A cross-border supervision minimum subgraph generation and privacy protection method
By setting customs area permission parameters and an encryption commitment mechanism, a minimum subgraph for cross-customs area supervision is generated, which solves the problems of information fragmentation and privacy conflicts in cross-customs area supervision, achieves precise supervision and privacy protection, and improves the efficiency and security of cross-customs area collaborative supervision.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- GUANGDONG OPEN UNIV (GUANGDONG POLYTECHNIC VOCATIONAL COLLEGE)
- Filing Date
- 2026-03-18
- Publication Date
- 2026-06-19
AI Technical Summary
Cross-customs supervision suffers from fragmented information between customs districts, redundant regulatory information, and privacy conflicts. It also lacks a unified traceability structure at the cargo level, making it difficult to achieve precise cross-customs supervision and privacy protection.
By setting customs area permission parameters and permission judgment functions, visible nodes are generated, standardized subgraphs are generated based on regulatory requests, backtracking depth control is performed, the smallest sealed subgraph is selected, and invisible nodes are replaced with an encrypted commitment mechanism for packaged transmission and verification.
It has enabled more precise cross-customs area supervision and secure protection of privacy information, ensuring that each customs area only obtains the minimum amount of data that meets its own regulatory needs, avoiding excessive exposure of commercially sensitive information, and improving the efficiency of cross-customs area collaborative supervision and the security of data sharing.
Smart Images

Figure CN122243320A_ABST
Abstract
Description
Technical Field
[0001] This invention proposes a method for generating and protecting the privacy of a minimum subgraph for cross-customs area supervision, which relates to the field of data analysis and processing technology, specifically to the field of generating and protecting the privacy of a minimum subgraph for cross-customs area supervision. Background Technology
[0002] With the development of global supply chain networking and regional integration, cross-border logistics involving multiple customs districts and nodes has become the norm. Goods need to pass through multiple customs districts for supervision, and the flow process is complex, posing challenges to continuous cross-customs district supervision and risk identification. Existing information-based supervision relies on declaration data, in-transit trajectory records, and internal customs district supervision data, but it has significant problems, including fragmented information between customs districts, independent systems in each customs district, and difficulty in forming a self-consistent chain of evidence for cross-customs district goods flow; redundancy of supervision information and privacy conflicts coexist, full sharing is prone to leakage of commercially sensitive information, and the exchange of a small number of fields cannot support traceability verification; there is a lack of a unified traceability structure at the cargo level, making it difficult to accurately describe the process of splitting, merging, and flowing goods. Cargo-level digital seal chain technology provides a possibility for building a unified traceability structure, but how to generate minimal regulatory sub-graphs tailored to different customs districts while ensuring verifiability and protecting privacy still lacks a systematic solution. Summary of the Invention
[0003] This invention provides a method for generating a minimum subgraph for cross-regional regulatory oversight and protecting privacy, in order to solve the above-mentioned problems: This invention proposes a method for generating a minimum subgraph for cross-regional regulatory oversight and protecting privacy, the method comprising: S1. Set permission parameters and permission judgment functions for each gate area, and then perform visible node judgment and analysis to obtain visible nodes; S2. Based on the regulatory request information of the target goods in the target customs area, perform node visibility comparison analysis and verification to obtain the standardized sub-graph generation task; S3. Obtain the basic data of the global capstone graph based on the standardized subgraph generation task, and then obtain the candidate ancestor node set and backtracking depth control to obtain the minimum capstone subgraph; S4. Obtain the necessary nodes from the minimum sealed subgraph, generate commitment nodes, and obtain the storage information of the commitment nodes; S5. Pack the minimum sealed subgraph of visible nodes, committed nodes and their associated edges, transmit and verify it to obtain the standard subgraph.
[0004] Further, S1 includes: Determine the permission parameters for each gate area and obtain the gate area permission parameter range data; Construct an permission judgment function based on the range of customs area permission parameters; Based on the permission judgment function, the visibility information of the sealed node is judged to obtain the node visibility judgment data; Based on the node visibility judgment data, node visibility data is extracted and stored to obtain visible nodes and their extracted node visibility data.
[0005] Furthermore, the permission parameters for determining each gateway include: For each region c, its permission parameters are defined as follows:
[0006] in, This is the set of operation types visible within the customs area. A collection of visible spatial regions. A set of visible time intervals; For visible participating entities; Based on the above permission parameters, define a permission judgment function:
[0007] in, Indicates the location or jurisdiction of the operation. Indicates the type of participating entity.
[0008] Further, S2 includes: Obtain the regulatory request information of the target cargo in the target customs area, and obtain the cargo terminal seal node identifier of the target cargo based on the regulatory request information; The cargo terminal seal node identifier is compared with the node visible extraction data to obtain visible comparison data; Based on the visible comparison data, determine whether the verification passes and obtain the verification pass / fail information; Obtain the verification pass information based on the verification pass judgment information; The verification pass information and node visible extracted data are integrated to obtain a standardized subgraph generation task.
[0009] Further, S3 includes: The basic data of the global seal map is obtained based on the standardized subgraph generation task, starting from the cargo terminal seal node; By tracing the flow of goods back from child nodes to parent nodes, and then tracing back along the direction of the parent node, the backtracking data can be obtained. Based on the backtracking data, permission parameters, and regulatory request information, ancestor nodes and their edges are selected, backtracking depth control is performed, and backtracking depth control data is obtained. Candidate subgraphs are constructed based on ancestor nodes, their edges, and backtracking depth control data; Redundant nodes are removed from the candidate subgraphs to obtain the minimum sealed subgraph.
[0010] Furthermore, the step of selecting ancestor nodes and their edges based on backtracking data, permission parameters, and regulatory request information, and performing backtracking depth control to obtain backtracking depth control data includes: Dangguan District For a specific cargo terminal node When initiating a subgraph request, first determine the set of ancestor nodes of that node:
[0011] In actual regulatory scenarios, a maximum backtracking depth can be set. We only consider paths whose length does not exceed the depth to balance regulatory requirements and computational overhead. The ancestor set under the depth constraint is defined as:
[0012] Based on this, combined with customs area permission functions Classify ancestor nodes: Visible node set:
[0013] The necessary path, defined according to regulatory needs, is from a certain regulatory starting point to... All paths, or a few selected representative paths.
[0014] Furthermore, the basic data for the global sealing map includes: The global seal diagram corresponding to the cargo-level digital seal chain is as follows:
[0015] in, For the set of sealed nodes; Let be a set of directed edges, if Represents a node For nodes The parent node; Each node It has a set of attributes:
[0016] in, For operation types (initialization, loading, unloading, merging, splitting, switching, etc.); For operational metadata (including time, location, customs district, type of participating entity, etc.); Let the quantity of goods be a vector. For node hash; This is the digital signature of the node hash by the operating entity.
[0017] Further, S4 includes: Obtain the necessary node condition information from the smallest sealed subgraph, and identify the necessary nodes based on the necessary node condition information and permission parameters. A cryptographic commitment mechanism is introduced to transform the necessary nodes and generate commitment nodes; Store the hash value and commitment value of the commitment node to obtain the storage information of the commitment node.
[0018] Furthermore, the introduction of a cryptographic commitment mechanism to transform the necessary nodes and generate commitment nodes includes: Define node plaintext data ; Use a pre-defined hash function Construct the commitment value:
[0019] in For normalized coding functions; In the subgraph, the corresponding node Replaced with a commitment node Its public attributes are:
[0020] This is the committed value; Option to expose operation types; Choose to expose the full quantity vector or only the statistical summary.
[0021] Further, S5 includes: Pack the minimum enclosed subgraph containing visible nodes, committed nodes, and their associated edges to obtain the packaged data; The packaged data is transmitted to the target customs area via a secure, encrypted channel. The target customs area performs three core verifications on the packaged data through a standardized verification interface to obtain core verification data: The standard subgraph was confirmed based on the core validation data.
[0022] Beneficial effects of this invention: This invention, based on a cargo-level digital seal chain, generates an independent minimum seal subgraph for each customs district for specific cargo through customs district permission modeling and subgraph pruning algorithms. This allows the customs district to verify the origin, route, and consolidation relationships of cargo locally, achieving a cross-customs district extension from coarse-grained carrier supervision to fine-grained cargo-level supervision. By replacing invisible but structurally necessary nodes with committed nodes, this invention maintains the hash continuity and quantity conservation structure of the seal chain without disclosing the specific attributes of nodes. This allows the target customs district to verify the authenticity and integrity of the subgraph without acquiring commercially sensitive information and the complete supply chain topology unrelated to its regulatory responsibilities, significantly alleviating the privacy and security contradictions in cross-customs district information sharing. This invention provides a unified seal subgraph data structure and verification interface. Any customs district system with the corresponding permissions can complete hash verification, signature verification, and quantity conservation checks after obtaining the subgraph without accessing the global seal graph. This provides a standardized technical foundation for future cross-customs district joint inspections, joint risk prevention and control, law enforcement cooperation, and mutual recognition of evidence. This invention, through mechanisms such as setting backtracking depth, redundancy pruning, and commitment node folding, can still generate the minimum subgraph that meets regulatory requirements with low computational and communication overhead, even when the global log graph is large in scale. It is suitable for promotion and application in complex scenarios such as cross-border e-commerce, high-frequency parcels, land-based customs clearance, and sea-rail intermodal transport. Attached Figure Description
[0023] Figure 1 This is a schematic diagram of a method for generating the minimum subgraph for cross-regional supervision and protecting privacy. Detailed Implementation
[0024] The preferred embodiments of the present invention will be described below with reference to the accompanying drawings. It should be understood that the preferred embodiments described herein are for illustration and explanation only and are not intended to limit the present invention.
[0025] In one embodiment of the present invention, a method for generating a minimum subgraph for cross-regional regulatory oversight and protecting privacy is proposed, the method comprising: S1. Set permission parameters and permission judgment functions for each gate area, and then perform visible node judgment and analysis to obtain visible nodes; S2. Based on the regulatory request information of the target goods in the target customs area, perform node visibility comparison analysis and verification to obtain the standardized sub-graph generation task; S3. Obtain the basic data of the global capstone graph based on the standardized subgraph generation task, and then obtain the candidate ancestor node set and backtracking depth control to obtain the minimum capstone subgraph; S4. Obtain the necessary nodes from the minimum sealed subgraph, generate commitment nodes, and obtain the storage information of the commitment nodes; S5. Pack the minimum sealed subgraph of visible nodes, committed nodes and their associated edges, transmit and verify it to obtain the standard subgraph.
[0026] For example: In this embodiment, a certain export commodity is declared in customs district A within the territory, exits the country through port B, and undergoes multiple warehousing, distribution, and road transportation processes. The commodity-level digital seal chain has been constructed by the platform according to global rules, and the global seal map is stored in a trusted central system.
[0027] 1. Customs Area Permission Settings: For the A customs district, set permission parameters. for: (1) Visible operation type: ; (2) Visible spatial region: Warehouses and depots within the jurisdiction of Customs District A; (3) Visible time interval: This refers to a certain time window before or after the customs declaration date for the goods. (4) Visible subject type: This includes customs brokers and domestic carriers registered in Customs District A.
[0028] 2. Subgraph generation request: When Customs District A needs to process the return of a shipment of exported goods or conduct traceability verification, it uses the cargo terminal seal node identification. A request was sent to the central system, along with the customs district identifier A and the target backtracking depth. .
[0029] 3. Candidate Ancestor Set and Node Classification The central system calculates in the global sealing map ,pass Definitely visible node set With the set of invisible but necessary nodes for the path .
[0030] 4. Commitment node replacement and pruning: for Mid-node, central system constructs commitment value And replace it with a commitment node in the subgraph. This ensures that the initialization node from the origin warehouse to... Given that at least one continuous hash chain path exists, redundant nodes are pruned to generate a minimum-size subgraph. .
[0031] 5. Subgraph Packaging and Verification: Subgraph The data is transmitted to the A customs district system via a secure channel. The A customs district uses the verification algorithm provided by this invention to hash and recalculate the signatures of visible nodes, verify the conservation of quantity along the path, and confirm that there are no unauthorized modifications. Then, combined with the warehousing records and customs declaration information held by the customs district, it completes the full traceability and responsibility determination of the goods at the territorial stage.
[0032] In this embodiment, imported goods are shipped from country C, enter China through port D, are cleared at the port by customs district E, and subsequently transferred to customs district F. The entire cargo-level sealing chain has been constructed by the platform.
[0033] 1. E-customs area is based on import batches and cargo terminal nodes. A subgraph request is sent to the central system, which then generates the subgraph based on the E-gate area permissions. It includes critical path information from the overseas departure node to the port inspection node, but some highly sensitive nodes in the overseas segment are presented in the form of commitment nodes.
[0034] 2. E-customs area in local areas Verification is conducted, and by combining machine-generated images and inspection results, risk signs such as frequent splitting, multiple shipments being combined, and unconventional routes are identified in the route. Information on high-risk nodes is then fed back to the central system to provide a reference for subsequent customs clearance and local supervision.
[0035] 3. When Customs District F conducts subsequent supervision of the same goods, it only needs to obtain the seal sub-map of this segment, starting from the receiving node in Customs District F and ending at the final delivery node in the locality. This allows for a cross-customs-area regulatory model that enables segmented verification and minimal disclosure without requiring knowledge of the internal inspection procedures within the E-customs area or the complete overseas supply chain structure.
[0036] When regulatory agencies need to trace the entire path of a suspected smuggled or seriously non-compliant shipment, they can use the seal map sub-map mechanism of this invention to collect the smallest sub-maps held by multiple customs districts, and then perform joint reconstruction and comparison on the central platform. Since each sub-map originates from the same global seal map and adopts a unified hash and commitment structure, the central system can reconstruct the entire path seal map and verify its integrity without accessing all original business systems.
[0037] The working principle and technical effects of the above-mentioned technical solution are as follows: This method constructs a full-process technical framework based on access control, driven by demand, and guaranteed by privacy protection. It achieves cross-regional regulatory minimum subgraph generation and privacy protection through five collaborative steps. First, S1 sets exclusive access parameters and judgment functions for each region, clarifying the visibility range of nodes in each region and defining the regulatory boundary from the source. Second, S2 connects with the region's regulatory requests, verifies the legality of the requests, and transforms them into standardized subgraph generation tasks, achieving precise matching of demand and access. Next, S3 backtracks and filters nodes from the global customs map based on the task, generating the minimum customs map that meets regulatory requirements, avoiding data redundancy. Then, S4 identifies nodes in the subgraph that are not viewed by the user but are structurally necessary, and transforms them into committed nodes using an encrypted commitment mechanism, protecting privacy without compromising the integrity of the link. Finally, S5 packages and encrypts the processed subgraph for transmission, and verifies the data through multi-dimensional verification to ensure its authenticity and validity, forming a complete workflow of access control preset, demand transformation, subgraph generation, privacy processing, and verification closed loop.
[0038] This method addresses the core technical challenges of fragmented information between customs districts, redundant regulatory information, privacy conflicts, and the lack of a unified cargo-level traceability structure in existing cross-customs-region supervision. It achieves the dual goals of precise cross-customs-region supervision and secure protection of privacy information. It ensures that each customs district can only obtain the minimum amount of data necessary to meet its own regulatory needs, avoiding excessive exposure of commercially sensitive information, while also guaranteeing the overall structural integrity and verifiability of the cargo-level digital seal chain. It improves the efficiency of cross-customs-region collaborative supervision, reduces the operational costs of manual document comparison and the risk of data leakage, and provides standardized data support for independent risk assessment and evidence verification in different customs districts.
[0039] In one embodiment of the present invention, S1 includes: Determine the permission parameters for each gate area and obtain the gate area permission parameter range data; Construct an permission judgment function based on the range of customs area permission parameters; Based on the permission judgment function, the visibility information of the sealed node is judged to obtain the node visibility judgment data; Based on the node visibility judgment data, node visibility data is extracted and stored to obtain visible nodes and their extracted node visibility data.
[0040] The working principle and technical effects of the above technical solution are as follows: The core of this method is to construct a standardized customs district authority system, providing a unified basis for subsequent node selection. First, based on the core needs of cross-customs district supervision, the scope of authority parameters for each customs district is clarified, covering key dimensions such as operation type, spatial area, time interval, and type of participating entity, ensuring that the authority definition is comprehensive and in line with actual supervision. Second, based on the determined scope of authority parameters, a quantitative authority judgment function is constructed, transforming abstract authority rules into calculable and reusable logical formulas to achieve accurate determination of the visibility of sealed nodes. Then, the authority judgment function is called to verify the attribute information (such as operation type, location, and participating entity) of all sealed nodes one by one, outputting node visibility judgment data. Finally, the node information judged as visible is extracted, classified, and stored to form a structured visible node dataset, providing direct data support for subsequent supervision request verification and subgraph generation.
[0041] This method addresses the technical issues of ambiguous customs authority definitions and the lack of unified visibility judgment standards in existing regulatory systems; it achieves standardized and refined control of customs authority, ensuring that the regulatory scope of each customs district is clear and quantifiable; it improves the efficiency and accuracy of subsequent node screening and request verification, avoiding regulatory omissions or over-regulation caused by ambiguous permissions; it reduces the complexity of permission management, lays the foundation for cross-customs data sharing and privacy protection, and enables subsequent subgraph generation to accurately match customs authority boundaries.
[0042] In one embodiment of the present invention, determining the permission parameters for each gateway includes: For each region c, its permission parameters are defined as follows:
[0043] in, This is the set of operation types visible within the customs area. A collection of visible spatial regions. A set of visible time intervals; For visible participating entities; Based on the above permission parameters, define a permission judgment function:
[0044] in, Indicates the location or jurisdiction of the operation. Indicates the type of participating entity.
[0045] The working principle and technical effects of the above-mentioned technical solution are as follows: This method clearly defines and mathematically models the core dimensions of customs district authority parameters to ensure the standardization and operability of the authority parameters. For each customs district c, based on actual regulatory needs, four core authority dimensions are extracted: a set of visible operation types (such as loading, unloading, and transit), a set of visible spatial areas (such as territorial jurisdiction and port regulatory areas), a set of visible time intervals (such as specific regulatory cycles), and a set of visible participating entity types (such as carriers and freight forwarding companies). These dimensions are integrated into a unified authority parameter model. Secondly, based on this parameter model, an authority judgment function is further constructed. Key node attributes such as operation location / customs district attributes and participating entity types are used as inputs. Through logical matching, the visibility of nodes is quantitatively determined, enabling the authority rules to be directly applied to the node selection process.
[0046] This method addresses the technical issues of incomplete dimensions and non-standard expressions in existing permission parameters, which prevent precise node filtering. It achieves a structured and model-based expression of permission parameters, making the permission boundaries of different customs districts clear, distinguishable, and comparable. It improves the consistency and accuracy of permission judgments, avoiding filtering biases caused by ambiguous permission parameters. It reduces the difficulty of constructing subsequent permission functions, provides a standardized core data carrier for full-process permission control, and ensures that the regulatory scope of each customs district does not exceed its limits or omit anything.
[0047] In one embodiment of the present invention, S2 includes: Obtain the regulatory request information of the target cargo in the target customs area, and obtain the cargo terminal seal node identifier of the target cargo based on the regulatory request information; The cargo terminal seal node identifier is compared with the node visible extraction data to obtain visible comparison data; Based on the visible comparison data, determine whether the verification passes and obtain the verification pass / fail information; Obtain the verification pass information based on the verification pass judgment information; The verification pass information and node visible extracted data are integrated to obtain a standardized subgraph generation task.
[0048] The working principle and technical effects of the above technical solution are as follows: The core of this method is to achieve precise docking between regulatory requests and the authorization system, transforming non-standardized regulatory needs into executable subgraph generation tasks. First, it receives regulatory requests from the target customs area for specific goods, extracts core elements from the request information, and identifies the terminal seal node identifier of the target goods to locate the core object of regulation. Second, it compares the extracted terminal seal node identifier with the visible node dataset generated by S1 to determine whether the node is within the visible range of the target customs area, generating visible comparison data. Then, based on the visible comparison data, it judges the legality and feasibility of the regulatory request and outputs a verification pass judgment message. Finally, if the verification passes, it integrates the verification result with the node visible extraction data in S1 to clarify the core constraints of subgraph generation (such as target nodes, visible range, etc.), forming a standardized subgraph generation task, ensuring that the task information is complete, the format is uniform, and it can be directly called by subsequent subgraph generation modules.
[0049] This method addresses the technical issues of existing regulatory requests being disconnected from the permission system and non-standard request processing, leading to unclear objectives for subsequent subgraph generation. It implements pre-verification of the legality of regulatory requests, avoiding requests exceeding the scope of permissions from the outset and ensuring the compliance of the regulatory process. It improves the efficiency of requirement transformation by ensuring precise alignment between preceding requirements and subsequent subgraph generation through standardized task formats. It reduces the failure rate of subgraph generation due to incomplete or non-standard request information, providing clear task guidance for the efficient generation of the minimum sealing subgraph.
[0050] In one embodiment of the present invention, S3 includes: The basic data of the global seal map is obtained based on the standardized subgraph generation task, starting from the cargo terminal seal node; By tracing the flow of goods back from child nodes to parent nodes, and then tracing back along the direction of the parent node, the backtracking data can be obtained. Based on the backtracking data, permission parameters, and regulatory request information, ancestor nodes and their edges are selected, backtracking depth control is performed, and backtracking depth control data is obtained. Candidate subgraphs are constructed based on ancestor nodes, their edges, and backtracking depth control data; Redundant nodes are removed from the candidate subgraphs to obtain the minimum sealed subgraph.
[0051] The working principle and technical effect of the above technical solution are as follows: This method uses the standardized subgraph generation task as a guide to accurately screen and simplify the minimum subgraph that meets regulatory requirements from the global seal map. First, according to the requirements of the subgraph generation task, the basic data of the global seal map is retrieved, with the cargo terminal seal node specified in the task as the starting point for tracing. Second, following the reverse direction from child node to parent node, the complete flow trajectory of the target cargo is traced back, and backtracking data including ancestor nodes and related edges is collected. Then, combining the permission parameters of S1 and the regulatory request information of S2 (such as tracing depth), the ancestor nodes and their related edges that are traced back are screened, while excessive backtracking is avoided through depth control, generating backtracking depth control data. Based on the screening results and depth control data, an initial candidate subgraph is constructed. Finally, redundant nodes are screened out of the candidate subgraph (such as duplicate nodes, indirectly related nodes, invalid nodes, etc.), and finally, the minimum seal subgraph with complete links, concise information, and meeting verifiability constraints is obtained.
[0052] This method addresses the technical issues of redundant global customs map data and the inability to accurately extract the local data required for supervision in existing cross-customs area supervision. It achieves accurate transformation from global data to minimal supervision data, ensuring that the generated sub-maps only contain the core nodes and relationships that meet supervision requirements. It improves the efficiency of supervision data processing, reduces data transmission and storage overhead, and ensures the verifiability of sub-maps (link continuity, attribute matching). It also reduces the data analysis difficulty for customs supervision personnel, enabling them to quickly focus on the core cargo flow trajectory and improve the efficiency of risk assessment and evidence verification.
[0053] In one embodiment of the present invention, the step of selecting ancestor nodes and their edges based on backtracking data, permission parameters, and regulatory request information, performing backtracking depth control, and obtaining backtracking depth control data includes: Dangguan District For a specific cargo terminal node When initiating a subgraph request, first determine the set of ancestor nodes of that node:
[0054] In actual regulatory scenarios, a maximum backtracking depth can be set. We only consider paths whose length does not exceed the depth to balance regulatory requirements and computational overhead. The ancestor set under the depth constraint is defined as:
[0055] Based on this, combined with customs area permission functions Classify ancestor nodes: Visible node set:
[0056] The necessary path, defined according to regulatory needs, is from a certain regulatory starting point to... All paths, or a few selected representative paths.
[0057] The working principle and technical effects of the above technical solution are as follows: This method achieves accurate screening of ancestor nodes and scientific control of backtracking depth through mathematical modeling, balancing regulatory needs and computational overhead. First, when the customs area initiates a subgraph request, based on the node association relationship of the global seal map, the complete set of ancestor nodes of the target cargo terminal node is clearly defined through set definition, locking all possible upstream nodes in the flow. Second, considering that excessive backtracking in actual supervision will lead to a surge in computation and data redundancy, a maximum backtracking depth threshold is set, and only path nodes with a depth not exceeding this threshold are retained, forming a set of ancestor nodes under depth restriction. Finally, combined with the customs area permission function constructed by S1, the ancestor nodes after depth restriction are classified, accurately dividing the set of visible nodes and the set of invisible but structurally necessary nodes. The set of necessary nodes is defined as nodes on the core flow path according to regulatory needs, ensuring that the screening results not only meet the permission requirements but also support subsequent link verification.
[0058] This method addresses the technical problems of excessive computational overhead, redundancy in subgraphs, or incomplete links caused by the lack of clear depth control and precise classification of nodes in existing backtracking processes. It achieves quantitative control over backtracking depth and precise classification of ancestor nodes, ensuring that the selected nodes meet regulatory traceability requirements without increasing the system burden due to excessive backtracking. It improves the efficiency and accuracy of subgraph generation and avoids interference from invalid nodes in regulatory analysis. It reduces the complexity of subsequent privacy protection processing by pre-dividing visible and necessary invisible nodes, laying the foundation for the accurate application of subsequent encrypted commitment mechanisms.
[0059] In one embodiment of the present invention, the global sealing map basic data includes: The global seal diagram corresponding to the cargo-level digital seal chain is as follows:
[0060] in, For the set of sealed nodes; Let be a set of directed edges, if Represents a node For nodes The parent node; Each node It has a set of attributes:
[0061] in, For operation types (initialization, loading, unloading, merging, splitting, switching, etc.); For operational metadata (including time, location, customs district, type of participating entity, etc.); Let the quantity of goods be a vector. For node hash; This is the digital signature of the node hash by the operating entity.
[0062] The working principle and technical effects of the above technical solution are as follows: This method clarifies the core components and node attributes of the global seal map through structured modeling, providing a standardized data foundation for subsequent subgraph generation and verification. First, the global seal map corresponding to the cargo-level digital seal chain is defined as a graph structure containing a set of nodes and a set of directed edges, where the directed edges clearly define the parent-child relationship between nodes (i.e., the order of cargo flow). Second, a comprehensive and structured set of attributes is set for each node, covering operation type (core flow actions such as initialization, loading, and unloading), operation metadata (key contextual information such as time, location, customs district, and participating entities), cargo quantity vector (supporting quantity conservation verification), node hash (supporting link verifiability), and digital signature (supporting identity authentication and anti-tampering). Through this standardized definition, it is ensured that the information of each node in the global seal map is complete and in a unified format, and can be directly parsed and processed by subsequent modules.
[0063] This method addresses the technical issues of inconsistent global customs map data structures and incomplete node attributes, which prevent the support of unified traceability and verification across customs districts. It achieves standardized and structured construction of global customs maps, ensuring consistent understanding and processing of data across different customs districts. It improves data reusability and verifiability, with node hashes and digital signatures providing core evidence for subsequent subgraph verification, and cargo quantity vectors laying the foundation for quantity conservation verification. It also reduces the complexity of cross-customs district data interaction, providing a stable and standardized data carrier for the entire process of subgraph generation, privacy protection, and verification loop.
[0064] In one embodiment of the present invention, S4 includes: Obtain the necessary node condition information from the smallest sealed subgraph, and identify the necessary nodes based on the necessary node condition information and permission parameters. A cryptographic commitment mechanism is introduced to transform the necessary nodes and generate commitment nodes; Store the hash value and commitment value of the commitment node to obtain the storage information of the commitment node.
[0065] The working principle and technical effect of the above technical solution are as follows: The core of this method is to achieve privacy protection through an encrypted commitment mechanism while ensuring the integrity of the link. First, based on the permission parameters of S1 and the minimum sealing subgraph generated by S3, the judgment conditions of necessary nodes are clarified (i.e., nodes that are beyond the scope of the customs area's permissions but are necessary to maintain the integrity of the hash chain structure), and the nodes in the minimum sealing subgraph are identified one by one according to the conditions. Second, an encrypted commitment mechanism is introduced to transform the identified necessary nodes, and the plaintext data of the nodes is converted into commitment values through a predetermined hash function and a normalized encoding function, hiding the sensitive attribute information of the nodes. Finally, the attributes of the generated commitment nodes are sorted, and only non-sensitive information such as commitment values, necessary operation types (optional), and quantity information (complete vector or statistical digest, optional) are retained, and this information is stored to form commitment node storage information for subsequent subgraph packaging and verification.
[0066] This method addresses the technical challenge of balancing privacy protection and link verifiability in existing cross-customs area supervision. It achieves a balance between sensitive information hiding and link integrity assurance, avoiding excessive exposure of commercially sensitive information beyond the authority of the customs area (such as complete supply chain structure and freight rates), while maintaining the continuity of the hash chain through committed nodes. It enhances the security of cross-customs area data sharing, enabling collaborative supervision among different customs areas under the premise of privacy protection. It reduces the risk of data leakage while ensuring the feasibility of subsequent subgraph verification, thus ensuring the compliance and security of the regulatory process.
[0067] In one embodiment of the present invention, the step of introducing a cryptographic commitment mechanism to transform the necessary nodes and generate commitment nodes includes: Define node plaintext data ; Use a pre-defined hash function Construct the commitment value:
[0068] in For normalized coding functions; In the subgraph, the corresponding node Replaced with a commitment node Its public attributes are:
[0069] This is the committed value; Option to expose operation types; Choose to expose the full quantity vector or only the statistical summary.
[0070] The working principle and technical effect of the above technical solution are as follows: This method achieves privacy desensitization of necessary nodes through a specific encrypted commitment algorithm, ensuring the security and verifiability of the commitment nodes. First, the scope of plaintext data of the necessary nodes to be transformed is clearly defined, covering the node's sensitive attributes (such as business cooperation information, detailed flow metadata, etc.). Second, a secure and reliable pre-defined hash function is selected, combined with a normalized encoding function, to process the node's plaintext data, generating a unique commitment value, ensuring that the commitment value corresponds one-to-one with the plaintext data and cannot be tampered with. Then, the original necessary nodes are replaced with commitment nodes, and the public attributes of the commitment nodes are redefined: the core is the generated commitment value, and the operation type can be exposed (supporting basic flow judgment) or the quantity vector of goods or its statistical summary can be exposed (supporting quantity verification) according to regulatory requirements. Through this transformation, the commitment nodes neither disclose sensitive information nor fail to support subsequent link verification.
[0071] This method addresses the technical issues in existing privacy protection mechanisms where de-identified nodes cannot support link verification, or where sensitive information is easily leaked during verification. It achieves the dual goals of secure de-identification of necessary nodes and retention of verifiability. The uniqueness of the commitment value ensures the immutability of the data, while the optional exposure of basic attributes guarantees basic support for regulatory needs. It enhances the flexibility and security of encryption processing, allowing the scope of publicly disclosed attributes to be adjusted according to different regulatory scenarios. It reduces the conflict between privacy protection and regulatory verification, enabling cross-regional data sharing to proceed smoothly under the premise of security and compliance, while providing core evidence for subsequent hash consistency verification of subgraphs.
[0072] In one embodiment of the present invention, S5 includes: Pack the minimum enclosed subgraph containing visible nodes, committed nodes, and their associated edges to obtain the packaged data; The packaged data is transmitted to the target customs area via a secure, encrypted channel. The target customs area performs three core verifications on the packaged data through a standardized verification interface to obtain core verification data: The standard subgraph was confirmed based on the core validation data.
[0073] The working principle and technical effects of the above technical solution are as follows: This method constructs a closed-loop process of packaging, transmission, and verification to ensure the secure delivery of subgraphs and the authenticity and validity of data. First, the visible nodes generated by S3, the committed nodes generated by S4, and their associated edges are integrated and packaged according to a preset standardized format to ensure a unified data structure and ease of parsing. Second, a secure encrypted channel (such as VPN+HTTPS) is used to transmit the packaged data to the target customs area to avoid data leakage or tampering during transmission. Finally, a standardized verification interface is provided to the target customs area, supporting three core verifications: hash consistency verification (comparing the committed value with the corresponding node hash in the global seal graph to ensure that the data has not been tampered with), quantity conservation verification (verifying the quantity matching before and after cargo splitting / merging), and signature verification (verifying the validity of the node's digital signature to confirm the reliability of the data source). Based on the core verification data of the three verifications, the authenticity and integrity of the subgraph data are judged, and the standard subgraph that meets the requirements is finally confirmed.
[0074] This method addresses the technical issues of insecure cross-customs area data transmission and the inability to guarantee the authenticity of submap data. It achieves full-process security control of submaps from delivery to verification, ensuring that the submap data obtained by the target customs area is authentic, complete, and tamper-proof. It improves the security and reliability of cross-customs area data interaction, and the standardized verification interface reduces the operational difficulty of customs area verification, enabling regulatory personnel to quickly complete data validity verification. It reduces the risk of regulatory misjudgment caused by data transmission or tampering, while forming a closed-loop verification of regulatory data, providing a guarantee for the authority and accuracy of cross-customs area collaborative supervision.
[0075] Obviously, those skilled in the art can make various modifications and variations to this invention without departing from its spirit and scope. Therefore, if these modifications and variations fall within the scope of the claims of this invention and their equivalents, this invention also intends to include these modifications and variations.
Claims
1. A method for generating a minimum subgraph for cross-customs area supervision and protecting privacy, characterized in that, The method includes: S1. Set permission parameters and permission judgment functions for each gate area, and then perform visible node judgment and analysis to obtain visible nodes; S2. Based on the regulatory request information of the target goods in the target customs area, perform node visibility comparison analysis and verification to obtain the standardized sub-graph generation task; S3. Obtain the basic data of the global capstone graph based on the standardized subgraph generation task, and then obtain the candidate ancestor node set and backtracking depth control to obtain the minimum capstone subgraph; S4. Obtain the necessary nodes from the minimum sealed subgraph, generate commitment nodes, and obtain the storage information of the commitment nodes; S5. Pack the minimum sealed subgraph of visible nodes, committed nodes and their associated edges, transmit and verify it to obtain the standard subgraph.
2. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision as described in claim 1, characterized in that, S1 includes: Determine the permission parameters for each gate area and obtain the gate area permission parameter range data; Construct an permission judgment function based on the range of customs area permission parameters; Based on the permission judgment function, the visibility information of the sealed node is judged to obtain the node visibility judgment data; Based on the node visibility judgment data, node visibility data is extracted and stored to obtain visible nodes and their extracted node visibility data.
3. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 2, characterized in that, The permission parameters for determining each access zone include: For each region c, its permission parameters are defined as follows: in, This is the set of operation types visible within the customs area. A collection of visible spatial regions. A set of visible time intervals; For visible participating entities; Based on the above permission parameters, define a permission judgment function: in, Indicates the location or jurisdiction of the operation. Indicates the type of participating entity.
4. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 1, characterized in that, S2 includes: Obtain the regulatory request information of the target cargo in the target customs area, and obtain the cargo terminal seal node identifier of the target cargo based on the regulatory request information; The cargo terminal seal node identifier is compared with the node visible extraction data to obtain visible comparison data; Based on the visible comparison data, determine whether the verification passes and obtain the verification pass / fail information; Obtain the verification pass information based on the verification pass judgment information; The verification pass information and node visible extracted data are integrated to obtain a standardized subgraph generation task.
5. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 1, characterized in that, S3 includes: The basic data of the global seal map is obtained based on the standardized subgraph generation task, starting from the cargo terminal seal node; By tracing the flow of goods back from child nodes to parent nodes, and then tracing back along the direction of the parent node, the backtracking data can be obtained. Based on the backtracking data, permission parameters, and regulatory request information, ancestor nodes and their edges are selected, backtracking depth control is performed, and backtracking depth control data is obtained. Candidate subgraphs are constructed based on ancestor nodes, their edges, and backtracking depth control data; Redundant nodes are removed from the candidate subgraphs to obtain the minimum sealed subgraph.
6. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 5, characterized in that, The step of selecting ancestor nodes and their edges based on backtracking data, permission parameters, and regulatory request information, performing backtracking depth control, and obtaining backtracking depth control data includes: Dangguan District For a specific cargo terminal node When initiating a subgraph request, first determine the set of ancestor nodes of that node: In actual regulatory scenarios, a maximum backtracking depth can be set. We only consider paths whose length does not exceed the depth to balance regulatory requirements and computational overhead. The ancestor set under the depth constraint is defined as: Based on this, combined with customs area permission functions Classify ancestor nodes: Visible node set: The necessary path, defined according to regulatory needs, is from a certain regulatory starting point to... All paths, or a few selected representative paths.
7. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 1, characterized in that, The basic data for the global weather map includes: The global seal diagram corresponding to the cargo-level digital seal chain is as follows: in, For the set of sealed nodes; Let be a set of directed edges, if Represents a node For nodes The parent node; Each node It has a set of attributes: in, For operation types (initialization, loading, unloading, merging, splitting, switching, etc.); For operational metadata (including time, location, customs district, type of participating entity, etc.); Let the quantity of goods be a vector. For node hash; This is the digital signature of the node hash by the operating entity.
8. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 1, characterized in that, S4 includes: Obtain the necessary node condition information from the smallest sealed subgraph, and identify the necessary nodes based on the necessary node condition information and permission parameters. A cryptographic commitment mechanism is introduced to transform the necessary nodes and generate commitment nodes; Store the hash value and commitment value of the commitment node to obtain the storage information of the commitment node.
9. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 8, characterized in that, The introduction of an encrypted commitment mechanism to transform necessary nodes and generate commitment nodes includes: Define node plaintext data ; Use a pre-defined hash function Construct the commitment value: in For normalized coding functions; In the subgraph, the corresponding node Replaced with a commitment node Its public attributes are: This is the committed value; Option to expose operation types; Choose to expose the full quantity vector or only the statistical summary.
10. The method for generating and protecting the privacy of a minimum subgraph for cross-regional supervision according to claim 1, characterized in that, S5 includes: Pack the minimum enclosed subgraph containing visible nodes, committed nodes, and their associated edges to obtain the packaged data; The packaged data is transmitted to the target customs area via a secure, encrypted channel. The target customs area performs three core verifications on the packaged data through a standardized verification interface to obtain core verification data: The standard subgraph was confirmed based on the core validation data.