CN114925388A

CN114925388A - Method and device for deleting multiple copies of private information, electronic equipment and storage medium

Info

Publication number: CN114925388A
Application number: CN202210475050.XA
Authority: CN
Inventors: 李凤华; 张玲翠; 罗海洋; 李晖
Original assignee: Institute of Information Engineering of CAS
Current assignee: Institute of Information Engineering of CAS
Priority date: 2022-04-29
Filing date: 2022-04-29
Publication date: 2022-08-19

Abstract

The invention provides a method and a device for deleting multiple copies of private information, electronic equipment and a storage medium, wherein the method comprises the following steps: acquiring a deleting instruction, wherein the deleting instruction is determined based on the deleting intention; searching information based on the deleting instruction to obtain information to be deleted corresponding to the deleting instruction, wherein the information to be deleted is determined based on the first information; determining a deletion algorithm based on the deletion instruction and/or the information to be deleted; and deleting the information to be deleted based on the deletion algorithm. The method, the device, the electronic equipment and the storage medium provided by the invention can realize information deletion in the whole information transmission process, thereby ensuring the completeness of information deletion. In the process, the deleting operation is executed based on the deleting instruction under the deleting intention, and each main body on the information transmission path can be ensured to finish the information deleting according to the deleting intention, so that the compliance, the efficiency and the effectiveness of the executing of the information deleting operation can be ensured.

Description

Method and device for deleting multiple copies of private information, electronic equipment and storage medium

Technical Field

The present invention relates to the field of information technology, computer technology, network technology, and internet technology, and in particular, to a method, an apparatus, an electronic device, and a storage medium for deleting multiple copies of private information.

Background

The continuous evolution and deep application of communication technology, network technology and computing technology promote the intelligent interconnection of everything and the ubiquitous sharing of information. With the continuous evolution of new business states, frequent cross-border, cross-system and cross-ecological circle exchange of information becomes a normal state.

The privacy problem is becoming more and more serious because information contains a large amount of personal privacy data and is intentionally or unintentionally left between different systems. The problems of missing information protection means, difficult control of information abuse and the like are brought to attention of people.

Most of the existing information deletion schemes are based on deterministic deletion of information stored in a server, and cannot meet the requirement of complete deletion of multiple copies of information in dynamic circulation of the information in the environment of internet of everything. In the process of information circulation, the information can be stored in a service provider and can also exist on any circulation node in the links of collection, storage, use, processing, transaction, transfer, disclosure and the like, and the stored information can not be effectively deleted only aiming at the service provider.

Disclosure of Invention

The invention provides a method and a device for deleting multiple copies of private information, electronic equipment and a storage medium, which are used for solving the defect that an information deleting scheme in the prior art cannot meet the deleting requirement in an information circulation process.

The invention provides a method for deleting multiple copies of private information, which is applied to any main body in a transmission path of first information and comprises the following steps:

acquiring a deletion instruction, wherein the deletion instruction is determined based on a deletion intention;

searching information based on the deleting instruction to obtain information to be deleted corresponding to the deleting instruction, wherein the information to be deleted is determined based on the first information;

determining a deletion algorithm based on the deletion instruction and/or the information to be deleted;

and deleting the information to be deleted based on the deletion algorithm.

According to the multi-copy deleting method of the privacy information, the deleting instruction comprises a deleting notice and/or a deleting triggering condition;

the deletion notification comprises one or more of the following in any combination: deleting the notification identifier, deleting the command set, deleting the notification sending main body, deleting the notification sending mode and deleting the notification confirmation information receiving main body; the deletion command set comprises one or more deletion commands, and the deletion commands are used for deleting one or more information;

or, the deletion notification includes one or more of the following in any combination: the system comprises a deletion notification identifier, a deletion command set, a deletion notification sending main body, a deletion notification sending mode and a deletion notification confirmation information receiving main body, wherein the deletion notification further comprises one or more of the following random combinations: a main body for replying the notification confirmation information is deleted, the requirement for replying the notification confirmation information is deleted, and the mode for replying the notification confirmation information is deleted;

the deletion triggering condition comprises one or more of the following any combination: time of conforming to deletion constraint, position of conforming to deletion constraint, device conforming to deletion constraint, network conforming to deletion constraint, operation conforming to deletion constraint, notification reception, illegal use behavior occurrence, conforming to specified information attribute, and conforming to deletion execution subject.

According to the multiple copy deleting method of the privacy information provided by the invention, the obtaining of the deleting instruction comprises the following steps:

receiving the deletion notification, or receiving the deletion notification and returning deletion notification confirmation information;

and/or receiving first information and a deletion trigger condition corresponding to the first information.

According to the multiple copy deleting method of the private information provided by the invention, the information searching is carried out based on the deleting instruction to obtain the information to be deleted corresponding to the deleting instruction, and the method comprises the following steps:

and under the condition that the deletion triggering condition is met, information is searched based on the deletion instruction, and information to be deleted corresponding to the deletion instruction is obtained.

and calling a search algorithm of the information to be deleted and/or a search algorithm of a copy of the information to be deleted based on the attribute of the information to be deleted indicated by the deletion instruction to obtain the information to be deleted corresponding to the deletion instruction, wherein the information to be deleted comprises an information body and/or an information copy.

According to the multiple copy deleting method of the privacy information provided by the invention, the determining of the deleting algorithm based on the deleting instruction and/or the information to be deleted comprises the following steps:

and calling a deletion algorithm selection algorithm based on a deletion mode corresponding to one or more pieces of information indicated by the deletion instruction and/or based on information attributes reflected by an information body and/or an information copy in the information to be deleted, and determining deletion algorithms respectively corresponding to the information body and/or the information copy, wherein the deletion algorithm corresponding to the information body is the same as or different from the deletion algorithm corresponding to the information copy.

According to the multiple copy deleting method for the private information provided by the invention, the information to be deleted is deleted based on the deleting algorithm, and then the method further comprises the following steps:

carrying out deletion consistency evaluation on the information body and/or the information copy included in the deletion information to obtain a deletion consistency evaluation result;

the deletion consistency evaluation comprises deletion mode consistency evaluation and/or deletion result consistency evaluation, and the deletion information is the information to be deleted after deletion is completed;

the deletion consistency evaluation result comprises one or more of the following any combination: deleting the detailed description of the consistency evaluation result identification, the consistency evaluation subject, the consistency evaluation method and the consistency evaluation conclusion.

generating deletion confirmation information, and sending the deletion confirmation information to at least one of a source main body, a certificate storing main body and a supervision main body of the deletion instruction;

the deletion confirmation information comprises one or more of the following random combinations: the method comprises the steps of deleting a confirmation information identifier, deleting information, deleting an execution main body, deleting a process record, deleting a result and deleting an information confirmation information receiving main body.

According to the multiple copy deletion method of the privacy information provided by the invention, the generation of the deletion confirmation information comprises the following steps:

determining to generate a deletion process record in the process of deleting the information to be deleted;

generating deletion confirmation information based on the deletion process record;

the deleting process record comprises one or more of the following any combination: delete notification, delete information, delete algorithm, pre-delete state, post-delete state.

According to the method for deleting multiple copies of private information provided by the invention, the generation of the deletion confirmation information further comprises the following steps:

evaluating an overall deletion effect based on at least one of the deletion intention, the deletion instruction, the deletion algorithm, the stream verification certificate of the first information, the number of copies actually deleted, deletion information, deletion confirmation information, a deletion consistency evaluation result, and the arbitrary subject performing deletion, to obtain an overall deletion effect evaluation result;

the overall deletion effect evaluation result comprises one or more of the following arbitrary combinations: a deletion effect evaluation result identifier, a deletion effect evaluation subject, a deletion effect evaluation method, and a detailed description of a deletion effect evaluation conclusion.

According to the method for deleting the multiple copies of the private information, provided by the invention, the method further comprises the following steps:

generating a evidence collection in the process of finishing the information to be deleted, the deletion algorithm, the deletion notification, the deletion triggering condition, the deletion confirmation information, the deletion consistency evaluation result and the overall deletion effect evaluation result and sending and/or receiving at least one of the deletion notification, the deletion triggering condition and the deletion confirmation information.

The invention also provides a method for deleting multiple copies of private information, which is applied to any main body on a transmission path of first information, and comprises the following steps:

acquiring a deletion intention;

determining a deletion instruction based on the deletion intention, and transmitting the deletion instruction to other subjects on a transmission path of the first information.

According to the multi-copy deleting method of the privacy information, the obtaining of the deleting intention comprises the following steps:

receiving a user input;

in response to the user input, determining a deletion intent corresponding to the user input;

the user input form comprises at least one of buttons, circles, hooks, marks, keys, pulleys, menus, voice, videos, eye spirit, gestures, characters, bioelectricity signals and virtual reality.

According to the multi-copy deleting method of the private information, the deleting instruction comprises a deleting notice;

the determining of the deletion instruction based on the deletion intention comprises:

generating a deletion trigger condition based on the deletion intention, and generating the deletion notification based on at least one of the deletion intention, the deletion trigger condition and a pre-built deletion knowledge map library under the condition that the deletion trigger condition is met;

or generating the deletion notification based on the deletion intention or based on the deletion intention and the pre-built deletion knowledge map library;

the sending the deletion instruction to other subjects on the transmission path of the first information includes:

and sending the deletion notification to other main bodies on the transmission path of the first information, or sending the deletion notification and the deletion trigger condition.

According to the multi-copy deleting method of the privacy information, the deleting instruction comprises a deleting triggering condition;

the deletion triggering condition comprises one or more of the following any combination: according with the deletion constraint time, the deletion constraint position, the deletion constraint equipment, the deletion constraint network, the deletion constraint operation, the notification, the illegal use behavior, the specified information attribute and the deletion execution main body;

the determining a deletion instruction based on the deletion intention and sending the deletion instruction to other subjects on the transmission path of the first information includes:

and determining the deletion trigger condition based on the deletion intention, and sending the deletion trigger condition to other main bodies on the transmission path of the first information independently while and/or without sequence when sending the first information.

According to the method for deleting multiple copies of private information provided by the present invention, after the step of sending the deletion instruction to another main body on the transmission path of the first information, the method further includes:

receiving deletion confirmation information returned by the other main bodies, wherein the deletion confirmation information comprises one or more of the following random combinations: deleting confirmation information identification, deleting execution main body, deleting process record, deleting result and deleting confirmation information receiving main body.

and generating a evidence collection in the process of finishing at least one of the deletion intention, the deletion notice and the deletion trigger condition, sending the deletion notice and the deletion trigger condition and receiving the deletion confirmation information.

The present invention also provides a multiple copy deletion apparatus of private information, the apparatus being applied to an arbitrary subject in a transmission path of first information, the apparatus including:

an instruction acquisition unit configured to acquire a deletion instruction, the deletion instruction being determined based on a deletion intention;

the information searching unit is used for searching information based on the deleting instruction to obtain information to be deleted corresponding to the deleting instruction, wherein the information to be deleted is contained in the first information;

the algorithm determining unit is used for determining a deleting algorithm based on the deleting instruction and/or the information to be deleted;

and the deletion execution unit is used for deleting the information to be deleted based on the deletion algorithm.

an intention determining unit for acquiring a deletion intention;

an instruction transmission unit configured to determine a deletion instruction based on the deletion intention and send the deletion instruction to another main body on a transmission path of the first information.

The present invention also provides an electronic device, comprising a memory, a processor and a computer program stored in the memory and executable on the processor, wherein the processor implements a method for deleting multiple copies of private information as described in any of the above methods when executing the program.

The present invention also provides a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method of multi-copy deletion of private information as described in any of the above.

The invention also provides a computer program product comprising a computer program which, when executed by a processor, implements a method of multiple copy deletion of private information as described in any one of the above.

According to the multiple copies of the private information deleting method, the multiple copies of the private information deleting device, the electronic equipment and the storage medium, the information deleting is executed through any main body on the transmission path of the first information, so that the information deleting in the whole information transmission process can be realized, and the completeness of the information deleting is ensured. In the process, the deleting operation is executed based on the deleting instruction under the deleting intention, and each main body on the information transmission path can be ensured to finish the information deleting according to the deleting intention, so that the compliance, the efficiency and the effectiveness of the executing of the information deleting operation can be ensured.

Drawings

In order to more clearly illustrate the technical solutions of the present invention or the prior art, the drawings needed for the description of the embodiments or the prior art will be briefly described below, and it is obvious that the drawings in the following description are some embodiments of the present invention, and those skilled in the art can also obtain other drawings according to the drawings without creative efforts.

FIG. 1 is a schematic flow diagram of a method for deleting multiple copies of private information provided by the present invention;

FIG. 2 is a second flowchart illustrating a method for deleting multiple copies of private information according to the present invention;

FIG. 3 is a flow chart of an automatic information deleting method according to the present invention;

FIG. 4 is a second schematic flow chart of the method for automatically deleting information according to the present invention;

FIG. 5 is a flow chart of a method for deleting information on demand according to the present invention;

FIG. 6 is a schematic structural diagram of a device for deleting multiple copies of private information provided by the present invention;

FIG. 7 is a second schematic structural diagram of a device for deleting multiple copies of private information according to the present invention;

fig. 8 is a schematic structural diagram of an electronic device provided in the present invention.

Detailed Description

In order to make the objects, technical solutions and advantages of the present invention more apparent, the technical solutions of the present invention will be clearly and completely described below with reference to the accompanying drawings, and it is obvious that the described embodiments are some, but not all embodiments of the present invention. All other embodiments, which can be derived by a person skilled in the art from the embodiments given herein without making any creative effort, shall fall within the protection scope of the present invention.

The problems of missing information protection means, difficult management of information abuse and the like are increasingly highlighted, so that the deletion right and the forgetting right for personal information protection are more and more concerned by people.

The deletion right is a right that the data body requires the controller to delete the personal information. The data controller may be required to delete the relevant data when the data subject revokes consent or personal information is no longer needed for the purpose with which it is collected and processed. If the controller has published the data, the controller should consider taking appropriate measures, including technical measures, to inform other data controllers that are processing the personal data that the data body has requested them to delete the personal information of the data body, and that the data controller and the processor should delete the personal information in a deterministic and unrecoverable manner.

The forgotten right means that when the storage period agreed by the data main body and the controller is expired or the processing purpose is realized and the personal information controller or the processor stops providing the product or the service, the controller or the processor should actively delete the personal information, that is, the personal information is automatically deleted after being retained by the data controller or the processor for a certain time or meeting the agreed deletion triggering condition.

Most of existing deletion schemes for personal information are based on deterministic deletion of information stored in a server, and the deletion right and the forgotten right of the information during dynamic circulation of the information in the current internet environment of everything cannot be effectively guaranteed. The information is stored in the service provider, and in the process of information circulation, the information may exist in any circulation node of the links of collection, storage, use, processing, transaction, transfer, disclosure and the like, and the stored information can not be effectively deleted only by aiming at the deletion scheme of the service provider.

In view of the above problem, the present invention provides a method for deleting multiple copies of private information, which is applicable to an arbitrary subject in a transmission path of first information. Here, the first information is information that circulates in the internet of everything environment, the first information has private information, and on a transmission path of the first information, each main body participating in the transmission of the first information, that is, each circulation node, including a node that collects or generates the first information, may store all or part of the information of the first information on a local or storage device associated therewith. Therefore, when all or part of the first information needs to be deleted, each main body in the transmission path of the first information needs to execute a corresponding multiple copy deletion method of the private information, and therefore it is guaranteed that the information to be deleted in the first information can be completely deleted.

Fig. 1 is a schematic flow chart of a multiple copy deletion method for private information provided by the present invention, and as shown in fig. 1, an execution subject of the method is any subject in a transmission path of first information, and for convenience of description, the subject is referred to as a current subject hereinafter, and the method includes:

step 110, acquiring a deletion instruction, wherein the deletion instruction is determined based on a deletion intention;

specifically, the deletion intention may be acquired by any subject involved in the first information transmission, and the subject acquiring the deletion intention here may be at least one of a generation subject, a transmission subject, a reception subject, a storage subject, a use subject, and a management subject of the first information. The subject for obtaining the deletion intention may also be a subject participating in at least one operation of generating, sensing, publishing, sharing, receiving, storing, processing, using, managing and destroying the first information, where the subject may be a device, software or a person.

The deletion intention is for part or all of the information to be deleted in the first information, the deletion intention reflects a deletion requirement for the information to be deleted in the first information, and the deletion intention can cover at least one of a deletion intention acquisition time, a deletion intention acquisition place, a deletion intention acquisition subject, information content to be deleted, a current deletion constraint condition, a multiple copy deletion constraint condition, a deletion evaluation constraint condition and a deletion level.

The deletion instruction is embodied by the deletion operation corresponding to the deletion intention, and the deletion instruction can be embodied in the form of deletion notification, namely, the deletion operation needing to be executed corresponding to the deletion intention is transmitted to each main body in the transmission path of the first information through the deletion notification; the deletion instruction may also be in the form of a deletion trigger condition, that is, a condition for executing a deletion operation corresponding to the deletion intention and a deletion operation that needs to be executed when the condition is satisfied are communicated to each main body in the transmission path of the first information by the deletion trigger condition, which is not specifically limited in the embodiment of the present invention.

For obtaining the deletion instruction, the main body that obtains the deletion intention may generate the deletion instruction and send the deletion instruction to each main body in the transmission path of the first information, that is, the current main body directly receives the deletion instruction sent from the main body that generates the deletion instruction, or the main body that obtains the deletion intention generates the deletion instruction and sends the deletion instruction to the starting main body of the transmission path of the first information, and then each main body in the transmission path transmits the deletion instruction backward one by one according to the rule of first information transmission, that is, the current main body receives the deletion instruction sent from the last main body in the transmission path of the first information, or the current main body directly generates the corresponding deletion instruction according to the deletion intention carried in the transmission process of the first information, which is not specifically limited in the embodiment of the present invention.

It should be noted that the obtaining referred to herein may include at least one of receiving, generating, creating, extracting on the basis of existing information, and setting on the basis of existing rules. Taking the acquisition of the deletion intention as an example, the acquisition of the deletion intention may receive the deletion intention sent by another main body, may also introduce a preset deletion intention into the current main body, and may also generate the deletion intention according to a setting performed by the user on the basis of a preset deletion intention setting rule, which is not specifically limited in the embodiment of the present invention.

Step 120, searching information based on the deleting instruction to obtain information to be deleted corresponding to the deleting instruction, wherein the information to be deleted is determined based on the first information;

specifically, after the deletion instruction is obtained, information search may be performed on the storage device locally stored in the current main body and/or connected to the current main body based on the relevant features or attributes of the information to be deleted indicated in the deletion instruction, so as to locate the information to be deleted, which is stored locally in the storage device locally and/or connected to the current main body in the transmission process of the first information executed by the current main body.

Here, the information to be deleted is associated with the first information, and the information to be deleted may be part or all of the first information, or may be part or all of information generated by the first information in a transmission process. In addition, the information to be deleted may be the privacy information body of the first information in the transmission process, or may be one or more copies of the privacy information generated in the transmission process of the first information, that is, in the case that the information to be deleted includes multiple copies, the multiple copies of the privacy information may be deleted.

Step 130, determining a deletion algorithm based on the deletion instruction and/or the information to be deleted;

specifically, after the deleting instruction and the information to be deleted corresponding to the deleting instruction are determined, a deleting algorithm suitable for the deleting instruction and the information to be deleted can be selected from a large number of candidate deleting algorithms based on the specific requirements indicated in the deleting instruction and the characteristics or attributes of the information to be deleted.

Here, the candidate mass deletion algorithms may include a plurality of deletion of data indexes, deletion of data on the storage medium, overwriting of data, use of desensitization instead of deletion, physical destruction, degaussing destruction. For example, deleting a data index refers to deleting only a search index of data without clearing data of a corresponding area on the medium until the area has new data stored therein to overwrite old data, i.e., to free up occupied storage space. Deleting data on a storage medium refers to erasing data on the medium while deleting the medium index of the data. Overwriting data refers to deleting a data medium index, overwriting an area on a corresponding medium after clearing data on the medium, or overwriting an area on a corresponding medium first and then clearing the area, or only overwriting an area on a corresponding medium. Desensitization is used for replacing deletion, namely, the effective information is deleted by using a desensitization mode in combination with the classification grading result and desensitization record of the information so as to delete the information; for example, for audio information, a noise-adding mode can be used for desensitizing the audio of a certain person, and for video information, a mosaic mode can be used for desensitizing the face and objects in the video. Physical destruction refers to the destruction of the storage medium holding the data using some physical means, such as crushing, burning, chemical reaction, etc. Degaussing destruction refers to the destruction of information stored using a magnetic medium.

And step 140, deleting the information to be deleted based on the deletion algorithm.

Specifically, after determining the deletion algorithm for executing the deletion operation, the located information to be deleted may be deleted based on the deletion algorithm, that is, the current subject completes the deletion operation with the deletion intention.

According to the method provided by the embodiment of the invention, the information deletion is executed on any main body on the transmission path of the first information, so that the information deletion in the whole information transmission process can be realized, and the completeness of the information deletion is ensured. In the process, the deleting operation is executed based on the deleting instruction under the deleting intention, and each main body on the information transmission path can be ensured to finish the information deleting according to the deleting intention, so that the compliance, the efficiency and the effectiveness of the executing of the information deleting operation can be ensured.

Based on the above embodiment, the deletion instruction includes a deletion notification and/or a deletion trigger condition.

Based on any of the above embodiments, in case that the deletion instruction includes a deletion notification, step 110 includes:

and receiving the deletion notification, or receiving the deletion notification and returning deletion notification confirmation information.

Specifically, the deletion notification, that is, the deletion operation to be executed corresponding to the deletion intention, is in a form of being circulated between the subjects.

on this basis, the deletion notification includes one or more of the following in any combination: the deletion notification identifier, the deletion command set, the deletion notification sending body, the deletion notification sending mode, and the deletion notification acknowledgement information receiving body may further include one or more of the following arbitrary combinations: a delete notification acknowledgement reply body, a delete request for notification acknowledgement reply, and a delete notification acknowledgement reply manner.

Wherein the delete command comprises one or more of the following in any combination: deletion mode, deletion algorithm, deletion information identification, deletion information component and whether the deletion needs to be evaluated.

The deleting mode includes, but is not limited to, complete deleting, partial deleting, deleting data index, deleting data on the storage medium, overwriting the data, using desensitization instead of deleting, physical destroying, and degaussing destroying.

The information identifier includes but is not limited to a symbol combination capable of identifying specific information, and the manner of obtaining the information identifier includes but is not limited to a hash algorithm and information feature extraction.

The body generating the deletion notification may directly send the deletion notification to the current body, or may forward the deletion notification to the current body through another body on the transmission path, so that the current body may receive the deletion notification.

The sending method of the deletion notification includes, but is not limited to, any combination of one or more of the following: broadcast transmission, point-to-point transmission, peer transmission, cross-peer transmission, random transmission, and conditional transmission.

Wherein the broadcast transmission transmits the deletion notification to all subjects in a broadcast form; the broadcast transmission is applicable to cases including, but not limited to: no specific subject, unknown subject;

the peer-to-peer sending is to send a deletion notification to a particular one or more principals;

the peer sends a deletion notification to the same level of the body; the levels include, but are not limited to: security level, region level, network level, administrative level;

the peer sending includes, but is not limited to, the following: sending the deletion notification to all the bodies at the same level, and/or calling a deletion notification receiving body to search an algorithm to obtain a deletion notification receiving body at the same level, and sending the deletion notification to the deletion notification receiving body at the same level;

the cross-stage transmission includes but is not limited to: a deletion notification is sent to the principals at different levels. The different levels include, but are not limited to, any combination of one or more of the following: an upper level and a lower level;

the cross-stage transmission includes, but is not limited to, any combination of one or more of the following: and sending the deletion notification to all the upper and/or lower main bodies, or calling a deletion notification receiving main body search algorithm by the main body to obtain the upper and/or lower deletion notification receiving main body and sending the deletion notification to the upper and/or lower deletion notification receiving main body.

The deletion notification receiving agent lookup algorithm derives a deletion notification receiving agent according to any combination including, but not limited to, one or more of the following: deleting information identification, deleting information circulation state, log and information of the storage and certification system, and searching or generating a main body, an access path and an access method for storing relevant deleted information and/or deleted information copy.

The random transmission is used to randomly transmit the deletion notification to an arbitrary subject.

The condition sending is for sending the deletion notification to the body that satisfies the deletion notification reception condition.

The deletion notification reception conditions include, but are not limited to: location, network segment, network state, storage condition, CPU occupancy rate.

The deletion notification transmission opportunity includes, but is not limited to, at least one of: sending the deletion notification when generating, sending the deletion notification after selecting the machine, and sending the deletion notification after generating and meeting specific conditions.

In addition, after receiving the deletion notification, the current agent may generate and transmit deletion notification confirmation information.

The deletion notification confirmation information includes, but is not limited to: a deletion notification confirmation information identifier, a deletion notification transmission body, a deletion notification reception body, a deletion notification confirmation information transmission body, a deletion notification confirmation information reception body; the deletion notification confirmation message may be sent to any combination of the following subjects including, but not limited to: a generation body of a deletion notification, a transmission body of an upper deletion notification, and all deletion bodies; the sending method of the deletion notification acknowledgement information includes but is not limited to: broadcast transmission, point-to-point transmission, peer transmission, cross-peer transmission, random transmission, conditional transmission. The deletion notification acknowledgement information transmission conditions include, but are not limited to: any combination of one or more of time, place, environment.

Based on any of the above embodiments, in the case that the deletion instruction includes a deletion trigger condition, step 110 includes:

first information and a deletion trigger condition corresponding to the first information are received.

Specifically, the deletion trigger condition includes one or more of the following arbitrary combinations: the method comprises the steps of conforming to the deletion constraint time, conforming to the deletion constraint position, conforming to the deletion constraint equipment, conforming to the deletion constraint network, conforming to the deletion constraint operation, receiving a notice, having an illegal use behavior, conforming to the specified information attribute and conforming to the deletion execution main body.

For example, when the deletion trigger condition is constituted by using an element of "time to delete constraint". For example, when the constraint time is "21: 00 on 1/4/2022", and the system time is judged to be equal to the constraint time, the corresponding information is deleted.

For example, a deletion trigger condition is constituted by using a "deletion-restricted-position-compliant" element, and when the element reaches a certain point or within a certain range, the corresponding information is automatically deleted. For example, when the appointed place is "a city and B district", when the information enters this district, the corresponding information is deleted.

For example, a deletion trigger condition is configured using a "deletion-compliant device", and when information arrives at a certain device or a certain type of device, the corresponding information is automatically deleted. For example, when the a information arrives at a server of a certain unit, the corresponding information is deleted.

For example, a deletion trigger condition is formed by using a 'network conforming to deletion constraint' element, and when information is propagated to a certain website (including but not limited to an ethernet address) and a certain communication address, the corresponding information is automatically deleted. For example, when the a information arrives at the website www.weibo.com or the IP address 220.181.38.149, the corresponding information is deleted.

For example, the deletion trigger condition is constituted using an element of "operation compliant with deletion constraint". Such as "forward, copy, edit, save" etc., which triggers automatic deletion of information upon discovery of such designated action.

For example, a "notification reception" notification element is used to constitute a deletion trigger condition, and when a certain notification is received, the corresponding information is automatically deleted. For example, when the notification element of the deletion trigger condition is "notification sent by the operator", the corresponding information is deleted after the notification sent by the operator is received.

For example, when the element of 'illegal use behavior occurs' is used to form a deletion trigger condition, and the current information is not allowed to be sent to a certain social network, the information is automatically deleted when a user is detected in the process of publishing the information to the social network.

For example, the element of "meeting specified information attribute" is used to constitute the deletion trigger condition, and the information attribute includes, but is not limited to, any combination of one or more of the following: information identification, information modality, storage form, storage address, keyword, storage method, sensitivity level and protection level. And when the information attribute meets the corresponding condition, automatically deleting the corresponding information. For example, when the specified information attribute of the deletion trigger condition is satisfied, that is, "the information sensitivity level is high", and when the sensitivity level of the corresponding information is high, the corresponding information is automatically deleted.

For example, a deletion trigger condition is configured using a "deletion execution subject-compliant" subject element, and when the subject satisfies the corresponding condition, the corresponding information is automatically deleted. For example, when the main element of the deletion trigger condition is "server in beijing area", when the information is transferred to the server in beijing area, the corresponding information is automatically deleted.

The deletion trigger condition may be streamed or published with the first information into the information system. The deletion trigger condition is described in any combination of one or more of the following ways: XML description language, regular expression, JSON statement.

Specifically, in the embodiment of the present invention, the deletion trigger condition may be configured to transmit a flow together with the first information, so that each main body in a transmission path participating in the transmission of the first information may acquire the deletion trigger condition corresponding to the first information.

The generation timing of the deletion trigger condition includes but is not limited to: and when the deletion intention is successfully acquired, the deletion intention is successfully acquired.

Based on any of the above embodiments, in the case that the deletion instruction includes a deletion trigger condition, step 120 includes:

Specifically, after the current main body receives the deletion trigger condition transmitted together with the first information, it may be determined whether the deletion trigger condition is currently satisfied, and if not, the deletion action is not performed; and if the information meets the requirement, searching the information based on the deleting instruction to determine the information to be deleted corresponding to the deleting instruction so as to execute the deleting operation on the information to be deleted subsequently.

That is, the forgotten right of the personal information can be realized by automatic deletion, where the automatic deletion refers to setting a deletion trigger condition for the first information according to the deletion intention, so that each main body on the information transmission path can be guaranteed to complete automatic deletion of the information according to the deletion intention. Further, under the condition that a deletion trigger condition exists, if the deletion trigger condition does not circulate with the first information, that is, the deletion trigger condition is at the main body for obtaining the deletion intention, the main body for obtaining the deletion intention needs to judge whether the deletion trigger condition is met currently, and if the deletion trigger condition is met, a deletion notification is generated and sent to each main body; if the deletion trigger condition is transferred along with the first information, that is, each main body knows the deletion trigger condition, each main body can respectively judge whether the deletion trigger condition is met currently, and execute the deletion operation under the condition of meeting.

The deletion right of the personal information can be realized by deleting the personal information as required, wherein the deleting as required is to set a deletion notice for the first information according to the deletion intention, so that each main body on the information transmission path can be ensured to complete the deleting as required of the information according to the deletion intention.

The method for acquiring the delete instruction includes: and receiving a deletion notification, or receiving the first information and a deletion trigger condition corresponding to the first information.

The deletion notification based transmission is deleted as needed, and the automatic deletion may be implemented based on the transmission of the deletion trigger condition, or the deletion notification may be generated based on the deletion trigger condition and then implemented based on the transmission of the deletion notification.

Based on any of the above embodiments, step 120 includes:

and calling a to-be-deleted information searching algorithm and/or a to-be-deleted information copy searching algorithm based on the attribute of the to-be-deleted information indicated by the deleting instruction to obtain the to-be-deleted information corresponding to the deleting instruction, wherein the to-be-deleted information comprises an information body and/or an information copy.

In particular, considering that the entity of each part of the first information and the copy of each part of the first information may be stored in the current main body during the information transmission process, especially in the case that the current main body is involved in desensitizing the part of the first information, the entity of the information and the copy of multiple forms may exist simultaneously in a certain part of the first information stored in the current main body. Correspondingly, when information is searched for aiming at the deleting instruction, the information searching algorithm to be deleted can be applied to search the information body of the information to be deleted, and the information duplicate of the information to be deleted can also be searched for by applying the searching algorithm to be deleted.

It should be noted that the information copies herein include, but are not limited to: the information processing method comprises the steps of retainment caused by copying and pasting of the information, derivative information generated after processing of the information, and result information generated after data use of the information. Ways to generate copies of information include, but are not limited to: storage, use, processing, distribution, forwarding, transfer, transaction. Wherein, saving includes but is not limited to: the original information is preserved after being copied and copied, and the copy generated after data preservation and the original information only have different preservation formats and information qualities. Uses include, but are not limited to: derivative information is generated using the original information. Generating derivative information using the raw information includes, but is not limited to: and performing model training by taking the original information as a training sample, performing information mining on the original information, and generating other information by taking the original information as a generating basis. Processing includes, but is not limited to: and modifying the original information to generate modified information. Modifying the original information to generate modified information includes but is not limited to: the method comprises the steps of carrying out information desensitization operation on original information, filling the original information, changing the original information and converting the original information. The publications include, but are not limited to: the results relating to the original information are published. The results relating to the published and original information include, but are not limited to: and issuing a learning model obtained by training the original information and issuing statistical information containing the original information. The forwarding includes, but is not limited to, passing the original information or modifying the original information to other subjects. The transfer includes, but is not limited to, transferring the original information or modifying the original information to another subject. The transaction includes, but is not limited to, handing over the original information or modifying the original information to another principal.

Specifically, the information search algorithm to be deleted is selected to search the information, or the information search algorithm to be deleted and the information search algorithm to be deleted are both selected to search the information, which may be determined according to the information carried in the deletion instruction, or may be determined according to a rule preset by the current main body, which is not specifically limited in the embodiment of the present invention.

Here, the information to be deleted searching algorithm and/or the information to be deleted duplicate searching algorithm includes but is not limited to: table look-up, mapping, relevance analysis and traversal.

When the information searching algorithm to be deleted and/or the information duplicate searching algorithm to be deleted are/is specifically applied to information searching, the attribute of the information to be deleted can be obtained according to the deleting instruction, the stored information and the attribute of the information to be deleted are compared in a traversing and relevance analyzing mode, the information with the compared similarity degree larger than a certain threshold value is the information to be deleted, and in the process, the traversing range can be narrowed in a table searching mode, a mapping mode and the like. It should be noted that the attribute of the information to be deleted may be an information identifier, an information modality, a storage form, a storage address, a keyword, a saving method, a sensitivity level, a protection level, a file name, a specific paragraph position in a file, a file type, and the like, which is not specifically limited in this embodiment of the present invention.

According to the method provided by the embodiment of the invention, the information body and/or the information copy of the information to be deleted are searched by calling the search algorithm of the information to be deleted and/or the search algorithm of the information copy to be deleted, so that the problem of deletion omission is avoided.

Based on any of the foregoing embodiments, in step 130, the determining a deletion algorithm based on the deletion instruction and/or the information to be deleted includes:

Specifically, the deleting instruction may indicate a deleting manner corresponding to one or more pieces of information, and the deleting manners corresponding to one or more pieces of information referred to herein may be the same or different; the information to be deleted obtained by positioning may include an information body and an information copy, and because the information body and the information copy may participate in different operations in the information transmission process, the information attributes reflected by the information body and the information copy may be the same or different.

Therefore, aiming at different information or different attributes of the same information reflected on the body and the copies, the deletion algorithm selection algorithm can be called to set respective corresponding deletion algorithms for the information body and the information copies, so that the information body and each copy can be ensured to realize differentiated complete deletion.

It should be noted that, for the ontology and the copy of the same information, the respective deletion algorithms may be the same or different.

For example, the ontology and the copy of the same information may both undergo desensitization, but the desensitization algorithm used in specific desensitization may be different, and accordingly, the desensitization effect may also be different, which results in a difference in content between the ontology and the copy of the same information, or between the copies. In addition, differences may also exist in the storage modes between the body and the copies of the same information or between the copies, for example, the body of the information may be stored integrally, the copies of the information may be stored in a block-by-block and dispersed manner, and the above differences all affect the selection of the deletion algorithm.

For example, the information body and the information copy may correspond to different deletion algorithms, different information copies may also correspond to different deletion algorithms, and the strictness of different deletion algorithms may also be different, and deletion modes under different deletion algorithms may not be used in a mixed manner, and when the deletion algorithm is physically destroyed, the deletion modes may be removed, melted, and the like, but the deletion modes such as logical formatting, rewriting for multiple times, or demagnetization cannot be adopted.

Further, the deletion algorithm selection function includes, but is not limited to, selecting a deletion algorithm in the following manner: mapping table and machine learning;

the deletion algorithm selection function includes, but is not limited to, selecting a deletion algorithm by: obtaining a candidate deletion algorithm set according to a deletion mode contained in a deletion instruction command in the deletion notification; and selecting the optimal deletion algorithm from the candidate deletion algorithm set through a mapping table and/or machine learning according to the attribute of the information to be deleted.

Wherein the mapping table includes but is not limited to the following ways: constructing a mapping function according to any combination of one or more of time, place, application and main factors to obtain a deletion algorithm; here, the mapping table comprehensively considers the influence of different elements on the deletion result, and realizes dynamic selection of the deletion algorithm under different conditions by arbitrarily combining different elements.

The machine learned input information includes, but is not limited to: and obtaining a selection function model of the algorithm to be deleted through any combination of the historical data of the main body, the historical data of other main bodies, the historical data related to the information to be deleted and the historical data of associated application, and obtaining the deletion algorithm according to the selection function model of the algorithm to be deleted. By the machine learning mode, the deletion algorithm can be dynamically selected according to specific conditions.

It should be noted that, when the deletion algorithm selection algorithm is performed based on the deletion algorithm selection algorithm, a deletion manner indicated by the deletion instruction and an attribute reflected by the information to be deleted may be used as input of the deletion algorithm selection algorithm, where the deletion manner may specifically be full deletion, partial deletion, deletion of a data index, deletion of data on a storage medium, overwriting of logarithmic data, use of desensitization instead of deletion, physical destruction, degaussing, and the like, and the attribute reflected by the information to be deleted may specifically be at least one of an information identifier, an information modality, a storage form, a storage address, a keyword, a saving method, a sensitivity level, a protection level, a file name, a specific paragraph position in a file, and a file type.

In particular, for a case where the data to be deleted includes multiple kinds of information, for example, a case where the data to be deleted includes an information body and an information copy at the same time, or a case where the data to be deleted includes multiple kinds of information copies at the same time, the selection of the deletion algorithm for each kind of information in the information to be deleted may be performed according to attributes reflected by each kind of information in the information to be deleted, and the obtained deletion algorithm is for each kind of information in the information to be deleted, where the information body and the information copy may correspond to the same deletion algorithm, may also correspond to different deletion algorithms, and different information copies may correspond to the same deletion algorithm, and may also correspond to different deletion algorithms.

According to the method provided by the embodiment of the invention, the deletion algorithm corresponding to the information body and/or the information copy respectively is determined, so that the deletion algorithm is finely selected, the deletion operation is more flexible and personalized, and the deletion effect is further improved.

Based on any of the above embodiments, in step 140, the deleting the information to be deleted based on the deletion algorithm further includes:

the deletion consistency evaluation comprises deletion mode consistency evaluation and/or deletion result consistency evaluation, and the deletion information is the information to be deleted after deletion is completed.

Specifically, considering that various information in the information to be deleted may be deleted by using different deletion algorithms, after the deletion is completed, the deletion consistency evaluation needs to be performed for the case after the various information in the information to be deleted is deleted respectively.

The deletion consistency evaluation herein may be implemented by calling a deletion consistency evaluation function whose inputs include, but are not limited to, a combination of one or more of the following: and deleting the process record, the information body, the information copy and all related information of the deleted information.

Deleting the contents of the consistency assessment includes, but is not limited to: evaluating consistency of the deleting modes and/or evaluating consistency of the deleting results; the deletion consistency assessment results include, but are not limited to: deleting the detailed description of the consistency evaluation result identification, the consistency evaluation subject, the consistency evaluation method and the consistency evaluation conclusion. The assessment conclusions include, but are not limited to: and evaluating the pass, the fail and the result quantitative value.

Here, the deletion consistency evaluation is used to evaluate and analyze whether the deletion effects of different deletion algorithms used for different information ontologies and copies are consistent, and thus determine whether deletion correction is required. The process can be understood as an iterative process, that is, in the case that the deletion consistency evaluation result indicates that the deletion effect is inconsistent, the algorithm needs to be replaced or the algorithm parameters need to be adjusted for the information with weak deletion effect, then deletion is executed again, and the information with strong deletion effect does not need to be deleted again, so that after the deletion is completed again, the deletion consistency is evaluated again until the new deletion consistency evaluation result indicates that the deletion effect is consistent.

Optionally, the delete consistency evaluation function further includes determining whether to adjust the delete algorithm and/or delete algorithm parameters of the delete information, the delete information original information, the delete information derivative information, the delete information modification information, and the delete information copy according to the delete consistency evaluation record of the delete information, the delete information original information, the delete information derivative information, the delete information modification information, and the delete information copy, and re-executing the delete process.

the deletion confirmation information comprises one or more of the following random combinations: deleting confirmation information identification, deleting information, deleting execution main body, deleting process record, deleting result and deleting information confirmation information receiving main body.

Specifically, after the information deletion is completed, deletion confirmation information reflecting the completion of the information deletion may be generated, and the deletion confirmation information may be returned to at least one of the source subject, the evidence storing subject, and the supervision subject of the deletion instruction, so that the at least one of the source subject, the evidence storing subject, and the supervision subject may determine that the current subject has completed the deletion operation.

Further, when the current agent receives the delete instruction, the source agent of the delete instruction is the agent that sends the delete instruction to the current agent; when the current subject generates a deletion instruction based on the deletion intention, the source subject of the deletion instruction is the subject sending the deletion intention to the current subject. By returning the deletion confirmation information, the source agent can determine that the information deletion is completed, and end the information deletion monitoring for the current agent. In addition, the certificate storing main body can generate the certificate through the received deletion confirmation information so as to facilitate subsequent deletion supervision; the supervision main body can also delete and supervise through the received deletion confirmation information.

In the deletion confirmation information, the deletion information is information indicating that deletion is completed.

Deletion results include, but are not limited to, any combination of one or more of the following: deleting result identification, successfully deleting according to a deleting mode, successfully deleting according to other modes, partially deleting, completely deleting and not deleting; the storage location of the deletion confirmation information includes but is not limited to: personal devices, service providers, third party institutions.

Optionally, in order to prevent forgery or repudiation, authentication information may be added to the deletion confirmation information, and authentication manners that may be adopted include, but are not limited to, digital signature, information encryption, and digital watermark.

Based on any of the above embodiments, the generating deletion confirmation information includes:

the deleting process record comprises one or more of the following any combination: the deletion process records identification, deletion notification, deletion information, deletion algorithm, pre-deletion state and post-deletion state. The deletion information is information indicating that deletion is completed.

Based on any of the above embodiments, the generating deletion confirmation information further includes:

Specifically, the overall deletion effect evaluation may be implemented by an overall deletion effect evaluation function, and the input of the overall deletion effect evaluation function may include, but is not limited to, any combination of one or more of the following: the deletion intention, the deletion instruction, the deletion algorithm, the stream credit certificate of the first information, the number of copies actually deleted, deletion information, the deletion confirmation information, the deletion consistency evaluation result, and the arbitrary subject performing deletion.

In the overall deletion effect evaluation result obtained by this method, the deletion effect evaluation conclusion may include, but is not limited to, pass evaluation, fail evaluation, and quantitative evaluation result value.

Optionally, after obtaining the overall deletion effect evaluation result, it may be further determined whether to adjust the deletion algorithm and/or the deletion algorithm parameter of the deletion information, the deletion information original information, the deletion information derivative information, the deletion information modification information, the deletion information duplicate, and/or the deletion system based on the overall deletion effect evaluation result.

Here, the overall deletion effect evaluation result is used to determine whether to delete and modify, and if the overall deletion effect evaluation result is poor, the deletion scheme and algorithm system of the entire information system/unit need to be replaced and deleted again until the specific deletion requirements are met.

Based on any of the above embodiments, the method further comprises:

For a deletion instruction, for example, a deletion trigger condition in the deletion instruction, a deletion trigger condition generation state credential set may be generated, where the content of the deletion trigger condition credential set includes, but is not limited to, any combination of one or more of the following: deleting intention, pre-building a deletion knowledge map library, deleting a trigger condition generating function, deleting the running process record of the trigger condition generating function, deleting the trigger condition, deleting the generating process record of the trigger condition, deleting the information corresponding to the trigger condition and deleting the information attribute corresponding to the trigger condition.

A delete trigger condition send state credential set may also be generated, including, but not limited to, any combination of one or more of the following: deleting trigger conditions, deleting trigger condition sending time, deleting trigger condition sending conditions, deleting trigger condition sending modes, deleting trigger condition sending main bodies, deleting trigger condition receiving main bodies and deleting information corresponding to the trigger conditions.

In addition, a deletion trigger condition receipt state credential set may also be generated, including but not limited to any combination of one or more of the following: deleting trigger condition receiving main body, deleting trigger condition confirmation information sending mode, deleting trigger condition confirmation information generation process record, deleting trigger condition confirmation information receiving main body, deleting trigger condition confirmation information sending time and deleting trigger condition confirmation information sending process record.

For a deletion instruction, for example, a deletion notification in the deletion instruction, a deletion notification generation state credential set may be generated, which includes, but is not limited to, credential information formed by crediting a deletion notification generation state in a credential system. The deletion notification generation state includes, but is not limited to, any combination of one or more of the following: deleting intention, pre-building a deletion knowledge map library, deleting a notification generation process record, deleting notification generation time and deleting a notification generation main body;

a delete notification transmission state credential set may also be generated, including, but not limited to, any combination of one or more of the following: a deletion notification, a deletion notification transmission timing, a deletion notification transmission condition, a deletion notification transmission mode, a deletion notification transmission body, and a deletion notification reception body.

A deletion notification reception confirmation deposit set may also be generated, the contents of which include, but are not limited to, any combination of one or more of the following: delete notice receiving body, delete notice acknowledgement information sending mode, delete notice acknowledgement information generation process record, delete notice acknowledgement information receiving body, delete notice acknowledgement information sending time, delete notice acknowledgement information sending process record.

For the search of the information to be deleted, a deleted information search state evidence collection may be generated, and the content of the deleted information search state evidence collection includes, but is not limited to, any combination of one or more of the following: deletion notification, deletion trigger conditions, to-be-deleted information search algorithm, to-be-deleted information duplicate search algorithm, to-be-deleted information search algorithm running process record, to-be-deleted information duplicate search algorithm running process record, to-be-deleted information attribute.

For selection of a deletion algorithm, a deletion algorithm selection state credential set may be generated, including but not limited to any combination of one or more of the following: deleting the notification, deleting the trigger condition, deleting the information to be deleted, deleting the information attribute to be deleted and deleting the algorithm.

For the deletion execution process, a deletion process evidence collection may be generated, and the deletion process evidence collection includes, but is not limited to, any combination of one or more of the following: delete algorithm caller, information to delete, delete notice, delete information, delete algorithm, state before deleting, state after deleting, delete result.

For the deletion confirmation information, a deletion confirmation certificate collection can be generated, and the deletion confirmation certificate collection includes, but is not limited to, any combination of one or more of the following: delete information attribute, delete execution body, delete process record, delete confirmation body, delete confirmation information.

In addition, a deletion confirmation information sending certificate set can be generated, and the deletion confirmation information sending certificate set includes, but is not limited to, any combination of one or more of the following: deletion confirmation information, deletion confirmation information transmission time, deletion confirmation information transmission conditions, deletion confirmation information transmission mode, deletion confirmation information transmission main body, deletion confirmation information reception main body, and information corresponding to the deletion confirmation information.

A delete acknowledgement receipt set may also be generated, including but not limited to any combination of one or more of the following: deleting confirmation information, deleting confirmation information receiving time, deleting confirmation information sending condition, deleting confirmation information sending mode, deleting confirmation information generating process record, deleting confirmation information sending main body, deleting confirmation information receiving main body, deleting confirmation information sending time, deleting confirmation information sending process record and deleting confirmation information corresponding information.

For the deletion consistency assessment, a deletion consistency assessment evidence collection may be generated, including but not limited to any combination of one or more of the following: deleting the confirmation information, deleting the consistency evaluation main body, deleting the consistency evaluation function, deleting the running process record of the consistency evaluation function, deleting the consistency evaluation process record, deleting the consistency evaluation result generation process record and deleting the consistency evaluation result.

For the overall deletion effect evaluation, a deletion effect evaluation evidence collection may be generated, and the deletion effect evaluation evidence collection includes, but is not limited to, any combination of one or more of the following: deleting the confirmation information, deleting the overall deletion effect evaluation main body, deleting the consistency evaluation process record, deleting the effect evaluation function operation process record, deleting the overall deletion effect evaluation process record, generating the overall deletion effect evaluation result process record and estimating the overall deletion effect.

The method provided by the embodiment of the invention ensures that each step in the deleting process can be traced and circulated by deleting and storing the evidence in the full life cycle of information deletion, and is beneficial to supporting subsequent supervision work.

Based on any of the above embodiments, fig. 2 is a second flowchart of the method for deleting multiple copies of private information according to the present invention, as shown in fig. 2, the execution subject of the method is any subject in the transmission path of the first information, and for convenience of description, the subject is referred to as the current subject below, and the method includes:

step 210, obtaining a deletion intention;

the deletion intention may be acquired by any subject involved in the first information transmission, and the subject acquiring the deletion intention here may be at least one of a generation subject, a transmission subject, a reception subject, a storage subject, a use subject, and a management subject of the first information. The main body for acquiring the deletion intention may also be a main body participating in at least one operation of generating, sensing, publishing, sharing, receiving, storing, processing, using, managing and destroying the first information, where the main body may be a device, software or a person.

The current main body in the embodiment of the present invention may be a main body that acquires a deletion intention, or may be a main body that receives a deletion intention, which is not specifically limited in the embodiment of the present invention.

Step 220, determining a deletion instruction based on the deletion intention, and sending the deletion instruction to other main bodies on the transmission path of the first information.

Specifically, after the current main body acquires the deletion intention, a deletion instruction corresponding to the deletion intention may be generated, where the deletion instruction is an embodiment of a deletion operation corresponding to the deletion intention, and the deletion instruction may be in the form of a deletion notification, that is, a deletion operation to be performed corresponding to the deletion intention is conveyed to each main body in a transmission path of the first information through the deletion notification; the deletion instruction may also be in the form of a deletion trigger condition, that is, a condition for executing a deletion operation corresponding to the deletion intention and a deletion operation that needs to be executed when the condition is satisfied are communicated to each main body in the transmission path of the first information by the deletion trigger condition, which is not specifically limited in the embodiment of the present invention.

After the deleting instruction is generated, the deleting instruction can be sent to other main bodies on the transmission path of the first information, so that the other main bodies can execute the deleting operation according with the deleting intention according to the received deleting instruction. Here, for sending the delete instruction, specifically, the delete instruction may be directly sent by the current main body to each main body on the transmission path of the first information in a broadcast manner, or directly sent by the current main body to a main body on the transmission path of the first information, where a delete operation needs to be performed, in a cross-level manner, a point-to-point propagation manner, or the like, or the delete instruction may be sent by the current main body to a starting main body of the transmission path of the first information, and then each main body in the transmission path transmits the delete instruction backwards one by one according to a rule of the first information transmission, that is, each main body receives the delete instruction sent from the last main body in the first information transmission path, which is not particularly limited in the embodiment of the present invention.

After receiving the deletion instruction, the other main bodies can perform information search on the storage devices locally stored and/or connected with the other main bodies based on the relevant characteristics or attributes of the information to be deleted indicated in the deletion instruction, so as to locate the information to be deleted in the first information stored locally and/or in the storage device connected with the current main body in the transmission process of the first information executed by the other main bodies. After determining the deleting instruction and the information to be deleted corresponding to the deleting instruction, the other main bodies can select a deleting algorithm suitable for the deleting instruction and the information to be deleted from a large number of candidate deleting algorithms based on the specific requirements indicated in the deleting instruction and the characteristics or attributes of the information to be deleted, and delete the positioned information to be deleted based on the deleting algorithm, thereby completing information deletion.

According to the method provided by the embodiment of the invention, the information deletion is executed on any main body on the transmission path of the first information, so that the information deletion in the whole information transmission process can be realized, and the completeness of the information deletion is ensured. In the process, the deleting operation is executed based on the deleting instruction under the deleting intention, and each main body on the information transmission path can be ensured to complete information deletion according to the deleting intention, so that the execution compliance, the efficiency and the effectiveness of the information deleting operation are ensured.

Based on any of the above embodiments, step 210 includes:

receiving a user input;

the user input form comprises at least one of buttons, circles, hooks, marks, keys, pulleys, menus, voice, videos, eye spirit, gestures, characters, bioelectric signals and virtual reality. Here, the user input may be reflected as input based on a physical switch, such as a toggle up and down key, a toggle left and right key, or as input off a physical switch, such as screen gestures (left to right, right to left, up to down, down to up, etc.), pop-up interface filling (e.g., form entry), file (e.g., XML, JSON format) import, voice entry, and so forth.

Specifically, the user can input the deletion intention through interaction with the current main body, that is, the user can input the deletion intention in at least one of the acquisition modes of buttons, circles, hooks, marks, keys, pulleys, menus, voices, videos, catch eyes, gestures, characters, bioelectricity signals and virtual reality. The acquisition time of the deletion intention may be preset by category before the first information is collected and/or propagated, while the first information is collected and/or propagated, before and/or after the first information is collected.

The deletion intention thus obtained may include at least one of a deletion intention acquisition time, a deletion intention acquisition place, a deletion intention acquisition subject, information content to be deleted, a current deletion constraint, a multiple copy deletion constraint, a deletion evaluation constraint, and a deletion level.

Wherein the deletion intention acquisition time is used to identify the time of deletion intention acquisition.

The deletion intention acquisition location is used to identify the location of deletion intention acquisition.

The information content to be deleted, i.e. the information to be deleted, may be the whole document, or an object, or a certain segment of the document, and the information content to be deleted is usually a set. If the set is empty, the deletion intention applies to all information; when a set is not empty, the intent to delete is applicable only to the information in the set, including but not limited to any combination of one or more of the following: text deletion information, audio deletion information, video deletion information, image deletion information, picture deletion information, position/track deletion information, web page deletion information, form deletion information, base table deletion information.

The current deletion constraint includes, but is not limited to, any combination of one or more of the following: the time when the deletion should be completed, the deletion according with the specified place, the deletion mode, whether the notification is received or the automatic deletion is received, the deletion after the use times, the deletion by unauthorized use, the information attribute and the deletion execution main body.

Multiple deduplication constraints include, but are not limited to, any combination of one or more of the following: deleting granularity, deleting level, deleting after the upper limit of the appointed times is used, deleting according to the transmitted deleting condition, deleting algorithm identification, deleting algorithm and parameters thereof. Wherein, the deletion granularity includes, but is not limited to, full deletion and partial deletion.

Deletion evaluation constraints include, but are not limited to, any combination of one or more of the following: deleting consistency evaluation content, deleting consistency evaluation granularity, deleting consistency evaluation frequency, wholly deleting effect evaluation content, wholly deleting effect evaluation granularity and wholly deleting effect evaluation frequency.

Deletion levels include, but are not limited to, any combination of one or more of the following: high, medium, low, not deleted. The deletion level can be expressed in different ways, and the expression way is not limited. For example, the deletion level may alternatively be represented numerically.

The timing of receiving user input to determine the intent to delete includes, but is not limited to, any combination including one or more of the following: the method comprises the steps of pre-acquiring before first information acquisition, acquiring for the acquisition before the acquisition, acquiring after the first information acquisition, acquiring the acquired first information before outward sending/outward exchange, and acquiring the acquired first information after the outward sending/outward exchange;

when the user initializes the system, the user can self-adapt the system and/or delete the intention according to the predefined strategy;

it should be noted that the obtaining referred to herein may include at least one of receiving, generating, creating, extracting on the basis of existing information, and setting on the basis of existing rules.

Optionally, the route of acquiring the deletion intention is determined by the information subject, including but not limited to: the method comprises the steps of obtaining in an intelligent terminal, a computer client and an information collector system.

By way of example, the received user input may be implemented by:

for example, when acquiring the deletion trigger condition by using a button, the user acquires/selects the deletion intention by clicking the button, and the acquisition of the deletion intention is completed by a combination of one or more buttons.

For example, when the deletion intention acquisition is performed using a circling manner, the acquisition of the deletion intention is completed using a pen or a hand to circle a selectable item on the screen.

For example, when the deletion intention is acquired by using a check method, the deletion intention is acquired by checking an existing menu.

For example, when the deletion intention is acquired by using a mark, the acquisition of the deletion intention is completed by underlining, bolding, or brushing yellow under the text or the option.

For example, when acquiring a deletion intention by using a voice, a user expresses his or her deletion intention by voice input, and the acquisition of the deletion intention is completed by recording the input voice.

For example, when the deletion intention is acquired by using a bioelectric signal, the acquisition of the deletion intention is completed by capturing any combination of one or more of electroencephalogram, electrocardio, myoelectricity, gastric electricity, and retinal electricity.

For example, when the deletion trigger condition is acquired by using the eye-catch method, the acquisition intention of the user is known by following the eyes, and the acquisition of the deletion intention is completed;

for example, when the deletion trigger condition is acquired by using a gesture, the acquisition of the deletion trigger condition is completed by capturing the change of the shape and the direction of the hand of the user;

for example, when the deletion trigger condition is acquired by using VR technology (Virtual Reality technology), the acquisition of the deletion trigger condition is completed by the VR device;

for example, when a pop-up interface is used for filling in and acquiring the deletion trigger condition, filling and entering are performed through the pop-up interface of the system or the application;

for example, when a file is imported for acquiring a deletion trigger condition, the file is imported in a mode of external equipment debit and network transmission;

for example, when the deletion intention acquisition is performed by using a pulley, the acquisition of the deletion intention is completed by any combination of one or more operations including, but not limited to, pushing up, pushing down, sliding left, and sliding right on the pulley.

According to any of the above embodiments, the deletion instruction includes a deletion notification;

or, the deletion notification includes one or more of the following in any combination: the system comprises a deletion notification identifier, a deletion command set, a deletion notification sending main body, a deletion notification sending mode and a deletion notification confirmation information receiving main body, wherein the deletion notification further comprises one or more of the following arbitrary combinations: deleting the notification confirmation information reply main body, deleting the request of the notification confirmation information reply, and deleting the manner of the notification confirmation information reply;

wherein the delete command comprises one or more of the following in any combination: deletion mode, deletion algorithm, deletion of information component, and whether to evaluate after deletion.

The deletion notification may be stored in the following manner: stored separately, stored with the information.

Accordingly, in step 220, the determining a deletion instruction based on the deletion intention includes:

or generating the deletion notification based on the deletion intention or based on the deletion intention and the pre-built deletion knowledge map library.

Specifically, the forgotten right of the personal information can be automatically deleted, and the automatic deletion refers to setting a deletion trigger condition for the first information according to a deletion intention, so that each main body on the information transmission path can complete automatic deletion of the information according to the deletion intention.

In the case of automatic deletion, the current body may generate a deletion trigger condition based on the deletion intention, and in the case where the deletion trigger condition is satisfied, that is, in the case where it is determined that the deletion operation needs to be performed, generate a deletion notification, and transmit the deletion notification to the other bodies.

In the process, a deletion trigger condition can be generated according to the deletion intention or by combining the deletion intention and the pre-built deletion knowledge spectrum library. Here, the generation of the deletion trigger condition may be realized by calling a deletion trigger condition generation function.

The pre-built and deleted knowledge graph library refers to a deleted knowledge graph set, and the generation mode of the pre-built and deleted knowledge graph library includes but is not limited to any one or combination of multiple modes as follows: a deletion trigger condition can be generated according to the deletion standard, and the deletion trigger condition is converted into a deletion knowledge graph; a deletion trigger condition can be generated according to the deletion intention, and the deletion trigger condition is converted into a deletion knowledge graph; a new deletion knowledge graph can be generated according to the deletion intention and the existing deletion knowledge graph; and a new deletion knowledge graph can be generated according to the combination of the existing deletion knowledge graphs.

Wherein the deletion knowledge-graph includes, but is not limited to, any combination of one or more of: deletion intention, deletion standard, deletion algorithm, deletion information component characteristic, deletion level, deletion rule;

the deleted information component refers to a component obtained by segmenting complete information, different information components can correspond to different characteristics, for example, the whole word document can be regarded as complete information, characters, pictures, tables and the like in the word document can be regarded as different types of information components, and the different types of information components can correspond to the same or different deletion modes.

The deletion trigger condition generating function generates the deletion trigger condition by including but not limited to one or more of the following any combination: keyword matching and natural language processing mode.

Furthermore, a deleting triggering condition generating function can be called according to the deleting intention and/or the pre-established deleting knowledge map library and the existing deleting triggering condition to generate a new deleting triggering condition. In this case, the intention is often deleted or the pre-created deletion knowledge graph library is often changed.

After the deletion trigger condition is generated, in other words, the generation of the deletion notification may be performed on the premise that the deletion trigger condition is satisfied, that is, the satisfaction of the deletion trigger condition may trigger the generation of the deletion notification. Further, the generation of the deletion notification may also be performed at an arbitrary timing without deleting the trigger of the trigger condition.

In this process, the deletion notification can be directly determined according to the deletion intention without generating a deletion trigger condition. In addition, in the process of generating the deletion notification, a pre-built deletion knowledge map library can be combined as reference.

Based on any of the above embodiments, in the case that the deletion instruction includes a deletion notification, in step 220, the sending the deletion instruction to another main body on the transmission path of the first information includes:

sending a deletion notification to other main bodies on the transmission path of the first information, or sending the deletion notification and the deletion trigger condition;

the sending method of the deletion notification includes but is not limited to: broadcast transmission, point-to-point transmission, peer transmission, cross-peer transmission, random transmission, and conditional transmission.

Deletion notification transmission opportunities include, but are not limited to, the following: sending the deletion notification when generating, sending the deletion notification after generating, and sending the deletion notification after generating and meeting specific conditions;

optionally, the deletion notification receiving body generates and sends deletion notification confirmation information after receiving the deletion notification.

The deletion notification confirmation information includes, but is not limited to: a delete notification acknowledgement information identifier, a delete notification transmission body, a delete notification reception body, a delete notification acknowledgement information transmission body, a delete notification acknowledgement information reception body;

the deletion notification confirmation message may be sent to any combination of the following subjects including, but not limited to: a generation body of the deletion notification, a transmission body of the upper deletion notification, and an all deletion body. The deletion subject here is a subject that performs a deletion operation.

Based on any of the above embodiments, the delete instruction includes a delete trigger condition;

the deletion triggering condition comprises one or more of the following any combination: the method comprises the steps of conforming to deletion constraint time, conforming to deletion constraint positions, conforming to deletion constraint equipment, conforming to deletion constraint networks, conforming to deletion constraint operations, receiving notifications, having illegal use behaviors, conforming to specified information attributes and conforming to deletion execution main bodies;

in step 220, the determining a deletion instruction based on the deletion intention and sending the deletion instruction to other subjects on the transmission path of the first information includes:

and determining the deletion trigger condition based on the deletion intention, and sending the deletion trigger condition to other main bodies on the transmission path of the first information while sending the first information and/or independently without sequence.

In the case of automatic deletion, the current subject may generate a deletion trigger condition based on the deletion intention and transmit the deletion trigger condition to other subjects.

Here, the deletion trigger condition may be issued or streamed together with the first information and/or the deletion notification, or the deletion trigger condition may be issued or streamed separately without being synchronized with the first information and/or the deletion notification.

Based on any of the above embodiments, in step 220, the sending the deletion instruction to another main body on the transmission path of the first information further includes:

receiving deletion confirmation information returned by the other main bodies, wherein the deletion confirmation information comprises one or more of the following arbitrary combinations: deleting the confirmation information identification, deleting the execution main body, deleting the process record, deleting the result, and deleting the confirmation information receiving main body.

Specifically, after the other subjects complete the information deletion, deletion confirmation information reflecting the completion of the information deletion may be generated and returned to the current subject.

The current agent may receive deletion confirmation information of the other agents after the deletion is completed, and in the case of receiving the deletion confirmation information, the current agent may determine that the information deletion has been completed on the agent that returned the deletion confirmation information.

Based on any of the above embodiments, the method further comprises:

and generating a certificate storage set in the process of finishing at least one of the deletion intention, the deletion notice and the deletion trigger condition, sending the deletion notice and the deletion trigger condition and receiving the deletion confirmation information.

Specifically, for a deletion intention, a deletion intention credit set can be generated, the content of which includes, but is not limited to, any combination of one or more of the following: the method comprises the steps of acquiring time of a deletion intention, acquiring a place of the deletion intention, acquiring a main body of the deletion intention, acquiring a mode of the deletion intention, information content to be deleted, a constraint condition for deletion at this time, a constraint condition for deletion of multiple copies, a constraint condition for evaluation of deletion, a deletion level, information corresponding to the deletion intention, and an information attribute corresponding to the deletion intention.

For a deletion notification in the deletion instruction, a deletion notification credential set may be generated, the content of which includes, but is not limited to, any combination of one or more of the following: deletion intention, pre-creation of a deletion knowledge map library, deletion notification generation time, deletion notification generation body, deletion notification transmission timing, deletion notification transmission condition, deletion notification transmission mode, deletion notification reception body, deletion notification confirmation information transmission mode, deletion notification confirmation information reception body, deletion notification confirmation information transmission time. The deletion notification deposit evidence information thus formed may include one or more of a deletion notification, a deletion notification generation process record, a deletion notification transmission process record, and a deletion notification confirmation process record.

Further, for the state of the deletion notification generation, a deletion notification generation state credential set may be generated including a deletion notification, a generation process of the deletion notification, a deletion intention, a pre-built deletion knowledge gallery, a deletion notification generation time, a deletion notification generation subject.

For the state of the deletion notification transmission, a deletion notification transmission state credential set including a deletion notification, a deletion notification transmission timing, a deletion notification transmission condition, a deletion notification transmission mode, a deletion notification transmission body, and a deletion notification reception body may be generated.

For the deletion trigger condition in the deletion instruction, a deletion trigger condition evidence collection can be generated, and the deletion trigger condition evidence collection can include one or more of the deletion trigger condition, the generation process of the deletion trigger condition, the deletion intention and the pre-established deletion knowledge atlas database.

A deletion trigger condition sending state evidence collection can also be generated, and the deletion trigger condition sending state evidence collection includes, but is not limited to, any combination of one or more of the following: deleting trigger conditions, deleting trigger condition sending time, deleting trigger condition sending conditions, deleting trigger condition sending modes, deleting trigger condition sending main bodies, deleting trigger condition receiving main bodies and deleting information corresponding to the trigger conditions.

In addition, a deletion confirmation information receiving state certificate collection can be generated, and the deletion confirmation information receiving state certificate collection includes, but is not limited to, any combination of one or more of the following: deleting confirmation information, deleting confirmation information receiving time, deleting confirmation information sending condition, deleting confirmation information sending mode, deleting confirmation information generating process record, deleting confirmation information sending main body, deleting confirmation information receiving main body, deleting confirmation information sending time, deleting confirmation information sending process record and deleting confirmation information corresponding information.

Based on any of the above embodiments, fig. 3 is a schematic flow diagram of an automatic information deleting method provided by the present invention, and as shown in fig. 3, the automatic deleting method includes the following steps:

in step 310, an intention acquisition subject receives a user input, and in response to the user input, determines a deletion intention corresponding to the user input.

In step 320, the intention acquisition subject generates a deletion trigger condition based on the deletion intention or based on the deletion intention and the pre-built deletion knowledge graph library.

And 330, generating a deletion notification by the intention acquisition main body under the condition that the deletion trigger condition is met, and sending the deletion notification to each main body on the transmission path of the first information.

And 340, searching information based on the deletion notification by each main body to obtain information to be deleted, determining a deletion algorithm based on the deletion instruction and/or the information to be deleted, deleting the information to be deleted based on the deletion algorithm, and generating deletion confirmation information after the deletion is finished.

And step 350, each main body carries out deletion consistency evaluation on the information body and/or the information copy included in the deletion information based on the deletion confirmation information to obtain a deletion consistency evaluation result.

And step 360, each main body evaluates the overall deletion effect based on at least one of the deletion intention, the deletion instruction, the deletion algorithm, the stream storage certificate of the first information, the number of copies actually deleted, the deletion confirmation information, the deletion consistency evaluation result and the arbitrary main body executing deletion, so as to obtain an overall deletion effect evaluation result.

Based on any of the above embodiments, fig. 4 is a second schematic flow chart of the automatic information deleting method provided by the present invention, and as shown in fig. 4, the automatic deleting method includes the following steps:

in step 410, the intention acquisition subject receives a user input, and in response to the user input, determines a deletion intention corresponding to the user input.

In step 420, the intention acquisition subject generates a deletion trigger condition based on the deletion intention or based on the deletion intention and the pre-built deletion knowledge graph library.

In step 430, the intention acquisition subject sends the deletion trigger condition to each subject on the transmission path of the first information, following the first information.

Step 440, each main body receives the deletion trigger condition, searches for information to obtain the information to be deleted when the deletion trigger condition is met, determines a deletion algorithm based on the deletion trigger condition and the information to be deleted, deletes the information to be deleted based on the deletion algorithm, and generates deletion confirmation information after deletion is completed.

And step 450, each main body evaluates the deletion consistency of the information body and/or the information copy included in the deletion information based on the deletion confirmation information to obtain a deletion consistency evaluation result.

Step 460, each main body evaluates the overall deletion effect based on at least one of the deletion intention, the deletion instruction, the deletion algorithm, the stream verification of the first information, the number of copies actually deleted, the deletion confirmation information, the deletion consistency evaluation result, and the arbitrary main body performing deletion, to obtain an overall deletion effect evaluation result.

Based on any of the above embodiments, fig. 5 is a schematic flow diagram of an information on-demand deleting method provided by the present invention, and as shown in fig. 5, the on-demand deleting method includes the following steps:

in step 510, the intention acquisition subject receives a user input, and in response to the user input, determines a deletion intention corresponding to the user input.

In step 520, the intention acquisition agent generates a deletion notification based on the deletion intention, or based on the deletion intention and a pre-built deletion knowledge map library.

At step 530, the intent acquisition subject sends a deletion notification to each subject on the transmission path of the first information.

And 540, searching information based on the deletion notification by each main body to obtain information to be deleted, determining a deletion algorithm based on the deletion instruction and/or the information to be deleted, deleting the information to be deleted based on the deletion algorithm, and generating deletion confirmation information after the deletion is finished.

And step 550, based on the deletion confirmation information, each main body performs deletion consistency evaluation on the information body and/or the information copy included in the deletion information to obtain a deletion consistency evaluation result.

And 560, each main body evaluates the overall deletion effect based on at least one of the deletion intention, the deletion instruction, the deletion algorithm, the stream verification certificate of the first information, the number of copies actually deleted, the deletion confirmation information, the deletion consistency evaluation result and the arbitrary main body executing deletion to obtain an overall deletion effect evaluation result.

The following describes a multiple copy deletion apparatus for private information according to the present invention, and the multiple copy deletion apparatus for private information described below and the multiple copy deletion method for private information described above may be referred to in correspondence with each other.

Fig. 6 is a schematic structural diagram of a multiple copy deletion apparatus for private information provided by the present invention, which is applied to any main body in a transmission path of first information, as shown in fig. 6, and includes:

an instruction acquisition unit 610 configured to acquire a deletion instruction, the deletion instruction being determined based on the deletion intention;

an information searching unit 620, configured to perform information searching based on the deleting instruction, to obtain to-be-deleted information corresponding to the deleting instruction, where the to-be-deleted information is included in the first information;

an algorithm determining unit 630, configured to determine a deletion algorithm based on the deletion instruction and/or the information to be deleted;

and a deletion executing unit 640, configured to delete the information to be deleted based on the deletion algorithm.

According to any of the above embodiments, the deletion instruction includes a deletion notification and/or a deletion trigger condition;

Based on any of the above embodiments, the instruction fetch unit is to:

Based on any of the above embodiments, the information search unit is configured to:

and under the condition that the deletion triggering condition is met, searching information based on the deletion instruction to obtain the information to be deleted corresponding to the deletion instruction.

Based on any of the above embodiments, the algorithm determining unit is configured to:

Based on any embodiment above, the method further comprises a consistency evaluation unit, configured to:

the deletion consistency evaluation result comprises one or more of the following any combination: and deleting the consistency evaluation result identification, the consistency evaluation subject, the consistency evaluation method and the detailed description of the consistency evaluation conclusion.

Based on any of the above embodiments, the method further includes a deletion confirmation unit configured to:

Based on any of the above embodiments, the deletion confirmation unit is configured to:

the deleting process record comprises one or more of the following in any combination: delete notification, delete information, delete algorithm, pre-delete state, post-delete state.

Based on any embodiment above, the system further comprises an overall evaluation unit, configured to:

Based on any of the above embodiments, further comprising a first evidence storing unit, configured to:

Fig. 7 is a second schematic structural diagram of a multiple copy deletion apparatus for private information according to the present invention, which is applied to any main body in a transmission path of first information, as shown in fig. 7, and includes:

an intention determining unit 710 for acquiring a deletion intention;

an instruction transmission unit 720 that determines a deletion instruction based on the deletion intention and transmits the deletion instruction to other subjects on the transmission path of the first information.

Based on any of the embodiments above, the intent determination unit is to:

receiving a user input;

or, the deletion notification includes one or more of the following in any combination: the system comprises a deletion notification identifier, a deletion command set, a deletion notification sending main body, a deletion notification sending mode and a deletion notification confirmation information receiving main body, wherein the deletion notification further comprises one or more of the following arbitrary combinations: a main body for replying the notification confirmation information is deleted, the requirement for replying the notification confirmation information is deleted, and the mode for replying the notification confirmation information is deleted;

the instruction transmission unit is used for:

Based on any of the above embodiments, the apparatus further includes an acknowledgement receiving unit configured to:

receiving deletion confirmation information returned by the other main bodies, wherein the deletion confirmation information comprises one or more of the following arbitrary combinations: deleting confirmation information identification, deleting execution main body, deleting process record, deleting result and deleting confirmation information receiving main body.

Based on any of the above embodiments, the apparatus further includes a second credentialing unit configured to:

Fig. 8 illustrates a physical structure diagram of an electronic device, which may include, as shown in fig. 8: a processor (processor)810, a communication Interface 820, a memory 830 and a communication bus 840, wherein the processor 810, the communication Interface 820 and the memory 830 communicate with each other via the communication bus 840. Processor 810 may invoke logic instructions in memory 830 to perform a method of multiple copy deletion of private information, the method comprising:

and deleting the information to be deleted based on the deletion algorithm.

Alternatively, the method comprises:

acquiring a deletion intention;

In addition, the logic instructions in the memory 830 may be implemented in software functional units and stored in a computer readable storage medium when the logic instructions are sold or used as independent products. Based on such understanding, the technical solution of the present invention or a part thereof which substantially contributes to the prior art may be embodied in the form of a software product, which is stored in a storage medium and includes several instructions for causing a computer device (which may be a personal computer, a server, or a network device) to execute all or part of the steps of the method according to the embodiments of the present invention. And the aforementioned storage medium includes: a U-disk, a removable hard disk, a Read-Only Memory (ROM), a Random Access Memory (RAM), a magnetic disk or an optical disk, and other various media capable of storing program codes.

In another aspect, the present invention also provides a computer program product, the computer program product comprising a computer program, the computer program being storable on a non-transitory computer-readable storage medium, the computer program, when executed by a processor, being capable of executing a method for deleting multiple copies of private information provided by the above methods, the method comprising:

and deleting the information to be deleted based on the deletion algorithm.

Alternatively, the method comprises:

acquiring a deletion intention;

In yet another aspect, the present invention also provides a non-transitory computer-readable storage medium having stored thereon a computer program which, when executed by a processor, implements a method for multi-copy deletion of private information provided by the above methods, the method comprising:

and deleting the information to be deleted based on the deletion algorithm.

Alternatively, the method comprises:

acquiring a deletion intention;

The above-described embodiments of the apparatus are merely illustrative, and the units described as separate parts may or may not be physically separate, and parts displayed as units may or may not be physical units, may be located in one position, or may be distributed on multiple network units. Some or all of the modules may be selected according to actual needs to achieve the purpose of the solution of the present embodiment. One of ordinary skill in the art can understand and implement it without inventive effort.

Through the above description of the embodiments, those skilled in the art will clearly understand that each embodiment may be implemented by software plus a necessary general hardware platform, and may also be implemented by hardware. With this understanding in mind, the above-described technical solutions may be embodied in the form of a software product, which can be stored in a computer-readable storage medium such as ROM/RAM, magnetic disk, optical disk, etc., and includes instructions for causing a computer device (which may be a personal computer, a server, or a network device, etc.) to execute the methods described in the embodiments or some parts of the embodiments.

Finally, it should be noted that: the above examples are only intended to illustrate the technical solution of the present invention, and not to limit it; although the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those of ordinary skill in the art that: the technical solutions described in the foregoing embodiments may still be modified, or some technical features may be equivalently replaced; and such modifications or substitutions do not depart from the spirit and scope of the corresponding technical solutions of the embodiments of the present invention.

Claims

1. A method for deleting multiple copies of private information, the method being applied to an arbitrary subject in a transmission path of first information, the method comprising:

and deleting the information to be deleted based on the deletion algorithm.

2. The method for deleting multiple copies of private information according to claim 1, wherein the deletion instruction includes a deletion notification and/or a deletion trigger condition;

the deletion triggering condition comprises one or more of the following any combination: the method comprises the steps of conforming to the deletion constraint time, conforming to the deletion constraint position, conforming to the deletion constraint equipment, conforming to the deletion constraint network, conforming to the deletion constraint operation, receiving a notice, having an illegal use behavior, conforming to the specified information attribute and conforming to the deletion execution main body.

3. The method for deleting multiple copies of private information according to claim 2, wherein the obtaining of the deletion instruction includes:

4. The method for deleting multiple copies of private information according to claim 2, wherein the searching for information based on the delete instruction to obtain the to-be-deleted information corresponding to the delete instruction comprises:

5. The method for deleting multiple copies of private information according to any one of claims 1 to 4, wherein the performing information search based on the delete instruction to obtain the to-be-deleted information corresponding to the delete instruction includes:

6. The method for deleting multiple copies of private information according to claim 5, wherein the determining a deletion algorithm based on the deletion instruction and/or the information to be deleted includes:

7. The method for deleting multiple copies of private information according to claim 5, wherein the deleting the information to be deleted based on the deleting algorithm further comprises:

the deletion consistency evaluation result comprises one or more of the following random combinations: and deleting the consistency evaluation result identification, the consistency evaluation subject, the consistency evaluation method and the detailed description of the consistency evaluation conclusion.

8. The method for deleting multiple copies of private information according to any one of claims 1 to 4, wherein the deleting the information to be deleted based on the deletion algorithm further comprises:

9. The method for deleting multiple copies of private information according to claim 8, wherein the generating deletion confirmation information includes:

10. The method for deleting multiple copies of private information according to claim 8, wherein the generating deletion confirmation information further includes:

evaluating an overall deletion effect based on at least one of the deletion intention, the deletion instruction, the deletion algorithm, a stream credit for the first information, the number of copies actually deleted, deletion information, the deletion confirmation information, a deletion consistency evaluation result, and the arbitrary subject performing deletion, to obtain an overall deletion effect evaluation result;

the overall deletion effect evaluation result comprises one or more of the following arbitrary combinations: a deletion effect evaluation result identifier, a deletion effect evaluation subject, a deletion effect evaluation method, and a specific description of a deletion effect evaluation conclusion.

11. The method of deleting multiple copies of private information according to any one of claims 1 to 4, further comprising:

and generating a evidence collection in the process of finishing the information to be deleted, the deletion algorithm, the deletion notification, the deletion triggering condition, the deletion confirmation information, the deletion consistency evaluation result and the overall deletion effect evaluation result, and sending and/or receiving at least one of the deletion notification, the deletion triggering condition and the deletion confirmation information.

12. A method for deleting multiple copies of private information, the method being applied to an arbitrary subject on a transmission path of first information, the method comprising:

acquiring a deletion intention;

13. The method for deleting multiple copies of private information according to claim 12, wherein the obtaining of the deletion intention includes:

receiving a user input;

14. The method of deleting multiple copies of private information according to claim 12, wherein the deletion instruction includes a deletion notification;

the determining a deletion instruction based on the deletion intention includes:

or, generating the deletion notification based on the deletion intention, or based on the deletion intention and the pre-built deletion knowledge graph library;

15. The method of deleting multiple copies of private information according to claim 12, wherein the deletion instruction includes a deletion trigger condition;

16. The method according to any one of claims 12 to 15, wherein the sending the deletion instruction to another subject on a transmission path of the first information further includes:

17. The method for multi-copy deletion of private information according to claim 16, further comprising:

18. An apparatus for deleting multiple copies of private information, the apparatus being applied to an arbitrary subject in a transmission path of first information, the apparatus comprising:

19. An apparatus for deleting multiple copies of private information, the apparatus being applied to an arbitrary subject in a transmission path of first information, the apparatus comprising:

an intention determining unit for acquiring a deletion intention;

an instruction transmission unit configured to determine a deletion instruction based on the deletion intention and send the deletion instruction to another body on a transmission path of the first information.

20. An electronic device comprising a memory, a processor and a computer program stored on the memory and executable on the processor, wherein the processor when executing the program implements a method of multiple copy deletion of private information according to any of claims 1 to 17.

21. A non-transitory computer-readable storage medium on which a computer program is stored, the computer program, when executed by a processor, implementing a method of multi-copy deletion of private information according to any one of claims 1 to 17.