CN-122001655-A - Access control method for multi-Agent collaboration service circulation system

Abstract

The application relates to the technical field of service circulation management and provides a service circulation system access control method with multi-Agent cooperation, which comprises the steps of extracting all cooperation records of all agents of service circulation, establishing a cooperation relation map, marking request agents and OwnerAgent, calculating cooperation trust, authority level and final authority level of the request agents on resources required to be accessed, acquiring an access execution result according to the final authority level, and updating the cooperation relation map. The application aims to solve the problems that the service is blocked by the access right of the service circulation system and the risk of the access right is amplified too widely.

Inventors

• WANG YAKUN
• HUANG JINHONG
• QU PING
• WANG CHONG

Assignees

• 唐山学院
• 唐山数派信息科技有限公司

Dates

Publication Date

20260508

Application Date

20260210

Claims (10)

1. 1. A multi-Agent collaborative service circulation system access control method is characterized by comprising the following steps: extracting all collaboration records of all agents of the service circulation, and establishing a collaboration relation map according to all collaboration records; Recording an Agent requesting access to resources as a request Agent, recording the resources which the request Agent has accessed or managed as OwnerAgent, judging whether the resources which the request Agent requests access to are OwnerAgent, if yes, calculating the cooperative trust degree of the request Agent on the resources which the request Agent requests access to according to the length, the weight and the access frequency of the path with the minimum edge number of each OwnerAgent, if not, directly assigning the cooperative trust degree of the request Agent on the resources which the request Agent requests access to, and calculating the authority level of the request Agent on the resources which the request Agent requests access to according to the cooperative trust degree; According to the authority level and the static authority configured for the requesting Agent in advance, calculating the final authority level of the requesting Agent for the resource requiring access, acquiring an access execution result according to the final authority level, and updating the cooperation relation map according to the access execution result.
2. 2. The access control method for the multi-Agent collaborative business circulation system according to claim 1, wherein the establishing a collaboration relationship graph according to all collaboration records comprises the following specific steps: calculating the cooperation strength of the source Agent and the target Agent corresponding to the cooperation records according to all the cooperation records; and taking the agents as nodes in the map, connecting the agents with the cooperative relationship with the directed edges of the source agents pointing to the target agents, assigning the weights of the edges as the cooperative strength of the source agents and the target agents, and establishing the cooperative relationship map.
3. 3. The access control method for the multi-Agent collaboration business circulation system according to claim 2, wherein the concrete calculation method for the collaboration intensity is as follows: For each collaboration record, recording the ratio of the data quantity transmitted from the source Agent to the target Agent to the maximum value of the transmitted data quantity corresponding to all collaboration records as the relative data quantity of the collaboration records; Recording the number of natural days of the interval between the time stamp of the cooperative record and the current moment as interval duration of the cooperative record, taking the inverse number of the product of the interval duration of the cooperative record and the preset attenuation weight as an index, and recording a calculated value of the exponent power taking a natural constant as a base as a first exponent power of the cooperative record; And recording the positive correlation processing result of the relative data quantity of all the collaboration records corresponding to the data transmitted by the source Agent to the target Agent and the first exponent as the collaboration strength of the source Agent and the target Agent.
4. 4. The access control method of a service circulation system in cooperation with multiple agents according to claim 1, wherein the calculating the cooperation trust degree of the requesting Agent on the resources to be accessed according to the length, the weight and the access frequency of the path with the minimum number of edges of the requesting Agent reaching each OwnerAgent comprises the following specific steps: The shortest cooperation path of the request Agent reaching each OwnerAgent is obtained, and the path cooperation strength of the shortest cooperation path is calculated according to the number of the upper sides of the shortest cooperation path and the weights of all sides; Calculating a second product of the shortest collaboration path according to the path collaboration intensity of the shortest collaboration path, the number of edges contained on the shortest collaboration path and the access frequency of the request Agent for accessing OwnerAgent by using the shortest collaboration path; And recording the normalized value of the accumulated sum of the second products of the shortest collaboration paths of which the requesting Agent reaches all OwnerAgent as the collaboration trust degree of the requesting Agent on the resource to be accessed.
5. 5. The access control method for the multi-Agent collaboration business circulation system according to claim 4, wherein the specific determination method for the path collaboration strength is as follows: The number of sides included in the shortest cooperation path is recorded as the length of the shortest cooperation path, the harmonic average value of the weights of all sides in the shortest cooperation path is used as the weight of the shortest cooperation path, and the ratio of the length of the shortest cooperation path to the weight of the path is recorded as the path cooperation strength of the shortest cooperation path.
6. 6. The access control method for the service circulation system with multi-Agent collaboration according to claim 4, wherein the specific obtaining method for the second product of the shortest collaboration path is as follows: The ratio of the path cooperation strength of the shortest cooperation path to the sum of the edge number of the shortest cooperation path and the number 1 is recorded as a first ratio of the shortest cooperation path; The product of the first ratio of the access frequency of the request Agent that accessed OwnerAgent using the shortest collaboration path to the shortest collaboration path is recorded as the second product of the shortest collaboration path.
7. 7. The access control method for the multi-Agent collaborative business flow system according to claim 1, wherein the calculation formula of the authority level of the requesting Agent for the resource requiring access is: Wherein, the Representing the authority level of the requesting Agent on the resource to be accessed; Representing a minimum function; the cooperative trust degree of the requesting Agent on the resources which are requested to be accessed is represented; Representing the maximum authority level configured by an administrator of a business circulation system with multi-Agent cooperation on a request Agent in advance; Representing rounding down symbols.
8. 8. The method for controlling access of a service circulation system in cooperation with multiple agents according to claim 7, wherein the final authority level of the requesting Agent for the resource to be accessed is specifically: Wherein, the Representing the final authority level of the requesting Agent on the resource to be accessed; Representing a maximum function; Representing static permission configured for the requesting Agent in advance; And representing a preset collaboration permission trust coefficient.
9. 9. The method for controlling access of a service circulation system in cooperation with multiple agents according to claim 1, wherein the method for obtaining the access execution result according to the final authority level comprises the following specific steps: And allowing the requesting Agent to access the resource when the final authority level of the requesting Agent to the resource requesting access is greater than or equal to the preset lowest authority level of the resource requesting access, otherwise, not allowing the requesting Agent to access the resource.
10. 10. The access control method for the multi-Agent collaboration business circulation system according to claim 1, wherein the specific method for updating the collaboration relationship graph is as follows: When the access execution result is that the request Agent is allowed to access the resource, updating or creating the edge between the request Agent and the resource, and updating the value of the cooperation strength of the edge between the request Agent and the resource; When the access execution result is that the access of the request Agent to the resource is not allowed and the cooperative trust degree of the request Agent to the resource requiring the access is more than 75% of all the cooperative trust degrees, triggering exception examination and adjusting the basic authority configuration of the request Agent; and carrying out time stamp attenuation on the weights of all sides in the collaborative relation graph, and deleting the sides with the weights lower than a preset weight threshold.

Description

Access control method for multi-Agent collaboration service circulation system Technical Field The application relates to the technical field of service circulation management, in particular to a multi-Agent collaborative service circulation system access control method. Background In a traffic flow system, an Agent is an Agent, which is a software entity capable of autonomously sensing an environment, independently deciding and executing tasks. The multi-Agent cooperation business circulation system refers to a system architecture in which a plurality of specialized agents cooperate to jointly complete a complex business process through division work. In a business circulation system of a modern enterprise, a plurality of Agent agents are often required to complete a complete business process, such as order processing, approval circulation, data analysis and the like, through cooperation, wherein the agents may include approval agents, data processing agents, notification agents and the like, and different agents often need to access different business data and system resources. The existing access control method is static configuration, the authority range is determined to be completed when the system is deployed and kept unchanged in the running process, and the access control RBAC based on roles and the access control ABAC based on attributes are mainly adopted. The RBAC distributes fixed roles and permissions for each Agent, so that the RBAC cannot adapt to the change of dynamic cooperation relation among the agents, the ABAC judges the permissions based on the static attribute of the agents, and the dependency relation between the data flow direction and the data flow direction formed in the multi-Agent cooperation process is ignored in the permission judging process. However, in an actual service circulation scene, the collaboration relationship between agents is dynamically changed, and the dynamic collaboration mode cannot be accurately described through static authority configuration, so that the problems of excessively tight authority blocking service or excessively wide authority amplifying risk are easily caused by not considering the collaboration relationship between multiple agents. Disclosure of Invention The application provides a business circulation system access control method of multi-Agent cooperation, which solves the problem that business is blocked by too tight authority or risk is amplified by too wide authority caused by not considering cooperation relation among the multi-agents, and adopts the following technical scheme: The embodiment of the application provides a multi-Agent collaborative service circulation system access control method, which comprises the following steps: extracting all collaboration records of all agents of the service circulation, and establishing a collaboration relation map according to all collaboration records; Recording an Agent requesting access to resources as a request Agent, recording the resources which the request Agent has accessed or managed as OwnerAgent, judging whether the resources which the request Agent requests access to are OwnerAgent, if yes, calculating the cooperative trust degree of the request Agent on the resources which the request Agent requests access to according to the length, the weight and the access frequency of the path with the minimum edge number of each OwnerAgent, if not, directly assigning the cooperative trust degree of the request Agent on the resources which the request Agent requests access to, and calculating the authority level of the request Agent on the resources which the request Agent requests access to according to the cooperative trust degree; According to the authority level and the static authority configured for the requesting Agent in advance, calculating the final authority level of the requesting Agent for the resource requiring access, acquiring an access execution result according to the final authority level, and updating the cooperation relation map according to the access execution result. Further, the establishing a collaboration relationship graph according to all collaboration records includes the following specific steps: calculating the cooperation strength of the source Agent and the target Agent corresponding to the cooperation records according to all the cooperation records; and taking the agents as nodes in the map, connecting the agents with the cooperative relationship with the directed edges of the source agents pointing to the target agents, assigning the weights of the edges as the cooperative strength of the source agents and the target agents, and establishing the cooperative relationship map. Further, the concrete calculation method of the cooperation strength comprises the following steps: For each collaboration record, recording the ratio of the data quantity transmitted from the source Agent to the target Agent to the maximum value of the transmitted data quantity corresp