CN117235783A

CN117235783A - Credibility evaluation method and device, electronic equipment and storage medium

Info

Publication number: CN117235783A
Application number: CN202311136561.XA
Authority: CN
Inventors: 蔡逆水
Original assignee: China Telecom Technology Innovation Center; China Telecom Corp Ltd
Current assignee: China Telecom Technology Innovation Center; China Telecom Corp Ltd
Priority date: 2023-09-05
Filing date: 2023-09-05
Publication date: 2023-12-15

Abstract

The embodiment of the invention relates to the technical field of information security, in particular to a credibility assessment method, a credibility assessment device, electronic equipment and a storage medium. The method comprises the following steps: acquiring at least two pieces of reasoning evidence data of a risk monitoring system; the credibility analysis processing is carried out on the reasoning evidence data respectively, and the first credibility of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringement; the reasoning evidence data is used for analyzing the credibility of the risk monitoring system; acquiring at least two reasoning mechanisms of the risk monitoring system for performing risk reasoning on the at least two reasoning evidence data; the credibility analysis processing is carried out on the at least two reasoning mechanisms respectively, and the second credibility of the at least two reasoning mechanisms is determined; and determining the target credibility of the risk monitoring system according to at least two of the first credibility and the second credibility.

Description

Credibility evaluation method and device, electronic equipment and storage medium

Technical Field

The present invention relates to the field of network and information security technologies, and in particular, to a reliability evaluation method, apparatus, electronic device, and storage medium.

Background

At present, with the continuous development of mobile communication and the internet, various application programs are gradually penetrating into the fields of people's consumption, entertainment, travel, shopping and the like.

Various applications may need to acquire different personal information of the user, however, if the reliability of the risk monitoring system of the constructed personal information is not high, the personal privacy information may not be accurately and effectively protected and detected, so that risks such as leakage, rule violations and the like of the personal information are caused.

Disclosure of Invention

The embodiment of the invention aims to provide a reliability assessment method, a device, electronic equipment and a storage medium, which are used for improving the reliability of a risk monitoring system.

In a first aspect, an embodiment of the present invention provides a reliability evaluation method, where the method includes:

acquiring at least two pieces of reasoning evidence data of a risk monitoring system; the credibility analysis processing is carried out on the reasoning evidence data respectively, and the first credibility of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringement; the reasoning evidence data is used for analyzing the credibility of the risk monitoring system;

Acquiring at least two reasoning mechanisms of the risk monitoring system for performing risk reasoning on the at least two reasoning evidence data; the credibility analysis processing is carried out on the at least two reasoning mechanisms respectively, and the second credibility of the at least two reasoning mechanisms is determined;

and determining the target credibility of the risk monitoring system according to at least two of the first credibility and the second credibility.

In one possible implementation, obtaining at least two pieces of inferred evidence data of a risk monitoring system includes:

sending a first acquisition request for reasoning evidence data to a target alliance chain; the target alliance chain stores a plurality of pieces of reasoning evidence data, and nodes in the target alliance chain perform security verification based on the key pairs in the first acquisition request;

receiving at least two pieces of reasoning evidence data sent after the node pair key pair in the target alliance chain passes verification; or,

sending a second acquisition request for reasoning evidence data to the third-party storage device; the third-party storage device stores a plurality of pieces of reasoning evidence data, and the third-party storage device performs security verification based on verification information in the second acquisition request;

And receiving at least two pieces of reasoning evidence data sent by the third-party storage equipment after the verification information passes.

In one possible implementation, obtaining at least two inference mechanisms by which the risk monitoring system infers the at least two pieces of inference evidence data includes:

respectively determining screening information of an inference mechanism for inferring each piece of inference evidence data;

respectively screening reasoning mechanisms conforming to the screening information from a database corresponding to the risk monitoring system; the database stores: multiple inference mechanisms obtained based on multiple supervised learning of random forest models.

In one possible embodiment, determining the target reliability of the risk monitoring system according to at least two of the first reliability and the second reliability includes:

according to an algorithm of the CF model combined evidence uncertainty, each group of credibility is processed respectively, and corresponding sub-target credibility is obtained; the method comprises the steps of combining a first credibility corresponding to each piece of reasoning evidence data and a second credibility corresponding to a reasoning mechanism corresponding to the reasoning evidence data into a group of credibility;

and taking the obtained average value of all the sub-target credibility as the target credibility of the risk monitoring system.

In a second aspect, an embodiment of the present invention provides a reliability evaluation apparatus, including:

the first acquisition unit is used for acquiring at least two pieces of reasoning evidence data of the risk monitoring system; the credibility analysis processing is carried out on the reasoning evidence data respectively, and the first credibility of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringement; the reasoning evidence data is used for analyzing the credibility of the risk monitoring system;

the second acquisition unit is used for acquiring at least two reasoning mechanisms of the risk monitoring system for performing risk reasoning on the at least two reasoning evidence data; the credibility analysis processing is carried out on the at least two reasoning mechanisms respectively, and the second credibility of the at least two reasoning mechanisms is determined;

and the determining unit is used for determining the target credibility of the risk monitoring system according to at least two first credibility and second credibility.

In a possible implementation manner, the first obtaining unit is specifically configured to:

In a possible implementation manner, the second obtaining unit is specifically configured to:

In a possible embodiment, the determining unit is configured to:

In a third aspect, an embodiment of the present invention provides an electronic device, including at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to enable the at least one processor to perform any one of the methods provided by the embodiments of the first aspect of the present invention.

In a fourth aspect, embodiments of the present invention provide a computer storage medium, where the computer readable storage medium stores a computer program for causing a computer to perform any of the methods provided by the embodiments of the first aspect of the present invention.

In a fifth aspect, embodiments of the present invention provide a computer program product comprising: computer program code which, when run on a computer, causes the computer to perform any of the methods provided by the embodiments of the first aspect.

The invention has the following beneficial effects:

In the embodiment of the invention, at least two pieces of reasoning evidence data of the risk monitoring system can be obtained; the reliability analysis processing is carried out on the reasoning evidence data respectively, and the first reliability of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringed; the reasoning evidence data are used for analyzing the credibility of the risk monitoring system; acquiring at least two reasoning mechanisms of a risk monitoring system for performing risk reasoning on at least two reasoning evidence data; the reliability analysis processing is carried out on at least two reasoning mechanisms respectively, and the second reliability of the at least two reasoning mechanisms is determined; and determining the target credibility of the risk monitoring system according to the at least two first credibility and the second credibility. Therefore, in the embodiment of the invention, the method for evaluating the credibility of the risk monitoring system from the reasoning evidence data and the reasoning mechanism is provided, so that the credibility of the risk monitoring system can be evaluated more accurately, and the accuracy of the evaluation of the risk monitoring system is improved.

Additional features and advantages of the invention will be set forth in the description which follows, and in part will be obvious from the description, or may be learned by practice of the invention. The objectives and other advantages of the invention will be realized and attained by the structure particularly pointed out in the written description and claims thereof as well as the appended drawings.

Drawings

In order to more clearly illustrate the technical solutions of the embodiments of the present invention, the drawings that are needed in the embodiments of the present invention will be briefly described below, and it is obvious that the drawings described below are only some embodiments of the present invention, and other drawings may be obtained according to these drawings without inventive effort for a person skilled in the art.

Fig. 1 is a schematic diagram of an application scenario in an embodiment of the present invention;

FIG. 2 is a flow chart of a reliability evaluation method according to an embodiment of the present invention;

FIG. 3 is a schematic diagram of a target federation chain in accordance with an embodiment of the present invention;

FIG. 4a is a schematic diagram of the reliability of a risk monitoring system according to the prior art;

FIG. 4b is a schematic diagram of the reliability of a risk monitoring system according to an embodiment of the present invention;

FIG. 4c is a schematic diagram of a reliability of a risk monitoring system according to an embodiment of the present invention;

FIG. 5 is a schematic diagram of the composition structure of a reliability evaluation device according to an embodiment of the present invention;

fig. 6 is a schematic diagram of a hardware composition structure of an electronic device according to an embodiment of the present invention.

Detailed Description

For the purpose of making the objects, technical solutions and advantages of the present invention more apparent, the technical solutions in the embodiments of the present invention will be clearly and completely described below with reference to the accompanying drawings in the embodiments of the present invention, and it is apparent that the described embodiments are only some embodiments of the present invention, not all embodiments of the present invention. All other embodiments, which can be made by those skilled in the art based on the embodiments of the invention without making any inventive effort, are intended to be within the scope of the invention. Embodiments of the invention and features of the embodiments may be combined with one another arbitrarily without conflict. Also, while a logical order is depicted in the flowchart, in some cases, the steps depicted or described may be performed in a different order than presented herein.

The term "comprising" and any variations thereof in the description of the invention and in the claims is intended to cover non-exclusive protection. For example, a process, method, system, article, or apparatus that comprises a list of steps or elements is not limited to only those listed steps or elements but may include other steps or elements not listed or inherent to such process, method, article, or apparatus.

In the embodiments of the present invention, "at least one" means one or more, and "a plurality" means two or more. "and/or", describes an association relationship of an association object, and indicates that there may be three relationships, for example, a and/or B, and may indicate: a alone, a and B together, and B alone, wherein a, B may be singular or plural. The character "/" generally indicates that the context-dependent object is an "or" relationship. "at least one of" or the like means any combination of these items, including any combination of single item(s) or plural items(s). For example, at least one (one) of a, b or c may represent: a, b, c, a-b, a-c, b-c, or a-b-c, wherein a, b, c may be single or plural.

And, unless otherwise indicated, the terms "first," "second," and the like according to the embodiments of the present invention are used for distinguishing a plurality of objects, and are not used for limiting the size, content, order, timing, priority, importance, or the like of the plurality of objects. For example, the first evidence reasoning data and the second evidence reasoning data are only for distinguishing the evidence reasoning data, and are not indicative of the difference in content, size, priority, importance, etc. of the two evidence reasoning data.

In the technical scheme of the invention, the data is collected, transmitted, used and the like, and all meet the requirements of national relevant laws and regulations.

As described above, the existing risk monitoring system performs security protection on personal information, so how to evaluate the credibility of the risk monitoring system is a problem to be solved.

In view of this, the embodiment of the invention provides a reliability evaluation method, by which at least two pieces of reasoning evidence data of a risk monitoring system can be obtained; the reliability analysis processing is carried out on the reasoning evidence data respectively, and the first reliability of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringed; the reasoning evidence data are used for analyzing the credibility of the risk monitoring system; acquiring at least two reasoning mechanisms of a risk monitoring system for performing risk reasoning on at least two reasoning evidence data; the reliability analysis processing is carried out on at least two reasoning mechanisms respectively, and the second reliability of the at least two reasoning mechanisms is determined; and determining the target credibility of the risk monitoring system according to the at least two first credibility and the second credibility. Therefore, in the embodiment of the invention, the method for evaluating the credibility of the risk monitoring system from the reasoning evidence data and the reasoning mechanism is provided, so that the credibility of the risk monitoring system can be evaluated more accurately, and the accuracy of the evaluation of the risk monitoring system is improved.

After the design idea of the embodiment of the present invention is introduced, some simple descriptions are made below for application scenarios applicable to the technical solution of the embodiment of the present invention, and it should be noted that the application scenarios described below are only used for illustrating the embodiment of the present invention and are not limiting. In the specific implementation process, the technical scheme provided by the embodiment of the invention can be flexibly applied according to actual needs.

The scheme provided by the embodiment of the invention can be applied to all various business scenes needing to be subjected to credibility evaluation processing, such as business scenes for protecting personal privacy rights and interests information.

Referring to fig. 1, a schematic view of a scenario provided in an embodiment of the present invention may include a plurality of terminal devices 101 and a server 102, where the terminal devices 101-1, 101-2, … …, and 101-n may be used by different users, and each system on each terminal device is provided with a respective front-end page.

In the embodiment of the present invention, a risk monitoring system is installed on the server 102, and the risk monitoring system may receive the personal information sent by each terminal device, and perform security detection on the personal information.

The risk identification process of the risk monitoring system is roughly divided into 5 steps:

step 1: the privacy policy statement (privacy policy statement) is textual.

The risk monitoring system may read the privacy policy of the service used and convert it to a suitable man-machine readable format (e.g., JSON format, XML format) as required by the structured format of the compliance clause.

Step 2: the privacy permissions are listed in accordance with the user's authorization.

The user authorization module in the risk monitoring system can read the current rights granted by the user of each service, and check all rights defined by the service module to better understand the personal data about the user that can be collected by the personal information handling mechanism. In this way, a good enforcement foundation may be provided for the subsequent identification, tagging, and listing of potentially dangerous rights.

Step 3: personal information protection risk behaviors are identified.

The personal information protection risk analysis module in the risk monitoring model system may capture the payload data of the operations performed by each user and possibly pre-process it into a lightweight data exchange format that is human-machine readable. This data is then compared to the compliance terms in the structured policy statement obtained from step 1 to identify and record policy violations, and then passed to an alert notification module in the risk monitoring system.

Step 4: and (5) warning notification.

An alert notification module in the risk monitoring system can track and record all actions (e.g., events, actions, time, current status, etc.) and correlate to analyze risk behavior related users. And the warning notification module can also send a statistical prompt to the user to inform the user of improperly collected or shared business violating the privacy policy.

Step 5: preventive measures are suggested and the user is notified.

The user authorization module in the risk monitoring system may suggest corrective action to the user to control and mitigate emergency privacy concerns that have occurred and/or may occur in the future. Alternatively, the content of the user authorization module informing the user may consist of three elements: (1) opening a re-authorization selection interface; (2) a digest of unauthorized operations; (3) ignore and allow sharing personal information data options.

Specifically, the processing module on the server 102 can perform reliability evaluation on the risk monitoring system, so that the risk monitoring system is adjusted according to the reliability obtained by evaluation, the reliability of personal information security detection is improved, and the use experience of a client is improved.

In the embodiment of the present invention, the terminal device 101 may be, for example, a mobile phone, a tablet personal computer (PAD), a personal computer (Personal computer, PC), an intelligent television, an intelligent vehicle-mounted device, a wearable device, or the like, which is not limited in the embodiment of the present invention.

In the embodiment of the present invention, the server 102 may be a cloud server for providing cloud services, cloud databases, cloud computing, cloud functions, cloud storage, network services, cloud communication, middleware services, domain name services, security services, content delivery networks (Content Delivery Network, CDN), and basic cloud computing services such as big data and artificial intelligence platforms, or may be a physical server, but is not limited thereto.

Wherein, the terminal equipment 101 and the server 102, and the terminal equipment 101 can be directly or indirectly connected through one or more networks 103. The network 103 may be a wired network, or may be a Wireless network, for example, a mobile cellular network, or may be a Wireless-Fidelity (WIFI) network, or may be other possible networks, which are not limited in this embodiment of the present invention.

Of course, the method provided by the embodiment of the present invention is not limited to the application scenario shown in fig. 1, but may be used in other possible application scenarios, and the embodiment of the present invention is not limited. The functions that can be implemented by each device in the application scenario shown in fig. 1 will be described together in the following method embodiments, which are not described in detail herein.

In order to further explain the technical solution provided by the embodiments of the present invention, the following details are described with reference to the accompanying drawings and the detailed description. Although embodiments of the present invention provide the method operational steps shown in the following embodiments or figures, more or fewer operational steps may be included in the method, either on a routine or non-inventive basis. In steps where there is logically no necessary causal relationship, the execution order of the steps is not limited to the execution order provided by the embodiments of the present invention. The methods may be performed sequentially or in parallel as shown in the embodiments or the drawings when the actual processing or the apparatus is performed.

Referring to fig. 2, fig. 2 is a flow chart of a reliability evaluation method according to an embodiment of the invention. The flow of the method may be performed by an electronic device, which may be the server 102 in fig. 1, and the specific implementation flow of the method is as follows:

step 201: acquiring at least two pieces of reasoning evidence data of a risk monitoring system; the reliability analysis processing is carried out on the reasoning evidence data respectively, and the first reliability of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringed; the reasoning evidence data is used for analyzing the credibility of the risk monitoring system.

In the embodiment of the invention, the electronic equipment can be established aiming at a risk monitoring system, and influence factors of reasoning credibility and control factor design frameworks (design framework for influencing and controlling factors of inference credibility of risk detection systems, DFICFICRS) of the risk monitoring system. The inferred evidence (inference evidence, IE) data from the risk monitoring system may then be collected and analyzed for evidence trustworthiness (credibility of evidence), also referred to as a first trustworthiness, of the inferred evidence data based on the trust impact and control measures employed by the risk monitoring system.

Alternatively, the original historical data can be acquired first to perform word segmentation analysis to obtain an analysis result, and the analysis result is combined according to the expression form of the reasoning evidence data, so that the reasoning evidence data is obtained.

For example, the reasoning evidence data is XX, the historical data corresponding to the reasoning evidence data is determined to be XX1, XX2, XX3, … and XX10 respectively, and the first credibility of the reasoning evidence data XX is determined by proving that XX1 and XX5 are fake data: (10-2)/10=0.8.

In the embodiment of the invention, in order to improve the credibility of the reasoning evidence data, at least two reasoning evidence data of the risk monitoring system can be acquired in the following way, but not limited to the following way.

Mode one.

In the embodiment of the invention, the electronic equipment can send a first acquisition request for reasoning evidence data to the target alliance chain; the target alliance chain stores a plurality of pieces of reasoning evidence data, and nodes in the target alliance chain perform security verification based on key pairs in the first acquisition request; and receiving at least two pieces of reasoning evidence data sent after the node pair key pair in the target alliance chain passes verification.

The target alliance chain is independent of an additional third party management mechanism or hardware facility, is not controlled by a center, and can realize information self-verification, transmission and management through distributed accounting and storage except the alliance chain which is self-integrated. Moreover, the target alliance chain is based on agreed specifications and protocols, the whole target alliance chain system does not depend on other third parties, and all nodes can automatically and safely verify and exchange data in the system without any human intervention. Therefore, as long as 51% of all data nodes cannot be mastered, network data cannot be mastered and modified, the target alliance chain becomes relatively safe, artificial data change is avoided, and therefore the credibility of the reasoning evidence data can be improved by storing the reasoning evidence data in the target alliance chain.

For example, please refer to fig. 3, which is a schematic diagram of a target federation chain according to an embodiment of the present invention. In FIG. 3, a target federation chain includes multiple nodes, each of which can upload evidence data into the target federation chain. In FIG. 3, a target federation chain is illustrated as including a cluster of core nodes, federation nodes, and audit nodes.

Alternatively, multiple organizations in an environment operating in the same industry and requiring a common infrastructure to conduct transactions or relay information may join a target federation chain through respective corresponding nodes, and each participant in the target federation chain may process user personal information in a safe specification.

In addition, if the cross-domain service is suitable, each service domain can be used as a alliance chain node (Block chain node), and an alliance chain of a plurality of service domain organizations can be established. For example, a cross-domain e-commerce service scenario involves an independent organization or organization of a plurality of service domains, and a federation chain of the plurality of service domain organizations may jointly complete an online shopping service, where nodes in the federation chain are, for example, federation nodes corresponding to cooperated merchants, federation nodes corresponding to e-commerce platforms, federation nodes corresponding to third party payment platforms, and federation nodes corresponding to third party logistics platforms.

And a second mode.

In the embodiment of the invention, the electronic device can also send a second acquisition request for reasoning evidence data to the third-party storage device; the third-party storage device stores a plurality of pieces of reasoning evidence data, and performs security verification based on verification information in the second acquisition request; and receiving at least two pieces of reasoning evidence data sent by the third-party storage device after the verification information passes.

Therefore, in the embodiment of the invention, the reasoning evidence data can be acquired from the third-party storage device, so that the reasoning evidence data with higher reliability can be acquired. And the third-party storage device has security verification on the second acquisition request, so that the security and reliability of reasoning evidence data can be ensured as much as possible.

In the embodiment of the present invention, other manners of obtaining the inference evidence data may be adopted, for example, a manner of obtaining the inference evidence data stored based on the data auditing technology, which is not limited in the embodiment of the present invention.

Step 202: acquiring at least two reasoning mechanisms of a risk monitoring system for performing risk reasoning on at least two reasoning evidence data; and respectively carrying out credibility analysis processing on the at least two reasoning mechanisms to determine second credibility of the at least two reasoning mechanisms.

In the embodiment of the invention, the electronic device can adopt, but is not limited to, the following steps, and at least two inference mechanisms for the risk monitoring system to infer at least two pieces of inference evidence data are obtained.

Step A: screening information of an inference mechanism for inferring each piece of inference evidence data is determined separately.

And (B) step (B): respectively screening reasoning mechanisms conforming to screening information from a database corresponding to the risk monitoring system; the database stores: multiple inference mechanisms obtained based on multiple supervised learning of random forest models.

In an embodiment of the invention, an initial random forest model (random decision forests, RF) may be preset. The initial random forest model may use a classification regression tree (classification and regression tree, CART) as a basis learner and set the following parameters: the selection interval of the maximum feature number (max_features) is [0.5,0.9]; the tree (n_identifiers) of CART is a value of >50 (which can be adjusted according to the actual reasoning mechanism resource); the maximum depth (max_depth) of CART is between 4-12; the minimum number of samples (min_samples_split) required for the internal node subdivision of CART is determined from the sample size, which can be set to 16, 32, 64, etc. if the sample size is of a very large order; the leaf node minimum number of samples (min_samples_leaf) of CART may be set to this value >1 in order to increase generalization capability. After the parameters are set for the initial RF model, training learning can be performed on the initial RF model.

In the embodiment of the invention, the optimized threshold value can be output by obtaining the trained and learned RF model through training according to the training sample, then the corresponding threshold value can be obtained by respectively inputting the trained and learned RF model through a plurality of original reasoning mechanisms, and when the corresponding threshold value is not smaller than the optimized threshold value, the reasoning mechanism is stored in the database, so that the reasoning mechanisms with higher credibility are stored in the database, namely, the database is stored with: multiple inference mechanisms obtained based on multiple supervised learning of random forest models.

Step 203: and determining the target credibility of the risk monitoring system according to the at least two first credibility and the second credibility.

In the embodiment of the invention, each group of credibility is respectively processed according to an algorithm of combining evidence uncertainty by a CF model to obtain corresponding sub-target credibility; the method comprises the steps of combining a first credibility corresponding to each piece of reasoning evidence data and a second credibility corresponding to a reasoning mechanism corresponding to the reasoning evidence data into a group of credibility; and taking the obtained average value of all sub-target credibility as the target credibility of the risk monitoring system.

In the embodiment of the invention, the algorithm for combining the evidence uncertainty by the CF model is specifically as follows: if multiple sub-algorithms for the conjunctive of single evidence are selected, the sub-target confidence level with the smallest confidence level in each set of confidence levels may be selected as the corresponding sub-target confidence level. If a sub-algorithm of the compromise of the plurality of single evidence is selected, the highest reliability in each group of reliability can be selected as the corresponding sub-target reliability.

In the present invention, for more clearly describing the effects of the solution provided by the embodiments of the present invention, the following details are described with reference to fig. 4a, 4b and 4 c. Wherein, fig. 4a is the credibility of the risk monitoring system obtained by adopting the mode in the prior art, fig. 4b is the credibility of the risk monitoring system obtained by processing the reasoning evidence data only, and fig. 4c is the credibility of the risk monitoring system obtained by adopting the processing mode of the reasoning evidence data and the reasoning mechanism provided by the invention.

Specifically, as can be seen from fig. 4a, when the first reliability corresponding to the reasoning evidence data is low, the target reliability of the obtained risk monitoring system is also low. As can be seen from fig. 4b, when the first reliability corresponding to the reasoning evidence data is higher when the reasoning evidence data obtained by adopting the scheme provided by the embodiment of the invention is adopted, the target reliability of the obtained risk monitoring system is higher. It can be seen from fig. 4c that when the reasoning evidence data and the reasoning mechanism obtained by the scheme provided by the embodiment of the present invention are adopted, the target reliability of the obtained risk monitoring system is higher.

Therefore, the reliability of the risk monitoring system determined based on the scheme provided by the embodiment of the invention can be improved from 0.6-0.8 to 0.9-0.99, and the reliability of the risk monitoring system is greatly improved.

Based on the same inventive concept, the embodiment of the invention also provides a credibility evaluation device. As shown in fig. 5, which is a schematic structural diagram of the reliability evaluation apparatus 500, may include:

a first obtaining unit 501, configured to obtain at least two pieces of reasoning evidence data of the risk monitoring system; the credibility analysis processing is carried out on the reasoning evidence data respectively, and the first credibility of at least two reasoning evidence data is determined; the risk monitoring system is used for judging the risk of personal information infringement; the reasoning evidence data is used for analyzing the credibility of the risk monitoring system;

a second obtaining unit 502, configured to obtain at least two inference mechanisms of the risk monitoring system for performing risk inference on the at least two pieces of inference evidence data; the credibility analysis processing is carried out on the at least two reasoning mechanisms respectively, and the second credibility of the at least two reasoning mechanisms is determined;

a determining unit 503, configured to determine a target reliability of the risk monitoring system according to at least two of the first reliability and the second reliability.

In a possible implementation manner, the first obtaining unit 501 is specifically configured to:

In a possible implementation manner, the second obtaining unit 502 is specifically configured to:

In a possible implementation manner, the determining unit 503 is configured to:

For convenience of description, the above parts are described as being functionally divided into modules (or units) respectively. Of course, the functions of each module (or unit) may be implemented in the same piece or pieces of software or hardware when implementing the present invention.

Having described the reliability evaluation method and apparatus of an exemplary embodiment of the present invention, next, an electronic device according to another exemplary embodiment of the present invention is described.

Those skilled in the art will appreciate that the various aspects of the invention may be implemented as a system, method, or program product. Accordingly, aspects of the invention may be embodied in the following forms, namely: an entirely hardware embodiment, an entirely software embodiment (including firmware, micro-code, etc.) or an embodiment combining hardware and software aspects may be referred to herein as a "circuit," module "or" system.

The embodiment of the invention also provides electronic equipment based on the same conception as the embodiment of the method. In this embodiment, the structure of the electronic device may be shown in fig. 6, where the electronic device is, for example, the server 102 in fig. 1, as shown in fig. 6, and the electronic device in the embodiment of the present invention includes at least one processor 601, and a memory 602 and a communication interface 603 connected to the at least one processor 601, where the embodiment of the present invention does not limit a specific connection medium between the processor 601 and the memory 602, and in fig. 6, the connection between the processor 601 and the memory 602 is taken as an example, and in fig. 6, the connection between the system bus 600 and other components is shown by a bold line, which is only for illustrative purposes and not intended to be limiting. The system bus 600 may be divided into an address bus, a data bus, a control bus, etc., and is represented by only one thick line in fig. 6 for convenience of representation, but does not represent only one bus or one type of bus.

In the embodiment of the present invention, the memory 602 stores instructions executable by the at least one processor 601, and the at least one processor 601 may perform the steps included in the above-described reliability evaluation method by executing the instructions stored in the memory 602.

The processor 601 is a control center of the electronic device, and may connect various parts of the entire electronic device using various interfaces and lines, and may implement various functions of the electronic device by executing or executing instructions stored in the memory 602 and calling data stored in the memory 602. Alternatively, the processor 601 may include one or more processing units, and the processor 601 may integrate an application processor and a modem processor, wherein the processor 601 primarily processes an operating system, a user interface, and application programs, etc., and the modem processor primarily processes wireless communications. It will be appreciated that the modem processor described above may not be integrated into the processor 601. In some embodiments, processor 601 and memory 602 may be implemented on the same chip, or they may be implemented separately on separate chips in some embodiments.

The processor 601 may be a general purpose processor such as a Central Processing Unit (CPU), digital signal processor, application specific integrated circuit, field programmable gate array or other programmable logic device, discrete gate or transistor logic device, discrete hardware components, which may implement or perform the methods, steps and logic blocks disclosed in embodiments of the invention. The general purpose processor may be a microprocessor or any conventional processor or the like. The steps of a method disclosed in connection with the embodiments of the present invention may be embodied directly in a hardware processor for execution, or in a combination of hardware and software modules in the processor for execution.

The memory 602 is a non-volatile computer readable storage medium that can be used to store non-volatile software programs, non-volatile computer executable programs, and modules. The Memory 602 may include at least one type of storage medium, which may include, for example, flash Memory, hard disk, multimedia card, card Memory, random access Memory (Random Access Memory, RAM), static random access Memory (Static Random Access Memory, SRAM), programmable Read-Only Memory (Programmable Read Only Memory, PROM), read-Only Memory (ROM), charged erasable programmable Read-Only Memory (Electrically Erasable Programmable Read-Only Memory), magnetic Memory, magnetic disk, optical disk, and the like. Memory 602 is any other medium that can be used to carry or store desired program code in the form of instructions or data structures and that can be accessed by a computer, but is not limited to such. The memory 602 in embodiments of the present invention may also be circuitry or any other device capable of performing storage functions for storing program instructions and/or data.

The communication interface 603 is a transmission interface that can be used for communication, and data can be received or transmitted through the communication interface 603.

In addition, the electronic device includes a basic input/output system (I/O system) 604, a mass storage device 608 for storing an operating system 605, application programs 606, and other program modules 607, which facilitate the transfer of information between the various devices within the electronic device.

The basic input/output system 604 includes a display 609 for displaying information and an input device 610, such as a mouse, keyboard, etc., for a user to input information. Wherein both the display 609 and the input device 610 are coupled to the processor 601 through a basic input/output system 604 coupled to the system bus 600. The basic input/output system 604 may also include an input/output controller for receiving and processing input from a number of other devices, such as a keyboard, mouse, or electronic stylus, among others. Similarly, the input-output controller also provides output to a display screen, a printer, or other type of output device.

In particular, mass storage device 608 is connected to processor 601 through a mass storage controller (not shown) that is connected to system bus 600. Where the mass storage device 608 and its associated computer-readable media provide non-volatile storage for the server package. That is, mass storage device 608 may include a computer-readable medium (not shown), such as a hard disk or CD-ROM drive.

The electronic device may also operate via a network, such as the internet, connected to a remote computer on the network, in accordance with various embodiments of the present invention. I.e., the electronic device may be connected to the network 611 through a communication interface 603 coupled to the system bus 600, or may be connected to other types of networks or remote computer systems (not shown) using the communication interface 603.

The embodiment of the invention also provides a computer storage medium, wherein the computer readable storage medium stores a computer program, and the computer program is used for enabling a computer to execute the technical scheme of the reliability evaluation method of the embodiment.

Embodiments of the present invention also provide a computer program product comprising: computer program code which, when run on a computer, causes the computer to execute the computer program to implement the technical solution of the reliability evaluation method in the above embodiment.

Those skilled in the art will appreciate that: all or part of the steps of implementing the above method embodiments may be implemented by hardware associated with program instructions pertaining to a computer program, which may be stored in a computer-readable storage medium, which when executed performs steps comprising the above method embodiments; the readable storage medium can be, for example, but is not limited to, an electronic, magnetic, optical, electromagnetic, infrared, or semiconductor system, apparatus, or device, or a combination of any of the foregoing. More specific examples (a non-exhaustive list) of the readable storage medium would include the following: an electrical connection having one or more wires, a portable disk, a hard disk, random Access Memory (RAM), read-only memory (ROM), erasable programmable read-only memory (EPROM or flash memory), optical fiber, portable compact disk read-only memory (CD-ROM), an optical storage device, a magnetic storage device, or any suitable combination of the foregoing.

The program product of embodiments of the present invention may employ a portable compact disc read only memory (CD-ROM) and include program code and may run on a computing device. However, the program product of the present invention is not limited thereto, and in this document, a readable storage medium may be any tangible medium that can contain, or store a program for use by or in connection with a command execution system, apparatus, or device.

The readable signal medium may include a data signal propagated in baseband or as part of a carrier wave with readable program code embodied therein. Such a propagated data signal may take any of a variety of forms, including, but not limited to, electro-magnetic, optical, or any suitable combination of the foregoing. A readable signal medium may also be any readable medium that is not a readable storage medium and that can communicate, propagate, or transport a program for use by or in connection with a command execution system, apparatus, or device.

Program code embodied on a readable medium may be transmitted using any appropriate medium, including but not limited to wireless, wireline, optical fiber cable, RF, etc., or any suitable combination of the foregoing.

Program code for carrying out operations of the present invention may be written in any combination of one or more programming languages, including an object oriented programming language such as Java, C++ or the like and conventional procedural programming languages, such as the "C" programming language or similar programming languages. The program code may execute entirely on the user's computing device, partly on the user's equipment, as a stand-alone software package, partly on the user's computing device, partly on a remote computing device, or entirely on the remote computing device or server. In the case of remote computing devices, the remote computing device may be connected to the user computing device through any kind of network, including a Local Area Network (LAN) or a Wide Area Network (WAN), or may be connected to an external computing device (e.g., connected via the Internet using an Internet service provider).

While preferred embodiments of the present invention have been described, additional variations and modifications in those embodiments may occur to those skilled in the art once they learn of the basic inventive concepts. It is therefore intended that the following claims be interpreted as including the preferred embodiments and all such alterations and modifications as fall within the scope of the invention.

It will be apparent to those skilled in the art that various modifications and variations can be made to the present invention without departing from the spirit or scope of the invention. Thus, it is intended that the present invention also include such modifications and alterations insofar as they come within the scope of the appended claims or the equivalents thereof.

Claims

1. A method of confidence assessment, the method comprising:

2. The method of claim 1, wherein obtaining at least two pieces of inferred evidence data for a risk monitoring system comprises:

3. The method of claim 1, wherein obtaining at least two inference mechanisms by which the risk monitoring system infers the at least two pieces of inferential evidence data comprises:

4. A method according to any one of claims 1-3, wherein determining a target confidence level of the risk monitoring system based on at least two of the first confidence levels and the second confidence levels comprises:

5. A reliability evaluation device, the device comprising:

6. The apparatus of claim 5, wherein the first acquisition unit is specifically configured to:

7. The apparatus of claim 5, wherein the second acquisition unit is specifically configured to:

8. The apparatus according to any one of claims 5-7, wherein the determining unit is configured to:

9. An electronic device comprising at least one processor; and a memory communicatively coupled to the at least one processor; wherein the memory stores instructions executable by the at least one processor to implement the method of any of claims 1-4.

10. A computer storage medium, characterized in that the computer storage medium stores a computer program for enabling a computer to perform the method according to any one of claims 1-4.