Metadata-driven audit reporting system

US 10,108,917 B2
Filed: 03/07/2014
Issued: 10/23/2018
Est. Priority Date: 09/11/2013
Status: Active Grant

First Claim

Patent Images

1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to report audit data comprising a history of modifications made to data in a software application, the reporting comprising:

defining metadata for an attribute of a business object of the software application stored in a base database table, the metadata including;

a business object identifier,an attribute identifier,an auditing enabled flag that identifies whether auditing is enabled for the attribute,a shadow database table name that identifies a shadow database table associated with the base database table, anda shadow database column name that identifies a column of the shadow database table associated with the attribute of the business object;

configuring the metadata to enable auditing for the attribute of the business object, including setting the auditing enabled flag of the metadata to a value that indicates that auditing is enabled for the attribute;

during execution of the software application and in response to a modification to data stored within the base database table, generating first audit data for the attribute of the business object only when the auditing enabled flag of the metadata is set to the value that indicates that auditing is enabled, the first audit data including a history of one or more modifications to the attribute of the business object;

storing the first audit data for the attribute of the business object within the shadow database table identified by the shadow database table name and the shadow database column name, the first audit data comprising data stored within the base database table prior to the modification and data stored within the base database table after the modification;

during execution of the software application and in response to an event occurrence at the base database table, generating second audit data and storing the second audit data in an event database table, wherein the event comprises a login failure event of the software application and wherein the event database table has a different format than the shadow database table; and

displaying the first audit data and the second audit data within a user interface using a single format for the first audit data and the second audit data.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A system is provided that reports audit data. The system defines metadata that defines a business object of an application module and an attribute of the business object as being auditable. The system further configures the metadata to enable auditing for the attribute of the business object. The system further generates audit data for the attribute of the business object based on the metadata, where the audit data includes a history of one or more modifications to the attribute of the business object. The system further stores the audit data within a shadow database table based on the metadata. The system further displays the audit data within a user interface.

Citations

17 Claims

1. A non-transitory computer-readable medium having instructions stored thereon that, when executed by a processor, cause the processor to report audit data comprising a history of modifications made to data in a software application, the reporting comprising:
- defining metadata for an attribute of a business object of the software application stored in a base database table, the metadata including;
  
  a business object identifier,an attribute identifier,an auditing enabled flag that identifies whether auditing is enabled for the attribute,a shadow database table name that identifies a shadow database table associated with the base database table, anda shadow database column name that identifies a column of the shadow database table associated with the attribute of the business object;
  
  configuring the metadata to enable auditing for the attribute of the business object, including setting the auditing enabled flag of the metadata to a value that indicates that auditing is enabled for the attribute;
  
  during execution of the software application and in response to a modification to data stored within the base database table, generating first audit data for the attribute of the business object only when the auditing enabled flag of the metadata is set to the value that indicates that auditing is enabled, the first audit data including a history of one or more modifications to the attribute of the business object;
  
  storing the first audit data for the attribute of the business object within the shadow database table identified by the shadow database table name and the shadow database column name, the first audit data comprising data stored within the base database table prior to the modification and data stored within the base database table after the modification;
  
  during execution of the software application and in response to an event occurrence at the base database table, generating second audit data and storing the second audit data in an event database table, wherein the event comprises a login failure event of the software application and wherein the event database table has a different format than the shadow database table; and
  
  displaying the first audit data and the second audit data within a user interface using a single format for the first audit data and the second audit data.
- View Dependent Claims (2, 3, 4, 5, 6, 12, 15)
- - 2. The non-transitory computer-readable medium of claim 1, wherein the storing the second audit data comprises data stored within the base database table prior to the event, data stored within the base database table after the event, and an event identifier that identifies at least one of the event, a date, a time or a user identifier that identifies a specific user that initiated the event.
  - 3. The non-transitory computer-readable medium of claim 1,wherein the one or more modifications to the attribute of the business object comprise one or more modifications to data contained within the base database table;
    - andwherein the shadow database table is separate from the base database table.
  - 4. The non-transitory computer-readable medium of claim 1, the displaying the audit data within the user interface further comprising:
    - receiving a search criteria; and
      
      displaying the audit data that satisfies the search criteria within the user interface.
  - 5. The non-transitory computer-readable medium of claim 4, wherein the search criteria comprises at least one of:
    - a date or a date range; and
      
      a user identifier or a product identifier.
  - 6. The non-transitory computer-readable medium of claim 1, the defining the metadata further comprising:
    - setting a value of a property of the business object to a value that indicates the business object is auditable;
      
      setting a value of a property of the attribute to a value that indicates the attribute is auditable; and
      
      populating the business object identifier and the attribute identifier within the metadata based on the value of the property of the business object and the value of the property of the attribute.
  - 12. The non-transitory computer-readable medium of claim 1, wherein the attribute comprises a flex field comprising a set of segments associated with the business object, each segment capturing a single atomic value that is represented in the base database table as a single column.
  - 15. The non-transitory computer-readable medium of claim 1, further comprising determining an audit level of the event occurrence, wherein the determined audit level determines whether the second audit data is stored in the event database table.

7. A computer-implemented method for reporting audit data comprising a history of modifications made to data in a software application, the computer-implemented method comprising:
- defining metadata for an attribute of a business object of the software application stored in a base database table, the metadata including;
  
  a business object identifier,an attribute identifier,an auditing enabled flag that identifies whether auditing is enabled for the attribute,a shadow database table name that identifies a shadow database table associated with the base database table, anda shadow database column name that identifies a column of the shadow database table associated with the attribute of the business object;
  
  configuring the metadata to enable auditing for the attribute of the business object, including setting the auditing enabled flag of the metadata to a value that indicates that auditing is enabled for the attribute;
  
  during execution of the software application and in response to a modification to data stored within the base database table, generating first audit data for the attribute of the business object only when the auditing enabled flag of the metadata is set to the value that indicates that auditing is enabled, the first audit data including a history of one or more modifications to the attribute of the business objectstoring the first audit data for the attribute of the business object within the shadow database table identified by the shadow database table name and the shadow database column name, the first audit data comprising data stored within the base database table prior to the modification and data stored within the base database table after the modification;
  
  during execution of the software application and in response to an event occurrence at the base database table, generating second audit data and storing the second audit data in an event database table, wherein the event comprises a login failure event of the software application and wherein the event database table has a different format than the shadow database table; and
  
  displaying the first audit data and the second audit data within a user interface using a single format for the first audit data and the second audit data.
- View Dependent Claims (8, 9, 13, 16)
- - 8. The computer-implemented method of claim 7, wherein the storing the second audit data comprises data stored within the base database table prior to the event, data stored within the base database table after the event, and an event identifier that identifies at least one of the event, a date, a time or a user identifier that identifies a specific user that initiated the event.
  - 9. The computer-implemented method of claim 7,wherein the one or more modifications to the attribute of the business object comprise one or more modifications to data contained within the base database table;
    - wherein the shadow database table is separate from the base database table.
  - 13. The computer-implemented method of claim 7, wherein the attribute comprises a flex field comprising a set of segments associated with the business object, each segment capturing a single atomic value that is represented in the base database table as a single column.
  - 16. The computer-implemented method of claim 7, further comprising determining an audit level of the event occurrence, wherein the determined audit level determines whether the second audit data is stored in the event database table.

10. A system for reporting audit data comprising a history of modifications made to data in a software application, the system comprising:
- a processor; and
  
  a memory, coupled to the processor, storing a metadata definition module, a metadata configuration module, an audit data generation module, an audit data storage module and an audit data display module,wherein;
  
  the metadata definition module, when executed by the processor, defines metadata for an attribute of a business object of the software application stored in a base database table, the metadata including;
  
  a business object identifier,an attribute identifier,an auditing enabled flag that identifies whether auditing is enabled for the attribute,a shadow database table name that identifies a shadow database table associated with the base database table, anda shadow database column name that identifies a column of the shadow database table associated with the attribute of the business object;
  
  the metadata configuration module, when executed by the processor, configures the metadata to enable auditing for the attribute of the business object, including setting the auditing enabled flag of the metadata to a value that indicates that auditing is enabled for the attribute;
  
  the audit data generation module, when executed by the processor, during execution of the software application and in response to a modification to data stored within the base database table, generates first audit data for the attribute of the business object only when the auditing enabled flag of the metadata is set to the value that indicates that auditing is enabled, the first audit data including a history of one or more modifications to the attribute of the business object;
  
  the audit data storage module, when executed by the processor, stores the first audit data for the attribute of the business object within the shadow database table identified by the shadow database table name and the shadow database column name, the first audit data comprising data stored within the base database table prior to the modification and data stored within the base database table after the modification and during execution of the software application and in response to an event occurrence at the base database table, generating second audit data and storing the second audit data in an event database table, wherein the event comprises a login failure event of the software application and wherein the event database table has a different format than the shadow database table; and
  
  the audit data display module, when executed by the processor, displays the first audit data and the second audit data within a user interface using a single format for the first audit data and the second audit data.
- View Dependent Claims (11, 14, 17)
- - 11. The system of claim 10, wherein storing the second audit data comprises data stored within the base database table prior to the event, data stored within the base database table after the event, and an event identifier that identifies at least one of the event, a date, a time or a user identifier that identifies a specific user that initiated the event.
  - 14. The system of claim 10, wherein the attribute comprises a flex field comprising a set of segments associated with the business object, each segment capturing a single atomic value that is represented in the base database table as a single column.
  - 17. The system of claim 10, further comprising determining an audit level of the event occurrence, wherein the determined audit level determines whether the second audit data is stored in the event database table.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Oracle International Corporation (Oracle Corporation)
Original Assignee
Oracle International Corporation (Oracle Corporation)
Inventors
Philip, Deena, Kellner, George, Arthur, Mohan, Johl, Paul
Primary Examiner(s)
Gurmu, Muluemebet

Application Number

US14/200,226
Publication Number

US 20150074039A1
Time in Patent Office

1,691 Days
Field of Search

707603
US Class Current
CPC Class Codes

G06F 16/24   Querying

G06F 16/248   Presentation of query results

G06F 21/577   Assessing vulnerabilities a...

G06F 21/62   Protecting access to data v...

G06F 21/64   Protecting data integrity, ...

G06Q 10/0633   Workflow analysis

Metadata-driven audit reporting system

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Metadata-driven audit reporting system

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links