A government affair big data visual analysis and decision support platform

Abstract

This application relates to the field of government platform technology and discloses a government big data visualization analysis and decision support platform, comprising: a basic functional module, which includes: a data processing submodule for collecting cross-departmental government data and completing its cleaning and transformation; a visualization submodule, communicatively connected to the data processing submodule, for visualizing the processed data through charts and heatmaps to generate visualization results; and a decision-making submodule, communicatively connected to the visualization submodule, for generating decision-making schemes based on the visualization results and providing simulation functions. By using a dynamic permission adjustment algorithm to achieve precise permission adaptation, combined with quantitative desensitization rules that dynamically adjust with permission levels, and with dynamic threshold adjustment for behavior monitoring and a blockchain second-level on-chain traceability mechanism, the risk of sensitive data leakage can be reduced, and the time for locating leakage events can be shortened from hours in traditional platforms.

Description

Technical Field

[0001] This invention relates to the field of government platform technology, specifically to a government big data visualization analysis and decision support platform. Background Technology

[0002] The government big data visualization analysis and decision support platform is a core tool for government informatization construction, mainly used to integrate government data resources across levels and departments.

[0003] In existing technologies, the typical application process of such platforms is as follows: Structured and unstructured data from various departments are collected through data interfaces, processed by ETL tools, and stored in a data warehouse; the visualization module calls the warehouse data to generate various analytical views, allowing users to explore data patterns through filtering, drill-down, and other operations; the decision-making module generates preliminary solutions based on preset models (such as statistical analysis models and regression prediction models), supporting users to adjust parameters and view simulation results. Various government departments typically access the platform according to their functional permissions to achieve data sharing and collaborative analysis.

[0004] However, existing platform access control is mostly statically configured, assigning fixed permissions only based on the user's department, which cannot be dynamically adjusted according to real-time operation scenarios, easily leading to the risk of unauthorized access; sensitive data anonymization rules are fixed and not linked to user permission levels, either excessive anonymization affects the effectiveness of analysis, or insufficient anonymization leads to information leakage; behavior monitoring and tracing mechanisms are disconnected, and there is a lack of real-time log solidification after abnormal operation warnings, making it difficult to quickly locate the source after a leakage incident, resulting in a lag in security response. Ultimately, government data falls into a dilemma of "difficulty in balancing security and availability" in shared analysis, limiting its application in highly sensitive government scenarios. Summary of the Invention

[0005] To address the shortcomings of existing technologies, this invention provides a government big data visualization analysis and decision support platform, which solves the problem of difficulty in quickly locating the source after a data breach occurs.

[0006] To achieve the above objectives, the present invention provides the following technical solution: a government big data visualization analysis and decision support platform, comprising:

[0007] Basic functional modules and leakage prevention core modules,

[0008] The basic functional modules include:

[0009] The data processing submodule is used to collect cross-departmental government data and perform cleaning and transformation.

[0010] The visualization submodule is communicatively connected to the data processing submodule and is used to visualize the data processed by the data processing submodule through charts and heatmaps to generate visualization results.

[0011] The decision submodule, which is communicatively connected to the visualization submodule, is used to generate decision schemes based on the visualization results and provide simulation functions.

[0012] The leak prevention core module includes:

[0013] Data classification and permission unit: The government data processed by the data processing submodule is divided into 5 levels of sensitivity according to the degree of privacy. A dynamic permission matrix is ​​generated based on user roles and sensitivity levels, and access to highly sensitive data is restricted when unauthorized login is detected.

[0014] Desensitization Visualization Unit: Connected to the visualization sub-module, it performs heatmap blurring and personal information interval display on data with sensitivity level ≥3 according to the dynamic permission matrix. The dynamic permission matrix is ​​pushed in real time by the data classification and permission unit. The user permission level in the dynamic permission matrix is ​​directly related to the triggering conditions of the desensitization rules.

[0015] Behavior monitoring and emergency response unit: Real-time monitoring of user operation behavior. When the frequency of chart downloads, the amount of data exported, or the login location deviates from the preset benchmark and exceeds the threshold, an alarm is triggered and the operation is suspended. After three consecutive deviations, the data connection is cut off. The threshold of the preset benchmark is dynamically adjusted according to the user role determined by the data classification and permission unit.

[0016] Encrypted transmission unit: The data transmitted between modules and the decision scheme are encrypted using the national standard SM4, and the key is dynamically updated every 15 minutes and the integrity is verified by a hash algorithm;

[0017] Blockchain traceability unit: It uses a consortium blockchain to store data access logs, operation trajectories, and decision-making process records for tracing and locating the source of leaked events.

[0018] Preferably, the data classification and permission unit employs a dynamic permission adjustment algorithm to optimize permission allocation through real-time risk value calculation to prevent data leakage. The dynamic permission adjustment algorithm specifically includes:

[0019] S1: Construct a user risk assessment indicator system, including historical violation coefficient, terminal security score, network environment credibility, and operational sensitivity coefficient;

[0020] S2: Calculate the real-time risk value R using the following formula:

[0021] R = w1×a + w2×b + w3×c + w4×d

[0022] in:

[0023] 'a' represents the historical violation coefficient (0 ≤ a ≤ 1, 0 for no violation, 1 for 3 or more violations).

[0024] b represents the terminal security score (0≤b≤1, 1 for certified terminals, 0 for unknown terminals).

[0025] c represents the credibility of the network environment (0≤c≤1, 1 for government intranets, 0.3 for public networks).

[0026] d is the operation sensitivity coefficient (0≤d≤1, 1 for accessing level 5 data, 0 for accessing level 1 data).

[0027] w1, w2, w3, and w4 are weighting coefficients, and w1 + w2 + w3 + w4 = 1;

[0028] The initial weighting coefficients are configured as follows: w1=0.35, w2=0.25, w3=0.2, w4=0.2, with the historical violation coefficient w1 having the highest weight, ensuring that historical violations have a dominant impact on the calculation of real-time risk values.

[0029] S3: When R≥0.6, automatically restrict users' download permissions for data with a sensitivity level of ≥3. The degree of restriction is positively correlated with R (50% restriction when R=0.6, and complete restriction when R=1).

[0030] Preferably, the dynamic permission adjustment algorithm is combined with a weight adaptive optimization algorithm to improve the accuracy of real-time risk value calculation and thus promote the accuracy of permission adjustment. The weight adaptive optimization algorithm includes:

[0031] S1: Using actual daily violations as samples, construct the loss function L:

[0032]

[0033] in:

[0034] The actual risk value of the k-th operation (binary variable: when a violation occurs) =1, when no violation has occurred =0)

[0035] Let be the predicted risk value for the k-th operation;

[0036] This represents the total number of operational samples used for training each day.

[0037] S2: Update the weight coefficients using gradient descent, with the following formula:

[0038]

[0039] in:

[0040] This is the updated i-th weight coefficient;

[0041] This refers to the i-th weight coefficient before the update.

[0042] The learning rate (values ​​range from 0.01 to 0.1).

[0043] The partial derivative of the loss function with respect to the i-th weight coefficient is calculated using the following formula:

[0044]

[0045] in: Let i be the eigenvalue of the k-th operation;

[0046] S3: Iterate and update the weight coefficients daily to reduce the loss function L by ≥20% and improve the prediction accuracy of real-time risk values.

[0047] Preferably, the desensitization visualization unit uses 3×3 pixel blurring for data with sensitivity level 3, and displays personal information in 1000-unit intervals; it uses 5×5 pixel blurring for data with sensitivity level 4, and displays personal information in 5000-unit intervals; it uses 7×7 pixel blurring for data with sensitivity level 5, and displays personal information in 10000-unit intervals. The desensitization rules are dynamically adjusted based on the user's permission level, and the permission level is obtained in real time through the dynamic permission matrix generated by the data classification and permission unit. When the user's permission level is L3, data with sensitivity level ≥ 3 uses 3×3 pixel blurring, and personal information is displayed in 1000-unit intervals.

[0048] Preferably, the warning thresholds of the behavior monitoring and emergency response unit include: the frequency of chart downloads not exceeding 30 per hour, the amount of data exported in a single instance not exceeding 750MB, the deviation between the login location and the commonly used address not exceeding 75 kilometers, and disconnection if the threshold is exceeded three times consecutively. The warning thresholds are dynamically adjusted according to the user's dynamic permission level.

[0049] Preferably, the key length of the encrypted transmission unit is 128 bits, a new key is generated every 15 minutes based on the timestamp and the module's unique identifier, the hash value is calculated using the SHA-256 algorithm to verify data integrity, and the transmitted data, decision schemes, behavior monitoring logs and blockchain audit records between modules are encrypted.

[0050] Preferably, the consortium blockchain of the blockchain traceability unit contains 5 nodes, corresponding to government administration, data provision, data use, security supervision and audit departments respectively. Each log write requires consensus verification by more than 3 nodes, and the write delay does not exceed 1 second.

[0051] Preferably, the blockchain traceability unit is linked with the behavior monitoring and emergency response unit. When the behavior monitoring and emergency response unit triggers an early warning, the blockchain traceability unit automatically activates the real-time log on-chain acceleration mechanism, writing the operation behavior data associated with the early warning, including operation time, terminal identifier, and access data sensitivity level, into the consortium blockchain at a frequency of seconds, and pre-constructing a traceability path based on preset association rules. The preset association rules include: the matching degree between the operation terminal and the historical login terminal, and the overlap between the operation time period and the working time period. When three consecutive early warnings trigger the data connection to be cut off, the blockchain traceability unit can directly call the pre-constructed traceability path, shortening the time for locating the leakage event to within 5 minutes and improving the efficiency of leakage traceability. The judgment criteria of the preset association rules are: when the hardware fingerprint matching degree between the operation terminal and the historical login terminal is <50%, or the overlap between the operation time period and the user's historical working time period is <30%, it is automatically marked as a high-risk node and included in the core clues of the traceability path, triggering the blockchain acceleration on-chain mechanism.

[0052] Preferably, the standardized data output by the data processing submodule is first transmitted to the data classification and permission unit for sensitivity level classification, and then transferred to the visualization submodule according to the classification result. Before generating the visualization result, the visualization submodule needs to call the desensitization visualization unit to process the sensitive data. The processing result is constrained by the dynamic permission matrix of the data classification and permission unit. The decision scheme generated by the decision submodule needs to be evaluated for sensitivity level by the data classification and permission unit. When the evaluation result is ≥ level 3, the highest level of fuzzing processing (7×7 pixels + 10000 unit interval) of the desensitization visualization unit is automatically triggered during the scheme transfer process, and export to external storage devices is prohibited.

[0053] This invention provides a government big data visualization analysis and decision support platform. It has the following beneficial effects:

[0054] 1. This invention achieves precise permission adaptation through a dynamic permission adjustment algorithm. Combined with quantitative desensitization rules that dynamically adjust with permission level, dynamic threshold adjustment for behavior monitoring, and a blockchain second-level on-chain traceability mechanism, it can reduce the risk of sensitive data leakage and shorten the time for locating leakage events from hours on traditional platforms, thus solving the core pain point of "difficulty in balancing security and availability" in government data sharing.

[0055] 2. This invention strengthens security protection while ensuring the effectiveness of visualization analysis and decision support: the desensitization process ensures that sensitive data can still support trend analysis after desensitization through information entropy verification; the decision submodule combines leakage prevention rules to realize hierarchical simulation, which not only meets data security compliance requirements, but also provides credible and usable data analysis support for government decision-making, and improves the efficiency of cross-departmental collaborative decision-making. Attached Figure Description

[0056] Figure 1 This is a system block diagram of the present invention. Detailed Implementation

[0057] The technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.

[0058] Example:

[0059] Please see the appendix Figure 1 This invention provides a government big data visualization analysis and decision support platform, comprising:

[0060] Basic functional modules and leakage prevention core modules,

[0061] The basic functional modules include:

[0062] The data processing submodule is used to collect cross-departmental government data and complete its cleaning and transformation. The processed standardized data is first transmitted to the data classification and permission unit of the leakage prevention core module for sensitivity level classification.

[0063] The visualization submodule receives the hierarchically processed data and generates visualization results using the Canvas drawing engine.

[0064] Generate accurate charts directly for non-sensitive data (Level 1-2);

[0065] After processing sensitive data (level ≥ 3) using the desensitization visualization unit, a blurred heatmap or interval table is generated;

[0066] The visualization results allow users to adjust dimensions by dragging and dropping with the mouse, but operation permissions are constrained by a dynamic permission matrix.

[0067] The decision-making submodule, based on the visualization results, generates solutions using a pre-defined decision tree model (such as a multi-factor decision model for traffic congestion management) and provides simulation functionality.

[0068] For low-sensitivity schemes (level 1-2), users are allowed to modify parameters and view the simulation results in real time;

[0069] For highly sensitive schemes (level ≥ 3), only the simulation trend can be viewed, and the core parameters cannot be modified. Furthermore, the scheme transfer must undergo secondary verification by data classification and permission unit.

[0070] The core leak prevention module includes:

[0071] Data classification and permission unit: The government data processed by the data processing submodule is divided into 5 levels of sensitivity according to the degree of privacy. A dynamic permission matrix is ​​generated based on user roles and sensitivity levels, and access to highly sensitive data is restricted when unauthorized login is detected.

[0072] Further:

[0073] Sensitivity Level Classification Standard: Level 1 (Fully Public), Level 2 (Internal Sharing within Departments), Level 3 (Restricted Sharing Across Departments), Level 4 (Classified Government Data), Level 5 (Core Secrets);

[0074] User roles and decision-making mechanisms:

[0075] Role definition: Includes 4 preset roles, which are automatically matched through the LDAP authentication system:

[0076] System Administrator (Role ID: 001): Responsible for platform configuration and has access to data at all levels;

[0077] Department Manager (Role ID: 002): Can access data at level 3 and below within their department;

[0078] Business Operator (Role ID: 003): Can access data at level 4 and below within this department (limited to essential work items only);

[0079] Auditor (Role ID: 004): Can view all data but is prohibited from modifying it; operation logs are synchronized to the blockchain traceability unit in real time.

[0080] When unauthorized login is detected (such as an administrator account logging in on an unfamiliar terminal), the permissions will be automatically downgraded by 1 level (e.g., the original access to level 5 data will be reduced to only level 4).

[0081] Desensitization Visualization Unit: Connects to the visualization sub-module. Based on the dynamic permission matrix, it performs heatmap blurring and personal information interval display on data with a sensitivity level of ≥3. The dynamic permission matrix is ​​pushed in real time by data classification and permission unit. The user permission level in the dynamic permission matrix is ​​directly related to the triggering conditions of the desensitization rules.

[0082] Furthermore: The dynamic permission matrix is ​​generated through a permission mapping function.

[0083]

[0084] in: : Permission values ​​for character i's operation level j (0≤ ≤1, 0 = Forbidden, 0.5 = Read-only, 1 = Full access);

[0085] Base role weights (preset values: Administrator = 1.0, Department Manager = 0.7, Business Operator = 0.5, Auditor = 0.3).

[0086] Data sensitivity coefficient (Level 1 = 0.1, Level 2 = 0.3, Level 3 = 0.5, Level 4 = 0.8, Level 5 = 1.0).

[0087] Environmental risk factor (default 1.0, drops to 0.5 when unauthorized login is detected);

[0088] Permission determination rules:

[0089] like Download and modification are permitted;

[0090] like Viewing is allowed only;

[0091] like Access denied;

[0092] Furthermore: the de-identification rules are dynamically adjusted according to the access level.

[0093] L1 (highest level): Level 3 data is blurred with 3×3 pixels (blur kernel is Gaussian function, σ=1.0), and personal information is displayed in 1000 unit intervals (e.g., "3000-4000 yuan").

[0094] L2 (Medium Permission): Level 4 data is blurred with 5×5 pixels (σ=2.0), and personal information is displayed in intervals of 5000 units;

[0095] L3 (Lowest Privilege): Level 5 data is blurred with 7×7 pixels (σ=3.0), personal information is displayed in 10,000 unit intervals, and the specific area coordinates are hidden.

[0096] Behavior monitoring and emergency response unit: Real-time monitoring of user operation behavior. When the frequency of chart downloads, the amount of data exported, or the login location deviates from the preset benchmark and exceeds the threshold, an alarm is triggered and the operation is suspended. After three consecutive deviations, the data connection is cut off. The threshold of the preset benchmark is dynamically adjusted according to the user role determined by the data classification and permission unit.

[0097] Encrypted transmission unit: The data transmitted between modules and the decision scheme are encrypted using the national standard SM4, and the key is dynamically updated every 15 minutes and the integrity is verified by a hash algorithm;

[0098] SM4 encryption process (Chinese national standard):

[0099] Data packets transmitted between modules (such as hierarchical data from the data processing submodule to the visualization submodule) are encrypted using the SM4 algorithm with a key length of 128 bits.

[0100] The key is updated every 15 minutes and is generated by SHA-256 hashing based on the current timestamp (accurate to milliseconds) and the module's unique identifier (such as "visualization submodule-001") to avoid key duplication.

[0101] Blockchain traceability unit: It uses a consortium blockchain to store data access logs, operation trajectories, and decision-making process records for tracing and locating the source of leaked events.

[0102] In this embodiment, the data classification and permission unit adopts a dynamic permission adjustment algorithm to optimize permission allocation through real-time risk value calculation to prevent data leakage. The dynamic permission adjustment algorithm specifically includes:

[0103] S1: Construct a user risk assessment indicator system, including historical violation coefficient, terminal security score, network environment credibility, and operational sensitivity coefficient;

[0104] S2: Calculate the real-time risk value R using the following formula:

[0105] R = w1×a + w2×b + w3×c + w4×d

[0106] in:

[0107] 'a' represents the historical violation coefficient (0 ≤ a ≤ 1, 0 for no violation, 1 for 3 or more violations).

[0108] b represents the terminal security score (0≤b≤1, 1 for certified terminals, 0 for unknown terminals).

[0109] c represents the credibility of the network environment (0≤c≤1, 1 for government intranets, 0.3 for public networks).

[0110] d is the operation sensitivity coefficient (0≤d≤1, 1 for accessing level 5 data, 0 for accessing level 1 data).

[0111] w1, w2, w3, and w4 are weighting coefficients, and w1 + w2 + w3 + w4 = 1;

[0112] The initial weighting coefficients are configured as follows: w1=0.35, w2=0.25, w3=0.2, w4=0.2, with the historical violation coefficient w1 having the highest weight, ensuring that historical violations have a dominant impact on the calculation of real-time risk values;

[0113] S3: When R≥0.6, automatically restrict users' download permissions for data with a sensitivity level of ≥3. The degree of restriction is positively correlated with R (50% restriction when R=0.6, and complete restriction when R=1).

[0114] In this embodiment, the dynamic permission adjustment algorithm is combined with the weight adaptive optimization algorithm to improve the accuracy of real-time risk value calculation and thus promote the accuracy of permission adjustment. The weight adaptive optimization algorithm includes:

[0115] S1: Using actual daily violations as samples, construct the loss function L:

[0116]

[0117] in:

[0118] The actual risk value of the k-th operation (binary variable: when a violation occurs) =1, when no violation has occurred =0)

[0119] Let be the predicted risk value for the k-th operation;

[0120] This represents the total number of operational samples used for training each day.

[0121] S2: Update the weight coefficients using gradient descent, with the following formula:

[0122]

[0123] in:

[0124] This is the updated i-th weight coefficient;

[0125] This refers to the i-th weight coefficient before the update.

[0126] The learning rate (values ​​range from 0.01 to 0.1).

[0127] The partial derivative of the loss function with respect to the i-th weight coefficient is calculated using the following formula:

[0128]

[0129] in: Let i be the eigenvalue of the k-th operation;

[0130] S3: Iterate and update the weight coefficients daily to reduce the loss function L by ≥20% and improve the prediction accuracy of real-time risk values.

[0131] In this embodiment, the desensitization visualization unit uses 3×3 pixel blurring for data with a sensitivity level of 3, and displays personal information in intervals of 1000 units; it uses 5×5 pixel blurring for data with a sensitivity level of 4, and displays personal information in intervals of 5000 units; it uses 7×7 pixel blurring for data with a sensitivity level of 5, and displays personal information in intervals of 10000 units. The desensitization rules are dynamically adjusted based on the user's permission level, and the permission level is obtained in real time through the data classification and the dynamic permission matrix generated by the permission unit. When the user's permission level is L3, data with a sensitivity level of ≥3 uses 3×3 pixel blurring, and displays personal information in intervals of 1000 units.

[0132] In this embodiment, the warning thresholds of the behavior monitoring and emergency response unit include: the number of charts downloaded per hour does not exceed 30, the amount of data exported in a single transaction does not exceed 750MB, the deviation between the login location and the commonly used address does not exceed 75 kilometers, and the connection is cut off if the threshold is exceeded three times in a row. The warning thresholds are dynamically adjusted according to the user's dynamic permission level.

[0133] In this embodiment, the key length of the encrypted transmission unit is 128 bits. A new key is generated every 15 minutes based on the timestamp and the module's unique identifier. The hash value is calculated using the SHA-256 algorithm to verify data integrity. The transmitted data, decision-making schemes, behavior monitoring logs, and blockchain audit records between modules are encrypted.

[0134] Applications of the SHA-256 hash algorithm:

[0135] Data sender: Concatenates a random salt value (32-bit random string) into the transmitted data (including metadata such as sending time and sender ID), calculates a 256-bit hash value, and sends it together with the ciphertext;

[0136] Receiver: After decryption, recalculate the hash value. If it is inconsistent with the sender's hash value, it is determined that the data has been tampered with, triggering the retransmission mechanism and recording the exception log.

[0137] In this embodiment, the consortium blockchain of the blockchain traceability unit contains 5 nodes, which correspond to government administration, data provision, data use, security supervision and auditing departments respectively. Each log write requires consensus verification by more than 3 nodes, and the write delay does not exceed 1 second.

[0138] In this embodiment, the blockchain traceability unit is linked with the behavior monitoring and emergency response unit. When the behavior monitoring and emergency response unit triggers an alert, the blockchain traceability unit automatically activates the real-time log on-chain acceleration mechanism. The operation behavior data associated with the alert, including operation time, terminal identifier, and access data sensitivity level, is written to the consortium blockchain at a frequency of seconds, and a traceability path is pre-constructed based on preset association rules. The preset association rules include: the matching degree between the operation terminal and the historical login terminal, and the overlap between the operation time period and the working time period. When the data connection is cut off by three consecutive alerts, the blockchain traceability unit can directly call the pre-constructed traceability path, shortening the time for locating the leakage event to within 5 minutes and improving the efficiency of leakage traceability. The judgment criteria of the preset association rules are: when the hardware fingerprint matching degree between the operation terminal and the historical login terminal is <50%, or the overlap between the operation time period and the user's historical working time period is <30%, it is automatically marked as a high-risk node and included in the core clues of the traceability path, triggering the blockchain acceleration on-chain mechanism.

[0139] In this embodiment, the standardized data output by the data processing submodule is first transmitted to the data classification and permission unit for sensitivity level classification. Then, based on the classification results, it is transferred to the visualization submodule. Before generating the visualization results, the visualization submodule needs to call the desensitization visualization unit to process the sensitive data. The processing results are constrained by the dynamic permission matrix of the data classification and permission unit. The decision scheme generated by the decision submodule needs to be evaluated for sensitivity level by the data classification and permission unit. When the evaluation result is ≥ level 3, the highest level of fuzzing processing (7×7 pixels + 10000 unit interval) of the desensitization visualization unit is automatically triggered during the scheme transfer process, and export to external storage devices is prohibited.

[0140] Although embodiments of the invention have been shown and described, it will be understood by those skilled in the art that various changes, modifications, substitutions and alterations can be made to these embodiments without departing from the principles and spirit of the invention, the scope of which is defined by the appended claims and their equivalents.

Claims

1. A government big data visualization analysis and decision support platform, characterized in that, include: Basic functional modules and leakage prevention core modules, The basic functional modules include: The data processing submodule is used to collect cross-departmental government data and perform cleaning and transformation. The visualization submodule is communicatively connected to the data processing submodule and is used to visualize the data processed by the data processing submodule through charts and heatmaps to generate visualization results. The decision submodule, which is communicatively connected to the visualization submodule, is used to generate decision schemes based on the visualization results and provide simulation functions. The leak prevention core module includes: Data classification and permission unit: The government data processed by the data processing submodule is divided into 5 levels of sensitivity according to the degree of privacy. A dynamic permission matrix is ​​generated based on user roles and sensitivity levels, and access to highly sensitive data is restricted when unauthorized login is detected. Desensitization Visualization Unit: Connected to the visualization sub-module, it performs heatmap blurring and personal information interval display on data with sensitivity level ≥3 according to the dynamic permission matrix. The dynamic permission matrix is ​​pushed in real time by the data classification and permission unit. The user permission level in the dynamic permission matrix is ​​directly related to the triggering conditions of the desensitization rules. Behavior monitoring and emergency response unit: Real-time monitoring of user operation behavior. When the frequency of chart downloads, the amount of data exported, or the login location deviates from the preset benchmark and exceeds the threshold, an alarm is triggered and the operation is suspended. After three consecutive deviations, the data connection is cut off. The threshold of the preset benchmark is dynamically adjusted according to the user role determined by the data classification and permission unit. Encrypted transmission unit: The data transmitted between modules and the decision scheme are encrypted using the national standard SM4, and the key is dynamically updated every 15 minutes and the integrity is verified by a hash algorithm; Blockchain traceability unit: It uses a consortium blockchain to store data access logs, operation trajectories, and decision-making process records for tracing and locating the source of leaked events.

2. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The data classification and permission unit employs a dynamic permission adjustment algorithm to optimize permission allocation through real-time risk value calculation to prevent data leakage. The dynamic permission adjustment algorithm specifically includes: S1: Construct a user risk assessment indicator system, including historical violation coefficient, terminal security score, network environment credibility, and operational sensitivity coefficient; S2: Calculate the real-time risk value R using the following formula: R = w1×a + w2×b + w3×c + w4×d in: 'a' represents the historical violation coefficient (0 ≤ a ≤ 1, 0 for no violation, 1 for 3 or more violations). b represents the terminal security score (0≤b≤1, 1 for certified terminals, 0 for unknown terminals). c represents the credibility of the network environment (0≤c≤1, 1 for government intranets, 0.3 for public networks). d is the operation sensitivity coefficient (0≤d≤1, 1 for accessing level 5 data, 0 for accessing level 1 data). w1, w2, w3, and w4 are weighting coefficients, and w1 + w2 + w3 + w4 = 1; The initial weighting coefficients are configured as follows: w1=0.35, w2=0.25, w3=0.2, w4=0.2, with the historical violation coefficient w1 having the highest weight, ensuring that historical violations have a dominant impact on the calculation of real-time risk values. S3: When R≥0.6, automatically restrict users' download permissions for data with a sensitivity level of ≥3. The degree of restriction is positively correlated with R (50% restriction when R=0.6, and complete restriction when R=1).

3. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The dynamic permission adjustment algorithm, combined with the weight adaptive optimization algorithm, is used to improve the accuracy of real-time risk value calculation, thereby promoting the accuracy of permission adjustment. The weight adaptive optimization algorithm includes: S1: Using actual daily violations as samples, construct the loss function L: in: The actual risk value of the k-th operation (binary variable: when a violation occurs) =1, when no violation has occurred =0) Let be the predicted risk value for the k-th operation; This represents the total number of operational samples used for training each day. S2: Update the weight coefficients using gradient descent, with the following formula: in: This is the updated i-th weight coefficient; This refers to the i-th weight coefficient before the update. The learning rate (values ​​range from 0.01 to 0.1). The partial derivative of the loss function with respect to the i-th weight coefficient is calculated using the following formula: in: Let i be the eigenvalue of the k-th operation; S3: Iterate and update the weight coefficients daily to reduce the loss function L by ≥20% and improve the prediction accuracy of real-time risk values.

4. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The desensitization visualization unit uses 3×3 pixel blurring for data at sensitivity level 3, displaying personal information in 1000-unit intervals; uses 5×5 pixel blurring for data at sensitivity level 4, displaying personal information in 5000-unit intervals; and uses 7×7 pixel blurring for data at sensitivity level 5, displaying personal information in 10000-unit intervals. The desensitization rules are dynamically adjusted based on user permission levels, which are obtained in real time through a dynamic permission matrix generated by data classification and permission units. When the user permission level is L3, data at sensitivity level ≥ 3 is blurred using 3×3 pixels, and personal information is displayed in 1000-unit intervals.

5. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The warning thresholds of the behavior monitoring and emergency response unit include: the frequency of chart downloads not exceeding 30 per hour, the amount of data exported at one time not exceeding 750MB, the deviation between the login location and the commonly used address not exceeding 75 kilometers, and disconnection if the threshold is exceeded 3 times consecutively. The warning thresholds are dynamically adjusted according to the user's dynamic permission level.

6. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The key length of the encrypted transmission unit is 128 bits. A new key is generated every 15 minutes based on the timestamp and the module's unique identifier. The hash value is calculated using the SHA-256 algorithm to verify data integrity. The transmitted data, decision-making schemes, behavior monitoring logs, and blockchain audit records between modules are encrypted.

7. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The blockchain traceability unit's consortium blockchain contains 5 nodes, corresponding to government administration, data provision, data usage, security supervision, and auditing departments, respectively. Each log entry must be verified by consensus from at least 3 nodes, and the write delay is no more than 1 second.

8. The government big data visualization analysis and decision support platform according to claim 1, characterized in that, The blockchain traceability unit is linked with the behavior monitoring and emergency response unit. When the behavior monitoring and emergency response unit triggers an early warning, the blockchain traceability unit automatically starts the real-time log on-chain acceleration mechanism, writes the operation behavior data associated with the early warning, including operation time, terminal identifier, and access data sensitivity level, into the consortium blockchain at a frequency of seconds, and pre-constructs a traceability path based on preset association rules. The preset association rules include: the matching degree between the operating terminal and the historical login terminal, and the overlap between the operating time period and the working time period. When three consecutive warnings trigger the data connection to be cut off, the blockchain traceability unit can directly call the pre-built traceability path to shorten the time for locating the leakage event to within 5 minutes and improve the efficiency of leakage traceability. The judgment criteria of the preset association rules are: when the hardware fingerprint matching degree between the operating terminal and the historical login terminal is <50%, or the overlap between the operating time period and the user's historical working time period is <30%, it is automatically marked as a high-risk node and included in the core clues of the traceability path, triggering the blockchain acceleration on-chain mechanism.

9. A government big data visualization analysis and decision support platform according to claim 1, characterized in that, The standardized data output by the data processing submodule is first transmitted to the data classification and permission unit for sensitivity level classification. Then, based on the classification results, it flows to the visualization submodule. Before generating the visualization results, the visualization submodule needs to call the desensitization visualization unit to process the sensitive data. The processing results are constrained by the dynamic permission matrix of the data classification and permission unit. The decision scheme generated by the decision submodule needs to be evaluated for sensitivity level by the data classification and permission unit. When the evaluation result is ≥ level 3, the highest level of fuzzing processing (7×7 pixels + 10000 unit interval) of the desensitization visualization unit is automatically triggered during the scheme flow, and export to external storage devices is prohibited.

Images