local node, the requested data is obtained from the local node according to the data retrieval request, and the requested data is processed in a preset isolation environment to obtain the data processing result; If the minimum request corresponds to the request permission characterization of requesting to obtain data from a remote node, the data acquisition request is sent to the remote node so that the remote node can process the request data corresponding to the data acquisition request in a preset remote isolation environment and obtain the remote data processing result. The remote data processing results are processed in a preset isolated environment to obtain the data processing results.
[0098] In some embodiments, the data processing result generation module 350 is further configured to: The request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the initial data processing result; The number of append requests received when the data acquisition request is processed in a preset isolation environment is counted. When the number of requests reaches the preset request threshold, the initial data processing result is updated based on the preset default result to obtain the data processing result.
[0099] The task processing method, apparatus, electronic device, and storage medium proposed in this application determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task; send the data acquisition request to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node; perform information filtering processing on the resource permission declaration information according to the environmental security risk information to obtain the target resource permission declaration information of the target node; analyze the data acquisition request according to the target model task to determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request according to the target resource permission declaration information to obtain the verification result; when the verification result shows that the request permission matches the target resource permission declaration information, process the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result; input the data processing result into the target model so that the target model outputs the task processing result corresponding to the target model task based on the data processing result.
[0100] This application embodiment dynamically acquires the resource permission declaration information and environmental security risk information of the target node, and verifies the requested permissions in real time based on the principle of least privilege required by the task. This ensures that the target model only accesses necessary resources within the authorized scope, effectively preventing the model from making unauthorized calls to resources. At the same time, data processing is only allowed in the isolated environment when the requested permissions match the authorized scope of the target node. This significantly improves the security of the node where the called resources are located, avoiding security vulnerabilities and illegal access risks caused by static and tightly coupled permission mechanisms. Thus, under the premise of ensuring network security, it supports the target model to complete complex tasks efficiently and compliantly.
[0101] like Figure 4 As shown, Figure 4 This is a schematic diagram of the hardware structure of an electronic device provided in an embodiment of this application. The electronic device includes: The processor 401 can be implemented using a general-purpose CPU, a microprocessor, an application-specific integrated circuit (ASIC), or one or more integrated circuits, and is used to execute relevant programs to implement the technical solutions provided in the embodiments of this application. The memory 402 can be implemented as a read-only memory (ROM), a static storage device, a dynamic storage device, or a random access memory (RAM). The memory 402 can store the operating system and other applications. When the technical solutions provided in the embodiments of this specification are implemented through software or firmware, the relevant program code is stored in the memory 402 and is called by the processor 401 to execute the task processing method of the embodiments of this application. Input / output interface 403 is used to implement information input and output; The communication interface 404 is used to enable communication and interaction between this device and other devices. Communication can be achieved through wired means (such as USB, Ethernet cable, etc.) or wireless means (such as mobile network, WIFI, Bluetooth, etc.). Bus 405 transmits information between various components of the device (e.g., processor 401, memory 402, input / output interface 403, and communication interface 404); The processor 401, memory 402, input / output interface 403 and communication interface 404 are connected to each other within the device via bus 405.
[0102] This application also provides a computer-readable storage medium storing a computer program that, when executed by a processor, implements the above-described task processing method.
[0103] Memory, as a non-transitory computer-readable storage medium, can be used to store non-transitory software programs and non-transitory computer-executable programs. Furthermore, memory may include high-speed random access memory, and may also include non-transitory memory, such as at least one disk storage device, flash memory device, or other non-transitory solid-state storage device. In some embodiments, memory may optionally include memory remotely located relative to the processor, and these remote memories can be connected to the processor via a network. Examples of such networks include, but are not limited to, the Internet, intranets, local area networks, mobile communication networks, and combinations thereof.
[0104] The task processing method, apparatus, electronic device, and storage medium proposed in this application determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task; send the data acquisition request to the corresponding target node and receive resource permission declaration information and environmental security risk information returned by the target node; perform information filtering processing on the resource permission declaration information according to the environmental security risk information to obtain the target resource permission declaration information of the target node; analyze the data acquisition request according to the target model task to determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request according to the target resource permission declaration information to obtain the verification result; when the verification result shows that the request permission matches the target resource permission declaration information, process the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result; input the data processing result into the target model so that the target model outputs the task processing result corresponding to the target model task based on the data processing result.
[0105] This application embodiment dynamically acquires the resource permission declaration information and environmental security risk information of the target node, and verifies the requested permissions in real time based on the principle of least privilege required by the task. This ensures that the target model only accesses necessary resources within the authorized scope, effectively preventing the model from making unauthorized calls to resources. At the same time, data processing is only allowed in the isolated environment when the requested permissions match the authorized scope of the target node. This significantly improves the security of the node where the called resources are located, avoiding security vulnerabilities and illegal access risks caused by static and tightly coupled permission mechanisms. Thus, under the premise of ensuring network security, it supports the target model to complete complex tasks efficiently and compliantly.
[0106] The embodiments described in this application are for the purpose of more clearly illustrating the technical solutions of the embodiments of this application, and do not constitute a limitation on the technical solutions provided by the embodiments of this application. As those skilled in the art will know, with the evolution of technology and the emergence of new application scenarios, the technical solutions provided by the embodiments of this application are also applicable to similar technical problems.
[0107] Those skilled in the art will understand that the technical solutions shown in the figures do not constitute a limitation on the embodiments of this application, and may include more or fewer steps than shown, or combine certain steps, or different steps.
[0108] The device embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs.
[0109] Those skilled in the art will understand that all or some of the steps in the methods disclosed above, as well as the functional modules / units in the systems and devices, can be implemented as software, firmware, hardware, or suitable combinations thereof.
[0110] The terms “first,” “second,” “third,” “fourth,” etc. (if present) in the specification and accompanying drawings of this application are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of this application described herein can be implemented in orders other than those illustrated or described herein. Furthermore, the terms “comprising” and “having,” and any variations thereof, are intended to cover non-exclusive inclusion; for example, a process, method, system, product, or apparatus that comprises a series of steps or units is not necessarily limited to those steps or units explicitly listed, but may include other steps or units not explicitly listed or inherent to such processes, methods, products, or apparatus.
[0111] It should be understood that in this application, "at least one (item)" means one or more, and "more than" means two or more. "And / or" is used to describe the relationship between related objects, indicating that three relationships can exist. For example, "A and / or B" can represent three cases: only A exists, only B exists, and both A and B exist simultaneously, where A and B can be singular or plural. The character " / " generally indicates that the preceding and following related objects are in an "or" relationship. "At least one (item) of the following" or similar expressions refer to any combination of these items, including any combination of single or plural items. For example, at least one (item) of a, b, or c can represent: a, b, c, "a and b", "a and c", "b and c", or "a and b and c", where a, b, and c can be single or multiple.
[0112] In the several embodiments provided in this application, it should be understood that the disclosed apparatus and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of the units described above is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between apparatuses or units may be electrical, mechanical, or other forms.
[0113] The units described above as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0114] Furthermore, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit. The integrated unit can be implemented in hardware or as a software functional unit.
[0115] If the integrated unit is implemented as a software functional unit and sold or used as an independent product, it can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of this application, in essence, or the part that contributes to the prior art, or all or part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes multiple instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods of the various embodiments of this application. The aforementioned storage medium includes various media capable of storing programs, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.
[0116] The preferred embodiments of the present application have been described above with reference to the accompanying drawings, but this does not limit the scope of the claims of the present application. Any modifications, equivalent substitutions, and improvements made by those skilled in the art without departing from the scope and substance of the embodiments of the present application shall be within the scope of the claims of the present application.
Claims
1. A task processing method, characterized in that, include: Determine the target model task corresponding to the target model, and generate a data acquisition request corresponding to the target model task; Send the data acquisition request to the corresponding target node, and receive the resource permission declaration information and environmental security risk information returned by the target node; Based on the environmental safety risk information, the resource permission declaration information is filtered to obtain the target resource permission declaration information of the target node; The data acquisition request is analyzed based on the target model task to determine the minimum request required to execute the target model task. The request permission corresponding to the minimum request is verified based on the target resource permission declaration information to obtain the verification result. When the verification result shows that the requested permission matches the target resource permission declaration information, the request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the data processing result; The data processing results are input into the target model so that the target model outputs the task processing results corresponding to the target model task based on the data processing results.
2. The task processing method according to claim 1, characterized in that, The step of filtering the resource permission declaration information based on the environmental security risk information to obtain the target resource permission declaration information of the target node includes: The network risk level of the target node is determined based on the environmental security risk information. Based on the network risk level and the preset environmental security mapping rules, the current prohibited authorization information corresponding to the target node is determined; Based on the current prohibited authorization information, the resource permission declaration information is filtered to obtain the target resource permission declaration information of the target node.
3. The task processing method according to claim 1, characterized in that, The step of analyzing the data acquisition request based on the target model task to determine the minimum request required to execute the target model task includes: Semantic analysis is performed on the target model task to determine the target data operation information corresponding to the target model task; Based on the target data operation information and the preset data operation mapping rules, the minimum request required to execute the target model task is determined.
4. The task processing method according to claim 3, characterized in that, The step of determining the minimum request required to execute the target model task based on the target data operation information and preset data operation mapping rules includes: Obtain the historical request processing results between the target model and the target node; Based on the historical request processing results, the target data operation information, and the preset data operation mapping rules, the minimum request required to execute the target model task is determined.
5. The task processing method according to claim 1, characterized in that, After obtaining the verification result, the following is also included: When the verification result indicates that the requested permission matches the target resource permission declaration information, permission configuration information is generated based on the target model task and the minimum request. The permission configuration information is stored. When a new data acquisition request corresponding to a new model is obtained again and is the same as the data acquisition request, and the new resource permission declaration information is obtained again and is the same as the target resource permission declaration, the request data corresponding to the new data acquisition request is processed in a preset isolation environment according to the permission configuration information to obtain the data processing result corresponding to the new data acquisition request. The data processing result corresponding to the new data acquisition request is input into the new model, so that the new model outputs the new task processing result corresponding to the new model task based on the new data processing result.
6. The task processing method according to claim 1, characterized in that, The target nodes include local nodes and remote nodes; The step of processing the request data corresponding to the data acquisition request in a preset isolated environment to obtain the data processing result includes: If the request permission corresponding to the minimum request is to request data from the local node, the request data is obtained from the local node according to the data acquisition request, and the request data is processed in a preset isolation environment to obtain the data processing result. If the request permission corresponding to the minimum request is a request to obtain data from the remote node, the data acquisition request is sent to the remote node so that the remote node processes the request data corresponding to the data acquisition request in a preset remote isolation environment to obtain the remote data processing result. The remote data processing results are processed in a preset isolated environment to obtain the data processing results.
7. The task processing method according to claim 1, characterized in that, The step of processing the request data corresponding to the data acquisition request in a preset isolation environment to obtain the data processing result further includes: The request data corresponding to the data acquisition request is processed in a preset isolation environment to obtain the initial data processing result; The number of append requests received when the data acquisition request is processed in a preset isolation environment is counted. When the number of additional requests reaches a preset request count threshold, the initial data processing result is updated based on the preset default result to obtain the data processing result.
8. A task processing device, characterized in that, include: The request generation module is used to determine the target model task corresponding to the target model and generate a data acquisition request corresponding to the target model task. The data acquisition request sending module is used to send the data acquisition request to the corresponding target node and receive the resource permission declaration information and environmental security risk information returned by the target node. The target resource permission declaration information determination module is used to perform information filtering processing on the resource permission declaration information based on the environmental security risk information to obtain the target resource permission declaration information of the target node. The verification module is used to analyze the data acquisition request according to the target model task, determine the minimum request required to execute the target model task, and verify the request permission corresponding to the minimum request according to the target resource permission declaration information to obtain the verification result. The data processing result generation module is used to process the request data corresponding to the data acquisition request in a preset isolation environment when the verification result is that the request permission matches the target resource permission declaration information, and obtain the data processing result. The data processing result sending module is used to input the data processing result into the target model, so that the target model outputs the task processing result corresponding to the target model task based on the data processing result.
9. An electronic device, characterized in that, The electronic device includes a memory and a processor, the memory storing a computer program, and the processor executing the computer program to implement the task processing method according to any one of claims 1 to 7.
10. A computer-readable storage medium storing a computer program, characterized in that, When the computer program is executed by the processor, it implements the task processing method according to any one of claims 1 to 7.