Fine-grained access control system and method based on large model decision-making
By combining formal modeling with large-scale model reasoning and decision-making, the problem of fine-grained access control in high-concurrency and complex semantic scenarios is solved, enabling fast, accurate, and interpretable access control in emergency scenarios, thus improving the security and timeliness of the system.
Patent Information
- Authority / Receiving Office
- CN · China
- Patent Type
- Applications(China)
- Current Assignee / Owner
- SHENZHEN HUITUO INFORMATION TECH CO LTD
- Filing Date
- 2026-03-20
- Publication Date
- 2026-07-10
Smart Images

Figure CN122365477A_ABST
Abstract
Description
Technical Field
[0001] This invention relates to the field of access control technology, and more specifically, to a fine-grained access control system and method based on large model reasoning decision-making. Background Technology
[0002] As enterprises continue to advance their IT processes, a large amount of records involving personal privacy, trade secrets, and regulated data have gradually accumulated in various internal management and business systems. This data and resources require access control protection in many scenarios to balance security and business compliance. Currently, the most common practice is to configure a relatively fixed set of permissions around roles or rules, with each business system maintaining its own policy library. This approach works when the number of systems is limited and business boundaries are clear. However, as the organizational relationships, historical behaviors, and trustworthiness of access subjects change, the sensitivity of controlled resources gradually exhibits hierarchical differences. Furthermore, the urgency of business scenarios and the real-time load of systems fluctuate significantly, making it difficult to provide fine-grained, dynamic, and interpretable judgments for individual access requests based solely on static configurations. In business scenarios with high timeliness requirements, such as emergency care and real-time financial risk management, many systems can only meet urgent access needs by pre-setting privileged identities, temporarily elevating permissions, or expedited manual approval. These temporary measures lack unified quantitative modeling of the access context and clear decision boundaries, often resulting in oscillations between overly loose security controls and overly strict access restrictions.
[0003] In recent years, the development of AI reasoning technologies such as large-scale language models has enabled some systems to begin utilizing their natural language understanding capabilities to analyze unstructured information such as access purpose descriptions, policy clauses, and audit logs, hoping to provide assistance for permission determination in complex semantic scenarios. However, if large-scale language models are directly placed in the real-time access chain, the inference overhead and response latency are often difficult to control, making it difficult to meet real-time requirements under high-concurrency access. If they are only called occasionally to save computing power, it is difficult to fully leverage their advantages in complex semantic reasoning. Existing solutions still generally lack a complete mechanism that, based on a unified representation of the access subject, controlled resources, and system operating status, introduces a lightweight local decision-making model to undertake rapid adjudication, and then collaborates with the large-scale language model inference engine to select adjudication paths in a tiered manner based on factors such as access urgency, risk level, and system load. Furthermore, it continuously adjusts relevant parameters by combining decision results and post-event feedback, so that security, timeliness, and resource utilization efficiency can be balanced within the same framework. Summary of the Invention
[0004] To overcome the aforementioned deficiencies of the prior art, embodiments of the present invention provide a fine-grained access control system and method based on large model reasoning decision-making to solve the problems mentioned in the background art.
[0005] To achieve the above objectives, the present invention provides the following technical solution: A fine-grained access control method based on large model inference and decision-making includes the following steps: Formal modeling and quantitative representation of access subjects, controlled resources and system operating status are performed, including calculating the access subject trust baseline based on the attributes of the access subject, calculating the resource basic sensitivity score based on the characteristics of controlled resources, and calculating the system load index based on system operating indicators. Upon receiving an access request, the request content is parsed and an urgency score is calculated. An emergency access comprehensive score is generated based on the urgency score, the resource basic sensitivity score, and the access subject trust baseline. Based on the emergency access comprehensive score, the emergency access mode is classified into one of the following: normal mode, emergency but conservative mode, or emergency mode with appropriate relaxation. Based on the emergency access mode and related context information, a lightweight permission decision model is driven to quickly adjudicate and output an access conclusion and risk label. A review score is calculated based on multiple factors, including the emergency access mode, risk label, system load index, and historical false positive rate, to determine whether to invoke the large-scale language model inference engine for review. For requests that decide to invoke the large-scale language model inference engine, the final permission conclusion is formed by combining the adjudication result of the lightweight permission decision model and the review opinion of the large-scale language model inference engine. For requests that do not invoke the large-scale language model inference engine, the adjudication result of the lightweight permission decision model is used as the final permission conclusion. The final authorization conclusion is executed, the decision log is recorded, and the scoring parameters, weights, and thresholds in the system are periodically optimized based on the feedback data from the decision log.
[0006] In a preferred embodiment, the trust baseline of the access subject is obtained by normalizing multiple attribute fields in the access subject attribute library and then summing them according to preset weight coefficients.
[0007] In a preferred embodiment, the resource basic sensitivity score is obtained by normalizing multiple resource feature fields in the resource metadata and sensitivity tag library respectively, and then weighting and summing them according to preset sensitivity weight coefficients.
[0008] In a preferred embodiment, the emergency access comprehensive score is obtained by weighted summation of the urgency score, the resource base sensitivity score, and the baseline trust level of the access subject.
[0009] In a preferred embodiment, when classifying the emergency access mode as an emergency and moderately relaxed mode, in addition to requiring the comprehensive score of emergency access to be higher than the second threshold, it is also required that the urgency score be not lower than an emergency threshold and the baseline of the trust level of the access subject be not lower than a lower limit of trust level.
[0010] In a preferred embodiment, when calculating the review score, the emergency access mode, risk marker, system load index and historical misjudgment rate are mapped as numerical factors and then weighted and fused according to preset weights.
[0011] In a preferred embodiment, when calling the large-scale language model inference engine for review, the input information provided to it includes: access request parameters, resource characteristics, relevant policy fragments, simplified historical access summaries, and access conclusions and risk markers output by the lightweight permission decision model.
[0012] In a preferred embodiment, the periodic optimization step includes: statistically analyzing the experience misjudgment rate and average decision delay for different scenarios based on the decision log, and adjusting the weight coefficients and threshold parameters involved in generating the emergency access comprehensive score and the review score with the goal of reducing the overall cost.
[0013] In a preferred embodiment, when calculating the system load index, the access request arrival rate, the length of the large-scale language model inference queue, and the average inference latency within the monitoring time window are normalized and weighted summed.
[0014] In a preferred embodiment, the following modules are included: The access control baseline modeling module is used to formally model and quantitatively represent access subjects, controlled resources, and system operating status. This includes calculating the access subject trust baseline based on the attributes of the access subject, calculating the resource basic sensitivity score based on the characteristics of the controlled resources, and calculating the system load index based on system operating indicators. The access request dynamic scoring module is used to parse the request content and calculate the urgency score when an access request is received. Based on the urgency score, resource basic sensitivity score and access subject trust baseline, it generates an emergency access comprehensive score and classifies the emergency access mode into one of the following according to the emergency access comprehensive score: normal mode, emergency but conservative mode, or emergency and moderately relaxed mode. The hierarchical intelligent adjudication module is used to drive a lightweight permission decision model to make rapid decisions based on the emergency access mode and related context information, outputting access conclusions and risk labels. It also calculates a review score based on multiple factors, including the emergency access mode, risk label, system load index, and historical misjudgment rate, to determine whether to call the large-scale language model inference engine for review. For requests that decide to call the large-scale language model inference engine, the final permission conclusion is formed by combining the adjudication result of the lightweight permission decision model and the review opinion of the large-scale language model inference engine. For requests that do not call the large-scale language model inference engine, the adjudication result of the lightweight permission decision model is used as the final permission conclusion. The permission execution feedback optimization module is used to execute the final permission conclusion, record the decision log, and periodically optimize the scoring parameters, weights, and thresholds in the system based on the feedback data of the decision log.
[0015] The technical effects and advantages of this invention are as follows: This invention, building upon existing access control frameworks, introduces quantitative indicators such as access subject trust baselines, resource sensitivity scores, and system load indices. This transforms the previously fragmented, experience-based judgments across various business systems into a unified, calculable, and adjustable scoring system. When an access request arrives, the system no longer considers only roles or single rules, but simultaneously takes into account the urgency of the business scenario, the sensitivity level of the target resource, and the access subject's consistent trustworthiness, forming a comprehensive emergency access score and classifying different emergency access modes accordingly. This approach allows for reasonable flexibility in rules during urgent situations like emergency situations and risk control procedures, without simply removing all restrictions, thus balancing business continuity and access security.
[0016] In terms of the adjudication mechanism, this invention does not rely solely on large-scale language models. Instead, it employs a collaborative approach between a lightweight permission decision-making model and a large-scale language model inference engine. The majority of requests are quickly adjudicated by the lightweight model under the constraint of an urgent access mode. Only when the urgent access mode is high, the risk marker is biased towards the boundary, the historical misjudgment rate is sensitive, and the system load index allows, are requests reviewed and filtered by a large-scale language model for further review. This design leverages the advantages of large models in understanding complex textual information such as access purpose descriptions, policy terms, and historical access summaries, improving the accuracy and interpretability of decisions in complex scenarios. Furthermore, it adaptively constrains the call frequency through review scoring and system load index, avoiding the uncontrollable latency and wasted computing power issues caused by the large model being online throughout the entire process.
[0017] Meanwhile, this invention, through a permission execution feedback optimization module, uniformly writes the key elements of each access decision and subsequent audit results into the decision log. Based on this, it statistically analyzes the experience-based misjudgment rate, average decision latency, and large model call frequency according to scenarios. With the goal of reducing overall costs, it periodically adjusts the weighting coefficients and threshold configurations in the emergency access comprehensive score and review score. When necessary, it also links and corrects the update strategies for the access subject trust baseline and resource-based sensitivity score. Through this closed-loop optimization mechanism, the system can continuously evolve with changes in the business environment, attack methods, and compliance requirements, reducing the workload of the security team in frequently manually modifying rules and adjusting thresholds. This ensures that fine-grained access control maintains a relatively stable security level and acceptable response latency in long-term operation. Attached Figure Description
[0018] To facilitate understanding by those skilled in the art, the present invention will be further described below with reference to the accompanying drawings; Figure 1 This is a flowchart illustrating the fine-grained access control method based on large model reasoning and decision-making of the present invention. Figure 2 This is a schematic diagram of the fine-grained access control system based on large model reasoning and decision-making according to the present invention. Detailed Implementation
[0019] The technical solutions of the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings. Obviously, the described embodiments are only some embodiments of the present invention, and not all embodiments. Based on the embodiments of the present invention, all other embodiments obtained by those skilled in the art without creative effort are within the scope of protection of the present invention.
[0020] Example 1: The present invention provides a fine-grained access control method based on large model reasoning and decision-making, such as... Figure 1 As shown, it includes the following steps: Step 1: Access control baseline modeling; In step one, this invention first deploys an access control server on the enterprise's existing information system infrastructure, serving as a unified entry point for each business system before accessing controlled resources. This ensures that all access requests from medical business systems, financial transaction systems, or other internal applications are centrally accessed and adjudicated by this access control server before reaching the underlying data or documents. Internally, the access control server deploys a lightweight access decision model and a large-scale language model inference engine according to a layered architecture: the lightweight model is used to quickly make initial judgments on access requests within a strict time budget, while the large-scale language model inference engine is used to perform high-precision verification of complex semantic scenarios under conditions where computing power and latency allow.
[0021] On the access subject side, the access control server reads fields related to user identity, organizational relationship, and historical behavior from the access subject attribute database, denotes each access subject as u, and constructs an attribute vector for it. The attribute vector can include information such as job level, whether it belongs to a special position such as emergency medical services or risk control, the number or severity of historical violations, the score of the most recent audit conclusion, length of service, the risk level of the institution, and whether multi-factor authentication is enabled. The units and value ranges of different fields are not consistent, so a normalization function is first used. Each field is mapped to the interval [0,1], and then a weighted sum is performed according to configurable weight coefficients to obtain the baseline of the access subject's trust level. : ; In the formula, This represents the original value of the access subject u in the i-th attribute dimension. These are the weight coefficients for the corresponding attributes, and each weight satisfies... And preferably satisfying .
[0022] normalization function Scoring methods can be employed, such as interval scaling, segmented mapping, or scoring based on historical statistics. One specific implementation is to use minimum and maximum normalization for continuous numerical attributes. ,in and This represents the boundary of the attribute's value range across all subjects; for binary attributes, it is directly mapped to 0 or 1; for discrete-level attributes, sequential encoding can be performed first, followed by linear scaling.
[0023] On the controlled resource side, the access control server loads basic information for each resource object from the resource metadata and sensitive tag library, assigns the resource as 'o', and constructs a resource feature vector. The feature vector can include the business type of the resource, whether it contains personally identifiable information fields, whether it involves medical records or financial account information, whether it contains trade secret clauses, the frequency of leaks or unauthorized access to this type of resource in historical audits, and whether it is intended for cross-institutional sharing. The business type of the resource includes items such as medical records, image reports, single transaction records, customer details, and statistical reports. Similarly, a normalization function is used... Each feature component is uniformly mapped to the [0,1] interval, and then combined with a set of sensitivity weight coefficients to calculate the resource-based sensitivity score. : ; In the formula, This represents the original value of resource o in the j-th feature dimension. The weights are the corresponding feature weights, and each weight satisfies the following conditions: And preferably satisfying Normalization function The design can be tailored by considering field types, regulatory requirements, and internal security standards to ensure that fields involving personal privacy, financial information, or medical data receive a higher sensitivity contribution in calculations; similarly, the normalization function of resource characteristics... Can be adopted with The principle of similarity is implemented.
[0024] At the permission rule level, the permission control server centralizes and writes the access control rules, which were originally scattered across various business systems within the enterprise, into the permission policy library during this step. Each policy is associated with a specific business system, resource type, sensitivity level, or access subject role, and the rule body specifies the constraints and corresponding actions. Constraints may involve one or more fields from the access subject attribute vector and resource feature vector, or they may involve operation type, access time, geographical location, or terminal type. The action section describes the control behavior that the system should take when the conditions are met, such as directly denying access, allowing full access, allowing access only to the anonymized view, opening only online read-only interfaces, or triggering additional auditing, etc.
[0025] Regarding system operational status, the access control server enables the operational metric collection module in this step to record metrics such as access request arrival rate, average processing latency of lightweight models, inference queue length of large-scale language models, average inference time of large-scale language model inference engines, and network round-trip time. The specific calculation method for the system load index can be configured according to the deployment environment, such as monitoring the request arrival rate within a time window. Large-scale language model inference engine inference queue length and average inference delay After normalizing the three values to the interval [0,1], perform a weighted sum: ,in , , These are weighting coefficients that sum to 1; for example... , , .
[0026] Step 2: Dynamic scoring of access requests; In step two, after receiving access requests from various business systems, the access control server first breaks down and organizes the requests. When the request message arrives at the unified entry point, the system parses out fields such as access subject identifier, target resource identifier, operation type, source business system, current terminal type, and network environment. Subsequently, based on the access subject identifier, the server retrieves the previously calculated trust baseline from the access subject attribute database. And the corresponding attribute vector; based on the target resource identifier, retrieve the basic sensitivity score from the resource metadata and sensitivity tag library. Information such as the business type and sensitivity level of the resources.
[0027] The assessment of business urgency is completed at this stage. The access control server, considering the source system and module (e.g., whether it's an emergency subsystem or a risk control alert interface), and status fields in business records (e.g., patient status, transaction status), makes a preliminary judgment on whether the current request is under significant time pressure. Simultaneously, a lightweight text classification model is invoked on the scenario description text to identify whether it contains keywords or semantic fragments such as emergency care, rescue, transaction freeze, or risk control alarm. The structured fields and text analysis results are normalized to the same numerical range, mapped to an urgency score. The value is preferably limited to [0,1]. The higher the value, the lower the tolerance for the delay in permission determination, and the closer it is to a state where a conclusion must be given as soon as possible; the lower the value, the more lenient the acceptable response time.
[0028] After obtaining the quantified results of urgency, basic sensitivity, and trust level, the system needs to integrate this scattered information to provide a more comprehensive score that is easier to use later. To this end, the access control server internally calculates an emergency access comprehensive score. A more direct approach is to use a weighted summation method: ; In the formula, This is the overall score for this visit, with the value varying within the range of [0,1]. , , These are non-negative weighting coefficients used to reflect the relative impact of urgency, resource risk, and the credibility of the access subject in the overall judgment; ideally, the sum of these three factors should be 1. For example... , , ; The aforementioned urgency score; Assess resource-based sensitivity. As a baseline for the trust level of the access subject, here we take This component, representing distrust, is included in the calculation; the more untrustworthy the requester, the greater its contribution to the overall score. This setting allows for adjustments when a request simultaneously possesses the characteristics of being extremely urgent, highly sensitive to resources, and having a low-trustworthiness requester. The score will be higher; conversely, when the business is not urgent, resources are limited, and the entity is highly trustworthy, the overall score will be significantly lower.
[0029] To facilitate the use of this comprehensive score in subsequent decision-making models, the access control server divides continuous values into several discrete levels based on a set of configurable thresholds. Two threshold parameters can be set. and ,satisfy ,For example , .when Not higher than When the overall score is within a certain range, the system will mark this access as normal mode, indicating that the current business does not have extreme requirements for response time and the risk level is within a controllable range; when the overall score is within a certain range... and In the intermediate stages, being marked as urgent but conservative indicates time pressure, resource sensitivity, or generally low credibility of the accessing entity. Subsequent decisions should prioritize ensuring security boundaries. When the overall score is... Exceeding the threshold At that time, the system will further determine two additional conditions: urgency score. Is it greater than or equal to a preset emergency threshold? ,For example And the baseline trust level of the accessing subject Is it greater than or equal to a preset trust threshold? ,For example Only when both of these additional conditions are met will this visit be classified as urgent and subject to appropriate relaxation. and These are configurable parameters for the system and can be adjusted according to the business's risk tolerance.
[0030] After the pattern tag is generated, it is written into the decision context of the current access request along with the access subject identifier, resource identifier, operation type, and environment information. The lightweight permission decision-making model will then directly read this pattern tag during rapid adjudication and, in conjunction with its built-in training strategies, make different judgments based on the same evidence conditions. The review module will also refer to this tag and the corresponding comprehensive score when assessing whether further analysis using a large-scale language model is necessary.
[0031] Step 3: Layered intelligent adjudication; In step three, when the access control server receives the processed access request, it first generates a feature representation for quick decision-making using existing context information. The request context already includes the access subject identifier, target resource identifier, operation type, emergency access mode, and environment information. Based on this, the server retrieves the corresponding attribute vector and trust baseline from the access subject attribute database, and the resource feature vector and basic sensitivity score from the resource metadata and sensitivity tag database. Simultaneously, it reads the current system load index. All of this information is organized into a single data structure, transforming it into input that the lightweight access control decision model can directly process, without repeatedly constructing new fields.
[0032] The lightweight permission decision-making model at this stage is responsible for providing an actionable conclusion. After receiving a request, the server sets different time budgets for different urgent access modes: normal modes can be processed in batches, while urgent modes are sent to the model individually or in small batches. Within a limited time, the model outputs two types of results: an access conclusion, including direct denial, full permission, and restricted permission; and a risk marker indicating the distance between the current conclusion and the policy boundary. For example, in scenarios with highly sensitive resources and low trust levels of the accessing entity, the model might grant read-only access but prohibit exporting, while marking it as high-risk; in cases where the business is not urgent and all indicators are relatively secure, it might grant full access with a low-risk marker. As long as a decision is made within the set time, the server will use this as the basis for real-time control of the current session, preventing the frontend from remaining in a waiting state for an extended period.
[0033] After a rapid decision is made, the system does not send all requests to the large-scale language model inference engine for review indiscriminately. Instead, it first determines whether the computational effort is worthwhile. This determination relies on a set of joint variables, including the emergency access mode, the risk marker of the lightweight permission decision-making model, the current system load index, and decision biases in similar historical scenarios. To facilitate subsequent processing, a review score can be calculated internally. An example format is as follows: .
[0034] In the formula, For the purpose of review and scoring, a higher score indicates that it is more necessary to call the large-scale language model inference engine. Discrete mode labels are mapped to numerical values. For example, a normal mode is mapped to 0.2, an urgent but conservative mode is mapped to 0.6, and an urgent mode that can be moderately relaxed is mapped to 0.9. The risk labels of the lightweight permission decision-making model are mapped to numerical values, for example, low risk is mapped to 0.2 and slightly high risk is mapped to 0.8; Can be directly taken as This indicates that the review process should be tightened under high load conditions; Historical misjudgment rate can be directly obtained. The value; among which, the historical misjudgment rate This is an empirical value derived from statistics regarding the decision-making scenario category to which the current access request belongs. Specifically, the system filters historical decision logs, selecting all records with the same or similar scenario category labels as the current request. It then counts the number of entries within that category that were judged as incorrect decisions by post-audit or feedback mechanisms, and divides this number by the total number of decisions within that category. ,in The number of incorrect decisions, This represents the total number of decisions. (Parameter) , , , These are non-negative weights, configured based on the organization's trade-offs regarding security, latency, and computing power costs, with their sum being 1 in optimal conditions; for example... , 0.4, , .
[0035] The server makes a selection based on the review score and a preset threshold. If the score is below the lower limit, it is considered that no review is needed, and the conclusion of the lightweight permission decision model is directly used as the final result. If the score is in the middle range, the request can be placed in the large-scale language model inference engine queue with a lower priority, provided the load allows. If the score exceeds the upper limit, the request is marked as requiring review and assigned a higher queue priority, regardless of the current system load. After the decision result is written to the request context, the scheduling module is responsible for adjusting the concurrency of inference instances and queue order of the large-scale language model inference engine, so that limited computing power is used more on high-scoring requests, rather than being evenly distributed.
[0036] Requests selected for review are packaged again before entering the large-scale language model inference engine. This packaging includes not only the original access parameters and feature vectors, but also policy-related fragments, a simplified historical access summary, and preliminary conclusions and risk markers from the lightweight permission decision model. The simplified historical access summary includes at least: the number of times the same accessing subject accessed resources of the same sensitivity level within a preset time window prior to the current access, the number of times review was triggered, and the proportion ultimately decided as denied or allowed with restrictions.
[0037] Upon receiving this prompt, the large-scale language model inference engine comprehensively analyzes the access purpose, resource content, subject background, and existing policies to determine whether the current access matches the scenario description, whether there is any expansion of the access scope under the guise of urgency, and whether the lightweight permission decision-making model appears too lenient or too conservative in this situation. The output of the large-scale language model inference engine typically includes two aspects: first, the attitude towards the rapid decision—whether it is approval or a suggestion for modification; and second, if modification is required, specific suggestions such as tightening the granularity, adding additional conditions, or marking it as requiring subsequent manual attention.
[0038] After receiving the review results, the server synthesizes the rapid decision with the suggestion from the large-scale language model inference engine. If the two are consistent, the common conclusion is followed directly; if there is a significant conflict, the server determines which side to adopt based on the emergency access mode, resource sensitivity level, and current load. In high-risk scenarios where time permits, the revised suggestion from the large-scale language model inference engine is preferred; in cases where network jitter or computing power constraints cause significant timeouts in the review results, the conservative conclusion of the lightweight permission decision model can be retained, and the review can be marked as an anomaly for separate handling during the log analysis phase.
[0039] Step 4: Optimize permission execution feedback; In step four, after receiving the final ruling from step three, the access control server executes it directly on the access channel between the business system and data resources. If the ruling is "access denied," the gateway will no longer forward any read / write requests downstream, only returning a uniform error code or message with an auditable reason number. If the ruling is "full access allowed," the system establishes a corresponding resource view for the accessing entity within the current session, and, if necessary, enables additional constraints such as session duration control, concurrency limits, and secondary validation. For access with restrictions, the server trims and transforms the original data according to the granularity requirements given in the ruling before returning it to the business system. For example, it may retain only certain fields, mask identity information, replace detailed records with summary tables, and open online read-only interfaces while blocking export and download operations. In scenarios involving temporary relaxation of permissions, a one-time authorization flag is added, recording the start and end times, applicable scope, and triggering reason, and is automatically revoked when the session ends or the validity period expires.
[0040] While executing access control actions, the system writes relevant information about the request to the decision log. The log includes basic identifiers of the access subject and target resource, operation type, source system, terminal and network environment, and a description of the business scenario. It also includes key quantities calculated in previous steps, such as the access subject's trust baseline, resource basic sensitivity score, urgency calculation results and the resulting pattern tag, risk labels from the lightweight permission decision model, review score, and the system load index at that time. If a large-scale language model inference engine is invoked, its analysis opinions and suggestions are also recorded, including its affirmation or correction direction for the rapid decision. The final effective permission conclusion and the actual actions executed at the gateway layer are also written to the log. Subsequent feedback, such as manual intervention, user appeals, security incident reports, or audits overturning the original conclusion, will also be linked to the corresponding log records.
[0041] To determine the rationality of the existing configuration, a quantitative marker of the post-event performance needs to be assigned to each scenario. Each decision within a certain time window can be considered a sample, denoted as sample number i. When it is subsequently confirmed that the decision neither led to the leakage of sensitive information nor caused significant disruption to business operations, it is recorded as... When obvious cases of wrongful release, wrongful rejection, or clearly inappropriate granularity are found, record... For a specific scenario, such as the same pattern tag, the same resource level, or the same role combination, there are a total of [number] [items] in the statistics window. For each decision record, the empirical misjudgment rate for this type of scenario can be calculated as follows: ; in, The value ranges from 0 to 1. The closer the value is to 1, the more likely the permission conclusions in this type of scenario are to have problems; a value closer to 0 indicates that the current configuration is relatively stable.
[0042] For the same type of scenario, the average adjudication delay can be calculated from the logs. For example, the time from when a request enters the access control server to when the final result is sent to the business system; and the number of times the large-scale language model inference engine is called per unit time, denoted as... Based on this, a comprehensive cost function can be defined: ; in , , The weights are non-negative. The weights can be determined through negotiation between the security and operations teams during the deployment phase, or they can be fine-tuned based on actual conditions after running for a period of time. , , .
[0043] Compare the false positive rates and overall costs across different scenarios. If a certain type of access is found to have a high false positive rate under high-urgency marking, it indicates that the weights or thresholds in the preceding scoring are too lenient. The proportion of resource sensitivity and distrust in the overall score can be appropriately increased, or the pattern segmentation threshold for the corresponding interval can be raised. If some low-risk scenarios, although almost error-free, frequently trigger reviews with significantly longer average latency, the review scoring weights for these scenarios can be lowered, or the threshold for triggering the large-scale language model inference engine can be raised, allowing more requests to remain at the lightweight permission decision-making model level. Similarly, during periods of consistently high system load, if the overall latency exceeds expectations while the false positive rate remains within an acceptable range, the role of the system load index in the review scoring can be increased, allowing the scheduling logic to automatically tighten review quotas under high pressure.
[0044] Parameter adjustments can be made through periodic batch updates. For example, during off-peak hours each day, weights and thresholds can be recalculated based on logs from the previous day or week, and then written back to the configuration center. The next round of decisions will then directly use the updated parameters. The baseline trust level of access subjects and the resource sensitivity score can also be appropriately adjusted based on long-term statistics. For example, the trust level of subjects that have been repeatedly audited and deemed compliant can be slightly increased, and the basic sensitivity of resource types that frequently cause problems can be increased.
[0045] Example 2: The design of the fine-grained access control system based on large model reasoning decision-making in this invention is based on the method in Example 1, specifically as follows... Figure 2 The following modules are shown: The access control baseline modeling module is used within the access control server to formally model and quantify access subjects, controlled resources, and system operating status, and centrally manage access control rules. This module connects to the access subject attribute library, resource metadata and sensitivity label library, and permission policy library. It calculates a trust baseline based on access subject attributes, calculates a basic sensitivity score based on resource characteristics, and centrally stores the scattered access control rules as structured policies. Furthermore, this module collects system operating metrics and calculates the system load index.
[0046] The access request dynamic scoring module is used to parse the request content and calculate an urgency score, an emergency access comprehensive score, and a pattern tag when an access request is received. This module generates an urgency score by combining the source system, business status, and text analysis results, and classifies the request into a normal mode, an emergency but conservative mode, or an emergency mode that can be moderately relaxed based on the emergency access comprehensive score, and writes the pattern tag into the decision context.
[0047] The hierarchical intelligent adjudication module coordinates the lightweight access control decision-making model and the large-scale language model inference engine to perform hierarchical adjudication of access requests. This module generates input features for the lightweight model based on the decision context, and the lightweight model outputs an access conclusion and risk label within a limited time. A review score is calculated based on the emergency access mode, risk label, system load index, and historical misjudgment rate to determine whether to invoke the large-scale language model inference engine for review. The review result and the rapid adjudication conclusion are combined to form the final access control conclusion.
[0048] The permission execution feedback optimization module executes the final permission conclusion on the gateway side and writes information related to this decision into the decision log. Based on the decision result, this module executes access control actions such as denying access, allowing full access, or allowing access with restrictions, and records key decision parameters. Based on the decision log data, it calculates the empirical misjudgment rate for various scenarios and evaluates the value of the comprehensive cost function. It periodically adjusts various weight coefficients, thresholds, and update strategies for the access subject trust baseline and resource-based sensitivity score to achieve adaptive optimization of the system.
[0049] Those skilled in the art will recognize that the units and algorithm steps of the various examples described in conjunction with the embodiments disclosed herein can be implemented in electronic hardware, or a combination of computer software and electronic hardware. Whether these functions are implemented in hardware or software depends on the specific application and design constraints of the technical solution. Those skilled in the art can use different methods to implement the described functions for each specific application, but such implementation should not be considered beyond the scope of this application.
[0050] In the several embodiments provided in this application, it should be understood that the disclosed systems, apparatuses, and methods can be implemented in other ways. For example, the apparatus embodiments described above are merely illustrative; for instance, the division of units is only a logical functional division, and in actual implementation, there may be other division methods. For example, multiple units or components may be combined or integrated into another system, or some features may be ignored or not executed. Furthermore, the coupling or direct coupling or communication connection shown or discussed may be through some interfaces; the indirect coupling or communication connection between apparatuses or units may be electrical, mechanical, or other forms.
[0051] The units described as separate components may or may not be physically separate. The components shown as units may or may not be physical units; that is, they may be located in one place or distributed across multiple network units. Some or all of the units can be selected to achieve the purpose of this embodiment according to actual needs.
[0052] In addition, the functional units in the various embodiments of this application can be integrated into one processing unit, or each unit can exist physically separately, or two or more units can be integrated into one unit.
[0053] The above description is merely a specific embodiment of this application, but the scope of protection of this application is not limited thereto. Any variations or substitutions that can be easily conceived by those skilled in the art within the scope of the technology disclosed in this application should be included within the scope of protection of this application. Therefore, the scope of protection of this application should be determined by the scope of the claims.
Claims
1. A fine-grained access control method based on large model reasoning and decision-making, characterized in that, Includes the following steps: Formal modeling and quantitative representation of access subjects, controlled resources and system operating status are performed, including calculating the access subject trust baseline based on the attributes of the access subject, calculating the resource basic sensitivity score based on the characteristics of controlled resources, and calculating the system load index based on system operating indicators. Upon receiving an access request, the request content is parsed and an urgency score is calculated. An emergency access comprehensive score is generated based on the urgency score, the resource basic sensitivity score, and the access subject trust baseline. Based on the emergency access comprehensive score, the emergency access mode is classified into one of the following: normal mode, emergency but conservative mode, or emergency mode with appropriate relaxation. Based on the emergency access mode and related context information, the lightweight permission decision model is driven to make a rapid decision to output access conclusions and risk labels. The review score is calculated based on multiple factors, including emergency access mode, risk label, system load index and historical misjudgment rate, to determine whether to call the large-scale language model inference engine for review. For requests that decide to invoke the large-scale language model inference engine, the final permission conclusion is formed by combining the decision of the lightweight permission decision model with the review opinion of the large-scale language model inference engine. For requests that do not invoke the large-scale language model inference engine, the decision result of the lightweight permission decision model will be used as the final permission conclusion. The final authorization conclusion is executed, the decision log is recorded, and the scoring parameters, weights, and thresholds in the system are periodically optimized based on the feedback data from the decision log.
2. The fine-grained access control method based on large model inference decision-making according to claim 1, characterized in that: The baseline for trust level of the access subject is obtained by normalizing multiple attribute fields in the access subject attribute library and then summing them according to preset weight coefficients.
3. The fine-grained access control method based on large model reasoning and decision-making according to claim 1, characterized in that: The resource basic sensitivity score is obtained by normalizing multiple resource feature fields in the resource metadata and sensitivity tag library, and then weighting and summing them according to the preset sensitivity weight coefficients.
4. The fine-grained access control method based on large model reasoning and decision-making according to claim 1, characterized in that: The emergency access comprehensive score is derived by weighting and summing the urgency score, the resource base sensitivity score, and the baseline trust level of the access subject.
5. The fine-grained access control method based on large model inference decision-making according to claim 4, characterized in that: When classifying the emergency access mode as an emergency mode that can be appropriately relaxed, in addition to requiring the comprehensive score of emergency access to be higher than the second threshold, it is also required that the urgency score be no lower than an emergency threshold and the baseline trust level of the access subject be no lower than a lower trust level limit.
6. The fine-grained access control method based on large model reasoning and decision-making according to claim 1, characterized in that: When calculating the review score, the emergency access mode, risk marker, system load index and historical misjudgment rate are mapped to numerical factors and then weighted and fused according to preset weights.
7. The fine-grained access control method based on large model inference decision-making according to claim 1, characterized in that: When calling the large-scale language model inference engine for review, the input information provided to it includes: access request parameters, resource characteristics, relevant policy fragments, simplified historical access summaries, and access conclusions and risk labels output by the lightweight permission decision model.
8. The fine-grained access control method based on large model inference decision-making according to claim 1, characterized in that: The steps of periodic optimization include: statistically analyzing the experience misjudgment rate and average decision delay for different scenarios based on decision logs, and adjusting the weight coefficients and threshold parameters involved in generating emergency access comprehensive scores and review scores with the goal of reducing overall costs.
9. The fine-grained access control method based on large model reasoning and decision-making according to claim 1, characterized in that: When calculating the system load index, the access request arrival rate, the length of the large-scale language model inference queue, and the average inference latency within the monitoring time window are normalized and weighted summed.
10. A fine-grained access control system based on large model reasoning and decision-making, characterized in that, The control system is used to implement the method according to any one of claims 1-9, and includes the following modules: The access control baseline modeling module is used to formally model and quantitatively represent access subjects, controlled resources, and system operating status. This includes calculating the access subject trust baseline based on the attributes of the access subject, calculating the resource basic sensitivity score based on the characteristics of the controlled resources, and calculating the system load index based on system operating indicators. The access request dynamic scoring module is used to parse the request content and calculate the urgency score when an access request is received. Based on the urgency score, resource basic sensitivity score and access subject trust baseline, it generates an emergency access comprehensive score and classifies the emergency access mode into one of the following according to the emergency access comprehensive score: normal mode, emergency but conservative mode, or emergency and moderately relaxed mode. The hierarchical intelligent adjudication module is used to drive a lightweight permission decision model to make rapid adjudications based on emergency access mode and related context information, so as to output access conclusions and risk labels. It also calculates a review score based on multiple factors, including emergency access mode, risk label, system load index and historical misjudgment rate, to determine whether to call the large-scale language model inference engine for review. For requests that decide to invoke the large-scale language model inference engine, the final permission conclusion is formed by combining the decision of the lightweight permission decision model with the review opinion of the large-scale language model inference engine. For requests that do not invoke the large-scale language model inference engine, the decision result of the lightweight permission decision model will be used as the final permission conclusion. The permission execution feedback optimization module is used to execute the final permission conclusion, record the decision log, and periodically optimize the scoring parameters, weights, and thresholds in the system based on the feedback data of the decision log.