Large model data scheduling method and system based on semantic permission disassembly

By decomposing user input into semantic blocks and combining identity information and context detection, the problem of coarse-grained permissions and semantic information leakage in large model data scheduling is solved, and fine-grained permission verification and dynamic response are realized, improving the security and compliance of data interaction.

CN122240649APending Publication Date: 2026-06-19INSPUR TIANYUAN COMM INFORMATION SYST CO LTD

Patent Information

Authority / Receiving Office
CN · China
Patent Type
Applications(China)
Current Assignee / Owner
INSPUR TIANYUAN COMM INFORMATION SYST CO LTD
Filing Date
2026-01-27
Publication Date
2026-06-19

AI Technical Summary

Technical Problem

The existing ChatBI system suffers from problems such as coarse-grained permissions, unclear inheritance of contextual permissions, and uncontrollable risk of semantic information leakage in large model data scheduling, resulting in insufficient security and compliance.

Method used

By breaking down user-input natural language query requests into multiple semantic blocks, determining the scope of permissions based on user identity information, performing permission verification and differential processing on each semantic block, generating an executable query chain, and combining a contextual permission residual table and semantic similarity detection, a dynamic response strategy and chain auditing are implemented.

Benefits of technology

It enables fine-grained permission verification for natural language query requests, effectively identifies and avoids implicit unauthorized access risks, improves the security and controllability of large-scale model data interaction scenarios, ensures data compliance and availability, and provides a flexible management and control mechanism, suitable for intelligent applications in multi-department data sharing and high compliance fields within enterprises.

✦ Generated by Eureka AI based on patent content.

Smart Images

  • Figure CN122240649A_ABST
    Figure CN122240649A_ABST
Patent Text Reader

Abstract

This invention provides a method and system for large-scale model data scheduling based on semantic permission decomposition, relating to the interdisciplinary fields of artificial intelligence semantic understanding and data permission control. The method includes: decomposing a user query request into multiple semantic blocks; determining the accessible permission range, performing permission verification on each semantic block, and determining the execution status of each semantic block; performing differentiated processing on each semantic block based on the execution status; generating an executable query chain based on the differentiated semantic blocks; performing data scheduling based on the executable query chain; and feeding back the data scheduling results to the large-scale model. The method and system provided by this invention, by decomposing query requests, verifying the permissions and risks of semantic blocks to obtain the execution status, and implementing dynamic response strategies based on the execution status, achieves fine-grained permission verification for natural language query requests, significantly improving the security, compliance, and controllability of large-scale models in data interaction scenarios.
Need to check novelty before this filing date? Find Prior Art

Description

Technical Field

[0001] This invention relates to the interdisciplinary field of artificial intelligence semantic understanding and data access control, and in particular to a large model data scheduling method and system based on semantic access decomposition. Background Technology

[0002] With the widespread application of Large Language Models (LLMs) in natural language processing, data analytics, and intelligent question answering, enterprises are increasingly using Chat Business Intelligence (ChatBI), a data-driven question-and-answer system based on large models, to integrate unstructured language requests with internal structured data, thereby improving data utilization efficiency and business insights. Especially in data-sensitive industries such as government, finance, and healthcare, intelligent question answering has become a crucial interface connecting decision-makers with data systems.

[0003] However, current ChatBI and related large model scheduling platforms generally have many shortcomings. Existing large model data interaction systems typically use traditional database-level static access control models. This deterministic rule-based management approach is difficult to adapt to the flexible and ever-changing natural language interaction characteristics of large language models. As a result, it is difficult to establish clear security boundaries when facing complex combined queries or model associative reasoning. Unexpected unauthorized access risks can easily arise from the accumulation of context in multiple rounds of interaction. Furthermore, traditional auditing methods that only record underlying data execution logs are insufficient to meet the needs of tracing and supervising compliance of natural language level interactions.

[0004] Therefore, how to improve the security, controllability, and compliance of large models in data scheduling scenarios has become a technical problem that the industry urgently needs to solve. Summary of the Invention

[0005] This invention provides a large model data scheduling method and system based on semantic permission decomposition, which solves the problems of excessively coarse permission granularity, unclear inheritance of context permissions, and uncontrollable risk of semantic information leakage in existing ChatBI systems, thereby improving the security, controllability, and compliance of large models in data scheduling scenarios.

[0006] This invention provides a method for scheduling large model data based on semantic permission decomposition, including: Decompose the natural language query request entered by the user into multiple semantic blocks; Based on the user's identity information, the scope of accessible permissions is determined. Based on the scope of permissions, permission verification is performed on each semantic block to determine the execution status of each semantic block. Based on the execution state of each semantic block, each semantic block is processed differently; Based on the differentiated semantic blocks, an executable query chain is generated, data scheduling is performed based on the executable query chain, and the results of the data scheduling are fed back to the large model to generate an answer.

[0007] In some embodiments, the execution state includes at least one of no exception, partial privilege escalation, potential privilege escalation, and complete privilege escalation; The differentiated processing of each semantic block based on its execution state includes: When the execution state of the semantic block is partially unauthorized or potentially unauthorized, a de-identification process is performed; the de-identification process includes field-level masking and / or result aggregation; When the execution state of the semantic block is completely unauthorized, the execution interruption process is executed, and a rejection feedback containing explanatory information is generated; Semantic blocks that have undergone the aforementioned desensitization or interruption processing are marked as processed.

[0008] In some embodiments, before performing data scheduling based on the executable query chain and feeding the results of the data scheduling back to the large model to generate a response, the method further includes: Obtain the context permission residual table; the context permission residual table records the historical semantic blocks that have been executed in the historical dialogue; Each newly generated semantic block is matched with a historical semantic block in the context permission residual table; When any semantic block matches a historical semantic block that is marked as processed, the user's access permissions are re-acquired and a forced re-verification is performed. The execution status of any semantic block is updated, and the executable query link is regenerated based on the updated semantic block.

[0009] In some embodiments, before performing data scheduling based on the executable query chain and feeding the results of the data scheduling back to the large model to generate a response, the method further includes: The natural language query request is processed to obtain the current semantic vector; Calculate the semantic similarity between the current semantic vector and the historical semantic vector; When the semantic similarity is lower than a preset threshold, a security response strategy is executed. The security response strategy includes blocking all inheritance relationships of the current natural language query request to the historical session context, and processing the natural language query request as an independent session task.

[0010] In some embodiments, the method further includes: A unique hash value is generated for the execution state, the differentiated processing action used, and the final execution result of each semantic block; The hash values ​​are concatenated in the execution order to generate an immutable chain fingerprint, which is then written to the security audit log.

[0011] In some embodiments, determining the accessible permission scope based on the user's identity information, performing permission verification on each semantic block based on the permission scope, and determining the execution status of each semantic block includes: Identify the data source associated with the semantic block; When the semantic block is associated across multiple heterogeneous data sources or multiple organizational boundaries, the access control policies corresponding to each data source associated with the semantic block are retrieved respectively to generate a cross-domain access check chain. Based on the cross-domain access check chain, the permissions of the semantic block are merged and evaluated to determine the execution status of the semantic block.

[0012] This invention provides a large-scale model data scheduling system based on semantic permission decomposition, comprising: The decomposition module is used to decompose the natural language query request input by the user into multiple semantic blocks; The permission mapping module is used to determine the scope of accessible permissions based on the user's identity information, perform permission verification on each semantic block based on the permission scope, and determine the execution status of each semantic block. A dynamic response module is used to perform differentiated processing on each semantic block based on the execution state of each semantic block; The scheduling module is used to generate an executable query link based on the differentiated semantic block, perform data scheduling based on the executable query link, and feed the data scheduling result back to the large model to generate an answer.

[0013] The present invention provides an electronic device, including a memory, a processor, and a computer program stored in the memory and running on the processor, wherein the processor executes the computer program to implement the large model data scheduling method based on semantic permission decomposition.

[0014] The present invention provides a non-transitory computer-readable storage medium having a computer program stored thereon, wherein the computer program, when executed by a processor, implements the large model data scheduling method based on semantic permission decomposition.

[0015] The present invention also provides a computer program product, including a computer program that, when executed by a processor, implements the large model data scheduling method based on semantic permission decomposition.

[0016] The large-scale model data scheduling method and system based on semantic permission decomposition provided by this invention introduces a semantic unit-level decomposition mechanism during the natural language input parsing stage and performs multi-dimensional mapping by combining user identity and data source, thereby achieving fine-grained permission verification for natural language query requests. Compared with traditional static control based on table or field level, it can effectively identify and avoid implicit privilege escalation risks in combined queries, significantly improving the security and inference controllability of large models in data interaction scenarios. By implementing differentiated dynamic response strategies based on the execution status of semantic blocks, it maximizes the preservation of data business value while ensuring data security, realizing a flexible management mechanism that balances security compliance and data availability. This not only enhances the security boundary awareness capability when sharing data among multiple departments and at multiple levels within an enterprise, but also provides a sustainable evolutionary technical guarantee for the intelligent application of large models in highly compliant fields such as finance, healthcare, and government. Attached Figure Description

[0017] The accompanying drawings, which are incorporated in and form part of this specification, illustrate embodiments consistent with the invention and, together with the description, serve to explain the principles of the invention.

[0018] To more clearly illustrate the technical solutions in this invention or the prior art, the drawings used in the description of the embodiments or the prior art will be briefly introduced below. Obviously, the drawings described below are some embodiments of this invention. For those skilled in the art, other drawings can be obtained from these drawings without creative effort.

[0019] Figure 1 This is a flowchart illustrating the large model data scheduling method based on semantic permission decomposition provided by the present invention.

[0020] Figure 2 This is a system workflow diagram of the overall technical solution of the large model data scheduling method based on semantic permission decomposition provided by the present invention.

[0021] Figure 3 This is a schematic diagram of the structure of the large model data scheduling system based on semantic permission decomposition provided by the present invention.

[0022] Figure 4 This is a schematic diagram of the structure of the electronic device provided by the present invention. Detailed Implementation

[0023] To enable those skilled in the art to better understand the present invention, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings of the embodiments of the present invention. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort should fall within the scope of protection of the present invention.

[0024] It should be noted that the terms "first," "second," etc., used in this invention are used to distinguish similar objects and are not necessarily used to describe a specific order or sequence. It should be understood that such data can be interchanged where appropriate so that the embodiments of the invention described herein can be implemented in orders other than those illustrated or described herein. Furthermore, the terms "comprising" and "having," and any variations thereof, are intended to cover non-exclusive inclusion; for example, a process, method, system, product, or device that comprises a series of steps, units, or modules is not necessarily limited to those explicitly listed, but may include other steps, units, or modules not explicitly listed or inherent to such processes, methods, products, or devices.

[0025] Figure 1 This is a flowchart illustrating the large-model data scheduling method based on semantic permission decomposition provided by the present invention, as shown below. Figure 1 As shown, the method includes steps 110, 120, 130 and 140.

[0026] Step 110: Decompose the natural language query request entered by the user into multiple semantic blocks.

[0027] Specifically, the execution entity of the large model data scheduling method based on semantic permission decomposition provided in this embodiment of the invention is a large model data scheduling system based on semantic permission decomposition. This system can be implemented in software, such as a large model data scheduling program based on semantic permission decomposition running on a computer; or it can be implemented in hardware, such as a computer or server executing the large model data scheduling method based on semantic permission decomposition.

[0028] Current ChatBI and related large model scheduling platforms generally have significant shortcomings: the granularity of access control is too coarse, making it difficult to cope with complex semantic structures; there is a lack of context-sensitive permission inheritance management mechanisms; they cannot dynamically respond to unauthorized behavior in model-generated content; and the audit and compliance mechanisms lack semantic tracking and interpretation capabilities.

[0029] Most existing systems rely on database-level access control (such as authorization rules based on tables, fields, or roles), which can only impose static restrictions on explicitly accessed objects and lack the ability to understand and recognize implicit intentions in natural language. When user input queries contain semantic fragments that involve multiple linked fields, strong reasoning, or indirect references, the system cannot determine whether sensitive information is being leaked, resulting in a "semantic layer privilege escalation" problem.

[0030] In multi-turn dialogue scenarios, large models automatically associate historical context with responses. Existing permission systems often fail to track and refresh the permission status left over from the dialogue, resulting in desensitized or rejected content being "bypassively" re-acquired in subsequent rounds, forming implicit permission inheritance and risk accumulation, increasing the possibility of data leakage.

[0031] Large models possess strong generalization and reasoning capabilities. When faced with ambiguous or unauthorized semantics, they may make reasonable guesses based on training knowledge and context, generating unexpected sensitive information. Currently, most systems cannot perform "semantic-level" risk interception and desensitization processing on these output contents, resulting in a lack of boundary control capabilities in the model's reasoning chain.

[0032] After a permission conflict or data leak occurs, existing systems can only audit based on database access logs, making it difficult to reconstruct the permission determination process of each semantic fragment in natural language. They lack an "interpretable semantic-permission chain," thus hindering compliance analysis and risk review of large model behavior.

[0033] To address the aforementioned issues, this invention proposes a method based on a five-layer architecture: "Natural Language Parsing and Semantic Block Generation Layer - Permission Mapping and Sensitivity Assessment Layer - Dynamic Response and Desensitization Strategy Execution Layer - Context Awareness and Intent Drift Detection Layer - Chain Audit and Closed-Loop Compliance Management Layer." This method decomposes permissions and performs secure scheduling for the semantic interaction process of large models, filling the technical gaps in "semantic-level permission control, context inheritance management, dynamic response execution, and chain compliance audit." It solves problems such as overly coarse permission granularity, unclear context permission inheritance, and uncontrollable semantic information leakage risks in existing ChatBI systems, improving the security, controllability, and compliance of large models in data scheduling scenarios. This method can be widely applied to multi-departmental data decentralization scenarios in enterprises.

[0034] In this embodiment of the invention, the semantic block generation process is based on syntactic tree analysis, entity mapping, and a domain dictionary, supporting the breakdown of a complex query instruction into the smallest executable task unit. The workflow begins with the user inputting a natural language query through the ChatBI platform, which may be a complex combined analysis request or a process of gradually adding filtering conditions over multiple rounds of dialogue. The system works collaboratively with a pre-trained language model and a dedicated intent parsing engine. The parsing engine first preprocesses the text, including removing stop words, filtering special symbols, and Chinese word segmentation. Subsequently, it uses part-of-speech tagging technology to identify nouns, verbs, adjectives, and quantifiers in the text, providing basic features for subsequent semantic recognition.

[0035] Based on lexical analysis, the system invokes a syntactic analysis model (such as a dependency parser) to construct a syntactic tree, identifying subject-verb-object structures and modification relationships in sentences. Simultaneously, it combines a pre-built domain knowledge graph or business data dictionary to perform named entity recognition. The system will identify core entities in the request (e.g., table names, business metrics such as "sales revenue" and "salary"), operational intents (e.g., "query," "statistics," and "comparison"), filtering conditions (e.g., "R&D department," "2024," and "greater than"), and logical connectors (e.g., "and," "or," and "remove").

[0036] Based on the above analysis, the system breaks down the complete query request into multiple independent semantic blocks according to the "least privilege granularity". Each semantic block is not just a raw text fragment, but a structured object containing rich metadata.

[0037] In this embodiment of the invention, each semantic block is bound to a corresponding semantic intent, target field, data entity, and inference risk label. A standard semantic block's data structure can include original text, semantic type, mapping entity, contextual dependencies, and initial sensitivity and inference risk labels automatically assigned by the system. The original text refers to the corresponding text of the block in the original sentence. The semantic type identifies the block's attributes, such as "target field," "filtering condition," "aggregate function," or "time dimension." The mapping entity refers to the specific table name or field name in the database corresponding to the block. Contextual dependencies record the relationship between the block and other blocks (e.g., a "belongs to" relationship, indicating that "salary" belongs to the "R&D department").

[0038] For example, a complex combined query might be broken down into three parts: "total personnel salary", "filter for specific departments", and "filter for annual intervals".

[0039] It should be noted that if there are ambiguous or undefined fragments in the input, the parser will prompt the user to supplement the information in the dialogue to ensure the structural integrity of the semantic block.

[0040] Once the semantic blocks are segmented, they will form a preliminary query chain, carrying dependencies and the execution order of upstream and downstream components, providing the smallest operable unit for subsequent permission checks.

[0041] By using semantic blocks, the system can provide the smallest targetable unit for subsequent access control, which not only preserves the complete intent of the original instruction, but also provides a structured semantic support for fine-grained access control decomposition, avoiding "black box full call" during large model inference.

[0042] Compared to existing static access control based solely on fields or tables, the semantic permission decomposition method effectively identifies implicit privilege escalation, contextual remnants, and intent drift risks in multi-turn dialogues, and performs real-time desensitization, downgrading, or interruption processing to minimize unintentional or malicious information leakage in generative question answering. Figure 2 This is a system workflow diagram of the overall technical solution of the large model data scheduling method based on semantic permission decomposition provided by the present invention, as shown in the figure. Figure 2 As shown in the flowchart, this process flow details the entire processing logic from user natural language input to the generation of the final secure response: First, the system uses a semantic parsing engine to break down the user's natural language query into the smallest semantic blocks with dependencies; then, it enters the permission mapping and multi-dimensional evaluation stage, combining user identity, data source policies, and historical context remnants to perform fine-grained permission setting and reasoning risk assessment for each semantic block; next, based on the assessment results, a dynamic response mechanism is triggered to generate a secure query chain that includes de-identification, aggregation, or blocking actions, and intent drift and implicit unauthorized access are monitored in real time during execution; finally, while completing compliant data scheduling, an immutable chained audit log is generated, and the purified data results are fed back to the large model to generate the final response.

[0043] Step 120: Based on the user's identity information, determine the scope of accessible permissions; based on the scope of permissions, perform permission verification on each semantic block, and determine the execution status of each semantic block.

[0044] Specifically, after the semantic block is generated, the generated semantic block chain enters the permission mapping process. This step calls the permission management module to read the current user's identity, role, organizational unit, and access scope of the data source, and compares the contextual legacy information from multiple rounds of sessions to obtain complete and valid permissions.

[0045] The system first obtains the current user's identity identifier through the session context or Application Programming Interface (API) request header. Based on this identifier, the system interacts with the enterprise's unified identity authentication system to obtain the user's basic attributes (such as department and job level) and role tags (such as "financial manager" or "general R&D staff"). Simultaneously, the system loads a set of access control policies associated with the user's identity. In this embodiment of the invention, the access control policies not only support role-based access control, but preferably also attribute-based access control. For example, the policy set might contain the rule: "Users with the role 'HR,' i.e., Human Resources, can only access the 'salary field' during 'working hours.'"

[0046] After determining the scope of accessible permissions based on the user's identity information, the system will check whether the corresponding fields or indicators are within the user's accessible range for each semantic block, and combine the configured risk tags to determine whether there is any possibility of unauthorized access through implicit reasoning.

[0047] The system iterates through each semantic block generated based on the current user's query request, comparing its mapped entities with the policy set. This involves not only row- and column-level database permission checks but also considering the semantic block's own inference risk level and contextual remnants to identify which semantic blocks, although not directly calling sensitive fields, might be implicitly inferred and associated in multiple rounds of context, thus marking them as "potentially unauthorized blocks." For example, even if the user doesn't directly query "employee's personal salary," but it can be indirectly derived by combining multiple indicators, this semantic block will be marked as "potentially unauthorized." For these potentially risky blocks, the system dynamically assesses whether further restrictions, downgrades, or splits are needed.

[0048] In other words, the verification process includes data entity-level verification, i.e., row and column-level permissions, and inference risk and combination verification. The system checks whether the user has permission to access the "table" or "field" corresponding to the semantic block. For example, if the semantic block is mapped to Table: Salary, but the user's policy set shows no "Read" permission for that table, it is determined to be an unauthorized access. At the same time, the system also verifies the row-level data range. For example, although the user can access the "Orders Table," the policy restricts them to accessing only data in "Region = 'Beijing'." If the filter condition in the semantic block is "Region = 'Shanghai'," it is determined to be a range conflict. In addition to single field verification, the system also assesses the combination risk between semantic blocks. Some semantic blocks are harmless when accessed individually, but may leak sensitive information when combined. The system will mark the risk of such combinations based on a preset privacy inference rule base.

[0049] After the above multi-dimensional verification, the system determines a specific execution state for each semantic block. To facilitate subsequent differentiated processing, this embodiment of the invention divides the execution state into no exception, partial privilege violation, potential privilege violation, and complete privilege violation.

[0050] Step 130: Based on the execution state of each semantic block, perform differentiated processing on each semantic block.

[0051] Specifically, the permission status and risk level of each semantic block are verified. After determining the execution status of each semantic block, a dynamic response phase begins. Based on these different execution statuses, i.e., compliance levels, subsequent data query and generation strategies are dynamically adjusted. Unlike traditional systems that directly throw exceptions, this embodiment of the invention employs a strategy combining flexible degradation and rigid blocking. The system traverses all semantic blocks, matches their marked execution status against a preset security response rule base, and performs differentiated processing on each semantic block, taking differentiated measures such as maintaining the original state, data transformation, or logical interruption, thereby maximizing the usability of user intent while ensuring a bottom line of security.

[0052] Step 140: Based on the semantic blocks after differential processing, generate an executable query link, perform data scheduling based on the executable query link, and feed the results of the data scheduling back to the large model to generate an answer.

[0053] Specifically, after permission verification, dynamic response, and context detection are completed, the system generates and executes an executable semantic block chain. Large model inference generates a final readable answer or an executable query script based on the anonymized status and security markers, and returns it to the user. For interrupted or downgraded parts, the generated results will include explanatory hints to ensure the user understands the source of the restrictions.

[0054] In this embodiment of the invention, the system reassembles fragmented semantic blocks into a computer-executable instruction sequence based on the dependencies between them and their processed states, thus enabling the execution of a query chain. The generated executable query chain is then executed to interact with heterogeneous backend data sources. If the query chain includes cross-database operations, data returned from different data sources can be merged at the memory level. Finally, the system combines the "data scheduling result" with the "semantic block processing status flag" and sends it to the large language model to generate a natural language response, which is then fed back to the end user.

[0055] The large-scale model data scheduling method based on semantic permission decomposition provided in this invention introduces a semantic unit-level decomposition mechanism during the natural language input parsing stage and performs multi-dimensional mapping by combining user identity and data source, thereby achieving fine-grained permission verification for natural language query requests. Compared with traditional static control based on table or field level, it can effectively identify and avoid implicit privilege escalation risks in combined queries, significantly improving the security and reasoning controllability of large models in data interaction scenarios. By implementing differentiated dynamic response strategies based on the execution status of semantic blocks, it maximizes the preservation of data business value while ensuring data security, realizing a flexible management mechanism that balances security compliance and data availability. This not only enhances the security boundary awareness capability when sharing data among multiple departments and at multiple levels within an enterprise, but also provides a sustainable evolutionary technical guarantee for the intelligent application of large models in highly compliant fields such as finance, healthcare, and government.

[0056] In some embodiments, the execution state includes at least one of no exception, partial privilege escalation, potential privilege escalation, and complete privilege escalation; The differentiated processing of each semantic block based on its execution state includes: When the execution state of the semantic block is partially unauthorized or potentially unauthorized, a de-identification process is performed; the de-identification process includes field-level masking and / or result aggregation; When the execution state of the semantic block is completely unauthorized, the execution interruption process is executed, and a rejection feedback containing explanatory information is generated; Semantic blocks that have undergone the aforementioned desensitization or interruption processing are marked as processed.

[0057] Specifically, in this embodiment of the invention, the execution state is divided into four categories: no exception, partial privilege escalation, potential privilege escalation, and complete privilege escalation. Semantic blocks are processed differently for each execution state.

[0058] If the semantic block status is "no anomaly", the system will not intervene, but will retain the original mapping relationship and query conditions of the semantic block and allow it to enter the subsequent link generation stage.

[0059] When the execution status of a semantic block is determined to be partially unauthorized (e.g., user permissions only cover some fields or specific precision) or potentially unauthorized (e.g., there is a risk of inference), the system does not directly reject the query, but automatically activates the de-identification engine to perform de-identification processing.

[0060] In this embodiment of the invention, the desensitization process includes, but is not limited to, two methods: field-level masking and result aggregation. Field-level masking specifically refers to the system maintaining the query structure of the semantic block while applying masking rules to sensitive fields in the returned results. Result aggregation refers to the system rewriting the semantic block when a user has permission to view detailed data but not statistical data, transforming the detailed query into an aggregated query. For example, if the original semantic block intended to "list all people's specific salaries," the system dynamically replaces it with "calculate the average salary" or "return the salary range." This approach protects privacy while also meeting the user's need to analyze data distribution trends.

[0061] Users can also initiate permission upgrade requests for rejected or de-identified semantic blocks during the session, and the system will re-execute the permission mapping after approval.

[0062] When the execution status of a semantic block is determined to be completely unauthorized, such as when a user attempts to access a core confidential table or explicitly denied data, the system will execute an interruption. In this case, the system will discard the query command corresponding to the semantic block and generate a rejection feedback containing explanatory information. Alternatively, the system can provide an interface for requesting additional approval; if the user agrees to the adjustment, the platform will regenerate a secure and executable semantic block combination chain.

[0063] Throughout the process, all response actions are marked in the execution plan, ensuring that even with multiple rounds of dialogue, the model will not re-execute unauthorized reasoning on desensitized or interrupted blocks, thus blocking the information leakage risk caused by the "associative splicing" of generative large models.

[0064] In this embodiment of the invention, the system explicitly marks all semantic blocks that have undergone the aforementioned desensitization or interruption processing as "processed". This marking is not only used to inform the large language model in subsequent steps that "this is processed data, please answer based on this fact", preventing the model from developing illusions; at the same time, this marking is also written into the context permission residual table to prevent permission bypassing in subsequent multi-turn dialogues.

[0065] The large model data scheduling method based on semantic permission decomposition provided in this invention implements a "availability degradation" security strategy through this differentiated processing mechanism, solving the technical problem of how to achieve a balance between compliance red lines and user experience in large model applications.

[0066] In some embodiments, before performing data scheduling based on the executable query chain and feeding the results of the data scheduling back to the large model to generate a response, the method further includes: Obtain the context permission residual table; the context permission residual table records the historical semantic blocks that have been executed in the historical dialogue; Each newly generated semantic block is matched with a historical semantic block in the context permission residual table; When any semantic block matches a historical semantic block that is marked as processed, the user's access permissions are re-acquired and a forced re-verification is performed. The execution status of any semantic block is updated, and the executable query link is regenerated based on the updated semantic block.

[0067] Specifically, multi-turn dialogues are the norm in generative ChatBI. During multi-turn dialogues, users may repeatedly mention or indirectly invoke previously restricted semantic blocks in new inputs. Therefore, this system is specifically designed with a context-aware mechanism to maintain the residual permission state of the session in real time. New inputs in each dialogue turn are aligned and compared with historical dialogues to identify whether there is any situation where the automatic inheritance of permission context exceeds the scope. When excessive inheritance is detected, automatic permission refresh is performed to re-retrieve the user's valid identity information, preventing implicit permission drift.

[0068] In this embodiment of the invention, the system maintains a residual context permission table in memory or cache. This residual context permission table is used to match the semantic blocks parsed from new input. If it is found that a user attempts to bypass or repeatedly combine restricted blocks using dialogue, the system will re-retrieve the user's permissions in real time and force a re-verification to prevent implicit privilege escalation caused by accumulated permission drift. This table is initialized when a user session is created and is updated in real time with each round of dialogue, recording the historical semantic blocks that have been parsed and executed in the historical dialogue and their final states.

[0069] When a user initiates a new query, the system generates a new semantic block, but does not execute it immediately. Instead, it first enters the residual matching stage. The system iterates through each newly generated semantic block and compares it with the records in the residual table. It should be noted that this matching includes not only simple text matching but also semantic entity alignment.

[0070] When any new semantic block matches a historical semantic block marked as "processed" (meaning it was previously anonymized or rejected), the system recognizes that the user may be attempting to exploit the contextual understanding capabilities of the large model to bypass previous restrictions, such as through indirect questioning or rephrasing. In this case, the system triggers a forced re-verification process: First, it does not use temporary permission credentials cached in the session; then, it reconnects to the permission center to obtain the user's latest permitted access range; next, based on the latest permissions, it rigorously re-evaluates the semantic block. Typically, since the intent was previously rejected, this forced verification will again confirm it as "completely unauthorized" or requiring "anonymization"; finally, it updates the execution status of the semantic block, for example, changing it from the default "no anomaly" to "completely unauthorized," and regenerates an executable query chain based on this status.

[0071] The large model data scheduling method based on semantic permission decomposition provided in this invention identifies whether there is an out-of-scope automatic inheritance of permission context by aligning and comparing the new inputs in each round of dialogue with the historical dialogues, and performs automatic permission refresh when out-of-scope inheritance is detected. This effectively blocks "multi-round dialogue attacks" and ensures that the security of each round of dialogue is independent and explicitly confirmed, and that the security policy will not fail due to the continuity of the context.

[0072] In some embodiments, before performing data scheduling based on the executable query chain and feeding the results of the data scheduling back to the large model to generate a response, the method further includes: The natural language query request is processed to obtain the current semantic vector; Calculate the semantic similarity between the current semantic vector and the historical semantic vector; When the semantic similarity is lower than a preset threshold, a security response strategy is executed. The security response strategy includes blocking all inheritance relationships of the current natural language query request to the historical session context, and processing the natural language query request as an independent session task.

[0073] Specifically, before generating an executable query link, this embodiment of the invention introduces an "intent drift detection mechanism" to prevent context pollution and unauthorized access risks in multi-turn dialogues. It calculates the similarity and intent continuity between the current input and the context vector. When the topic spans too far or involves new potentially sensitive fields, it can automatically separate new links or generate user confirmation requests, ensuring consistency and interpretability between context and permissions.

[0074] In this embodiment of the invention, firstly, the continuity of the user's topic focus is evaluated by combining the context vector representation of the language model to determine whether topic crossing or aggregation has occurred in the dialogue, leading to potentially sensitive information being indirectly asked. When processing the natural language query request of the current round, the system first calls the embedding model to convert the user's natural language text into a current semantic vector. This vector can mathematically represent the feature space location of the user's current intent. Simultaneously, the system reads the historical semantic vectors generated by the user in the previous round or the previous N rounds of dialogue from the session cache.

[0075] Calculate the semantic similarity between the current semantic vector and historical semantic vectors. Preferably, a cosine similarity algorithm is used to measure the directional proximity of the two vectors. The similarity value typically ranges from 0 to 1. The system presets a drift judgment threshold, such as 0.6 or 0.7, which can be configured according to the requirements of contextual coherence in the business scenario. If the similarity is higher than the threshold, it indicates that the current request is a follow-up question or supplement to the previous topic, which is a normal continuation of context. If the similarity is lower than the threshold, it indicates that the user's topic has changed significantly, i.e., the intent has drifted.

[0076] When intent drift is detected, i.e., the similarity falls below a threshold, the system immediately executes a security response strategy. The core of this strategy is to block context inheritance. The system automatically splits the current conversation, generating separate semantic block chains for new topics. This means the system will reinitialize the user's temporary permission state, clearing previously accumulated filtering conditions or variables; or, it will require the user to reconfirm access permissions, thereby preventing unintentional or malicious unauthorized behavior within the same context.

[0077] In this embodiment of the invention, intent drift detection, context permission awareness, and permission mapping complement each other to ensure that the access scope of all semantic blocks can always be interpreted and controlled in complex multi-round semantic interactions. Furthermore, drift detection records are synchronously written into the subsequent audit chain.

[0078] The large model data scheduling method based on semantic permission decomposition provided in this invention calculates the similarity and intent continuity between the current input and the context vector. When the topic span is too large or involves new potentially sensitive fields, it automatically separates new links or generates user confirmation requests. This prevents the large model from erroneously applying the filtering conditions of the previous topic to the current unrelated new topic, thereby avoiding data query errors or unauthorized access caused by context misalignment.

[0079] In some embodiments, the method further includes: A unique hash value is generated for the execution state, the differentiated processing action used, and the final execution result of each semantic block; The hash values ​​are concatenated in the execution order to generate an immutable chain fingerprint, which is then written to the security audit log.

[0080] Specifically, after permission verification, dynamic response, and context detection are completed, the large model inference generates a final readable answer or an executable query script based on the anonymized status and security markers, and returns it to the user. Throughout the execution process, the permission evaluation results, response strategies, context residues, and final outputs of all semantic blocks are recorded as hash blocks. Each hash block is concatenated with the preceding and following blocks to form an immutable chain fingerprint, which is written to the security audit log. In this embodiment of the invention, the chain fingerprint hash includes semantic block identifiers, execution status, upstream and downstream dependencies, and processing strategies. All hash blocks are concatenated in the execution order to form an immutable chain.

[0081] In this embodiment of the invention, the semantic block permission assessment, dynamic response processing, and context adjustment results generated in each dialogue are recorded. The system generates an independent hash for the permission status, desensitization strategy, and final execution result of each semantic block, and concatenates these hash blocks into an immutable chain fingerprint according to the order in which these semantic blocks are executed, and writes it into the security log database to form a chain audit log.

[0082] When compliance reviews are required or users request a retrospective analysis of results, administrators can quickly pinpoint which semantic blocks in a conversation triggered permission downgrades, which blocks were dynamically replaced or interrupted, and generate complete, verifiable records by combining user identity and timestamps, forming an interpretable query behavior trajectory. Based on audit analysis results, permission policies can be adaptively optimized, and compliance reports can be generated by combining model drift monitoring and user usage patterns, continuously iterating security boundary policies to ensure the entire large-scale model data scheduling framework truly forms a closed-loop, sustainably evolving security compliance capability. That is, if rules are found to be optimizable during audits, permission decomposition strategies and response thresholds can be iterated accordingly, forming a sustainably self-evolving security boundary closed loop.

[0083] In addition, chained audit logs also support integration with existing security and compliance platforms within an organization, enabling cross-departmental and cross-project sharing and consistency verification of access records, meeting the regulatory requirements for traceable data access in highly compliant industries such as finance and healthcare.

[0084] The large-scale model data scheduling method based on semantic permission decomposition provided in this invention enables the entire query behavior to be traceable and verifiable through upstream and downstream link status marking and chain log auditing. This facilitates compliance departments to visualize and trace access behavior across roles and data sources, achieving "full-link semantic-level trusted traceability" of the data scheduling process. This not only ensures the authenticity and integrity of audit records and prevents compliance risks caused by log tampering, but also provides a highly interpretable and legally valid compliance evidence chain for complex large-scale model data interaction scenarios.

[0085] In some embodiments, determining the accessible permission scope based on the user's identity information, performing permission verification on each semantic block based on the permission scope, and determining the execution status of each semantic block includes: Identify the data source associated with the semantic block; When the semantic block is associated across multiple heterogeneous data sources or multiple organizational boundaries, the access control policies corresponding to each data source associated with the semantic block are retrieved respectively to generate a cross-domain access check chain. Based on the cross-domain access check chain, the permissions of the semantic block are merged and evaluated to determine the execution status of the semantic block.

[0086] Specifically, permission mapping includes concatenating and judging permissions for single and cross-data source applications, and generating a multi-source access check chain to ensure permission consistency. In this embodiment of the invention, if the same semantic block is associated with multiple heterogeneous databases or multiple organizational boundaries, the system will generate a "cross-domain access check chain," automatically pulls access policies from different data sources, and merges and evaluates them to ensure that permissions are interpretable and complete even in distributed or multi-tenant environments, ensuring permission consistency and closed-loop performance in multi-role and multi-system scenarios.

[0087] In this embodiment of the invention, heterogeneous data sources refer to data systems with different storage structures, query languages, or physical locations.

[0088] After initial parsing of the semantic blocks, the system first performs source data routing. Based on a pre-configured metadata dictionary, the system identifies the underlying data storage medium corresponding to each semantic block. When a semantic block is found to be associated with multiple heterogeneous data sources or involves cross-organizational boundaries (such as across subsidiaries or tenants), the system triggers a federated permission loading mechanism. The system initiates policy query requests to the permission management nodes of each data source through adapters to retrieve the corresponding access control policies. After obtaining the policies from all parties, the system generates a cross-domain access check chain, and based on this check chain, merges and evaluates the permissions of the semantic blocks to determine the execution status of the semantic blocks.

[0089] The large model data scheduling method based on semantic permission decomposition provided in this invention effectively solves the permission fragmentation problem faced by large model data scheduling in distributed, microservice, or multi-tenant architectures by automatically pulling and merging the access policies of different data sources, ensuring the logical consistency and security of semantic blocks, and preventing data penetration caused by single point of permission oversight.

[0090] The system provided by the embodiments of the present invention will be described below. The system described below can be referred to in correspondence with the method described above.

[0091] Figure 3This is a schematic diagram of the structure of the large model data scheduling system based on semantic permission decomposition provided by the present invention, as shown below. Figure 3 As shown, the device includes a disassembly module 310, a permission mapping module 320, a dynamic response module 330, and a scheduling module 340 connected in sequence.

[0092] The decomposition module 310 is used to decompose the natural language query request input by the user into multiple semantic blocks; The permission mapping module 320 is used to determine the scope of accessible permissions based on the user's identity information, perform permission verification on each semantic block based on the permission scope, and determine the execution status of each semantic block. The dynamic response module 330 is used to perform differentiated processing on each semantic block based on the execution state of each semantic block; The scheduling module 340 is used to generate an executable query link based on the semantic block after differential processing, perform data scheduling based on the executable query link, and feed back the data scheduling result to the large model to generate an answer.

[0093] The large-scale model data scheduling system based on semantic permission decomposition provided in this invention introduces a semantic unit-level decomposition mechanism during the natural language input parsing stage and performs multi-dimensional mapping between user identity and data source, achieving fine-grained permission verification for natural language query requests. Compared to traditional static control based on table or field levels, it can effectively identify and avoid implicit privilege escalation risks in combined queries, significantly improving the security and inference controllability of large models in data interaction scenarios. By implementing differentiated dynamic response strategies based on the execution status of semantic blocks, it maximizes the preservation of data business value while ensuring data security, achieving a flexible management mechanism that balances security compliance and data availability. This not only enhances the security boundary awareness capability when sharing data across multiple departments and levels within an enterprise but also provides a sustainable evolutionary technical guarantee for the intelligent application of large models in highly compliant fields such as finance, healthcare, and government.

[0094] Figure 4 This is a schematic diagram of the structure of the electronic device provided by the present invention, such as... Figure 4 As shown, the electronic device may include: a processor 410, a communications interface 420, a memory 430, and a communications bus 440, wherein the processor 410, the communications interface 420, and the memory 430 communicate with each other via the communications bus 440. The processor 410 can call logical commands stored in the memory 430 to execute the methods described in the above embodiments, for example: The user-input natural language query request is broken down into multiple semantic blocks; based on the user's identity information, the scope of accessible permissions is determined; based on the scope of permissions, permission verification is performed on each semantic block to determine the execution status of each semantic block; based on the execution status of each semantic block, differentiated processing is performed on each semantic block; based on the differentiated semantic blocks, an executable query chain is generated; based on the executable query chain, data scheduling is performed, and the results of the data scheduling are fed back to the large model to generate an answer.

[0095] Furthermore, the logical instructions in the aforementioned memory can be implemented as software functional units and sold or used as independent products, and can be stored in a computer-readable storage medium. Based on this understanding, the technical solution of the present invention, or the part that contributes to the prior art, or a part of the technical solution, can be embodied in the form of a software product. This computer software product is stored in a storage medium and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute all or part of the steps of the methods described in the various embodiments of the present invention. The aforementioned storage medium includes various media capable of storing program code, such as USB flash drives, portable hard drives, read-only memory (ROM), random access memory (RAM), magnetic disks, or optical disks.

[0096] The processor in the electronic device provided in this embodiment of the invention can call logical instructions in the memory to implement the above method. Its specific implementation method is the same as the aforementioned method implementation method and can achieve the same beneficial effects, which will not be repeated here.

[0097] This invention also provides a computer-readable storage medium having a computer program stored thereon, which, when executed by a processor, is implemented to perform the methods provided in the above embodiments.

[0098] The specific implementation method is the same as the aforementioned method implementation method and can achieve the same beneficial effects, so it will not be repeated here.

[0099] This invention provides a computer program product, including a computer program that, when executed by a processor, implements the method described above.

[0100] The system embodiments described above are merely illustrative. The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the modules can be selected to achieve the purpose of this embodiment according to actual needs. Those skilled in the art can understand and implement this without any creative effort.

[0101] Through the above description of the embodiments, those skilled in the art can clearly understand that each embodiment can be implemented by means of software plus necessary general-purpose hardware platforms, and of course, it can also be implemented by hardware. Based on this understanding, the above technical solutions, in essence or the part that contributes to the prior art, can be embodied in the form of a software product. This computer software product can be stored in a computer-readable storage medium, such as ROM / RAM, magnetic disk, optical disk, etc., and includes several instructions to cause a computer device (which may be a personal computer, server, or network device, etc.) to execute the methods described in the various embodiments or some parts of the embodiments.

[0102] Finally, it should be noted that the above embodiments are only used to illustrate the technical solutions of the present invention, and not to limit them; although the present invention has been described in detail with reference to the foregoing embodiments, those skilled in the art should understand that modifications can still be made to the technical solutions described in the foregoing embodiments, or equivalent substitutions can be made to some of the technical features; and these modifications or substitutions do not cause the essence of the corresponding technical solutions to deviate from the spirit and scope of the technical solutions of the embodiments of the present invention.

Claims

1. A large model data scheduling method based on semantic permission disassembly, characterized in that, include: Decompose the natural language query request entered by the user into multiple semantic blocks; Based on the user's identity information, the scope of accessible permissions is determined. Based on the scope of permissions, permission verification is performed on each semantic block to determine the execution status of each semantic block. Based on the execution state of each semantic block, each semantic block is processed differently; Based on the differentiated semantic blocks, an executable query chain is generated, data scheduling is performed based on the executable query chain, and the results of the data scheduling are fed back to the large model to generate an answer.

2. The method of claim 1, wherein, The execution state includes at least one of the following: no exception, partial privilege escalation, potential privilege escalation, and complete privilege escalation. The differentiated processing of each semantic block based on its execution state includes: When the execution state of the semantic block is partially unauthorized or potentially unauthorized, a de-identification process is performed; the de-identification process includes field-level masking and / or result aggregation; When the execution state of the semantic block is completely unauthorized, the execution interruption process is executed, and a rejection feedback containing explanatory information is generated; Semantic blocks that have undergone the aforementioned desensitization or interruption processing are marked as processed.

3. The large model data scheduling method based on semantic permission disintegration according to claim 2, characterized in that, Before performing data scheduling based on the executable query chain and feeding the results of the data scheduling back to the large model to generate an answer, the method further includes: Obtain the context permission residual table; the context permission residual table records the historical semantic blocks that have been executed in the historical dialogue; Each newly generated semantic block is matched with a historical semantic block in the context permission residual table; When any semantic block matches a historical semantic block that is marked as processed, the user's access permissions are re-acquired and a forced re-verification is performed. The execution status of any semantic block is updated, and the executable query link is regenerated based on the updated semantic block.

4. The large model data scheduling method based on semantic permission decomposition according to claim 1, characterized in that, Before performing data scheduling based on the executable query chain and feeding the results of the data scheduling back to the large model to generate an answer, the method further includes: The natural language query request is processed to obtain the current semantic vector; Calculate the semantic similarity between the current semantic vector and the historical semantic vector; When the semantic similarity is lower than a preset threshold, a security response strategy is executed. The security response strategy includes blocking all inheritance relationships of the current natural language query request to the historical session context, and processing the natural language query request as an independent session task.

5. The large model data scheduling method based on semantic permission decomposition according to claim 1, characterized in that, The method further includes: A unique hash value is generated for the execution state, the differentiated processing action used, and the final execution result of each semantic block; The hash values ​​are concatenated in the execution order to generate an immutable chain fingerprint, which is then written to the security audit log.

6. The large model data scheduling method based on semantic permission decomposition according to claim 1, characterized in that, The process of determining the accessible permission range based on the user's identity information, performing permission verification on each semantic block based on the permission range, and determining the execution status of each semantic block includes: Identify the data source associated with the semantic block; When the semantic block is associated across multiple heterogeneous data sources or multiple organizational boundaries, the access control policies corresponding to each data source associated with the semantic block are retrieved respectively to generate a cross-domain access check chain. Based on the cross-domain access check chain, the permissions of the semantic block are merged and evaluated to determine the execution status of the semantic block.

7. A large-scale model data scheduling system based on semantic permission decomposition, characterized in that, include: The decomposition module is used to decompose the natural language query request input by the user into multiple semantic blocks; The permission mapping module is used to determine the scope of accessible permissions based on the user's identity information, perform permission verification on each semantic block based on the permission scope, and determine the execution status of each semantic block. A dynamic response module is used to perform differentiated processing on each semantic block based on the execution state of each semantic block; The scheduling module is used to generate an executable query link based on the differentiated semantic block, perform data scheduling based on the executable query link, and feed the data scheduling result back to the large model to generate an answer.

8. An electronic device comprising a memory, a processor, and a computer program stored in the memory and running on the processor, characterized in that, When the processor executes the computer program, it implements the large model data scheduling method based on semantic permission decomposition as described in any one of claims 1 to 6.

9. A non-transitory computer-readable storage medium having a computer program stored thereon, characterized in that, When the computer program is executed by the processor, it implements the large model data scheduling method based on semantic permission decomposition as described in any one of claims 1 to 6.

10. A computer program product, comprising a computer program, characterized in that, When the computer program is executed by the processor, it implements the large model data scheduling method based on semantic permission decomposition as described in any one of claims 1 to 6.