Security Process Model for Tasks Within a Software Factory

US 20090064322A1
Filed: 08/30/2007
Published: 03/05/2009
Est. Priority Date: 08/30/2007
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method for preventing unauthorized activity within a software factory, the computer-implemented method comprising:

detecting a request by a user to utilize a software factory;

in response to authenticating the user as being authorized to utilize the software factory, granting the user permission to access specific areas of the software factory for which the user is specifically authorized;

maintaining a log of locations in the software factory that have been accessed by the user; and

utilizing the log to audit an effectiveness of the software factory in creating deliverable software.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Security for a software factory is provided by detecting a request by a user to utilize the software factory. Upon being authenticated, the user is granted permission to access specific areas of the software factory. A log is created of locations in software factory that have been accessed by the user. This log is then utilized in an audit that describes how effective the software factory is in creating deliverable software.

Citations

20 Claims

1. A computer-implemented method for preventing unauthorized activity within a software factory, the computer-implemented method comprising:
- detecting a request by a user to utilize a software factory;
  
  in response to authenticating the user as being authorized to utilize the software factory, granting the user permission to access specific areas of the software factory for which the user is specifically authorized;
  
  maintaining a log of locations in the software factory that have been accessed by the user; and
  
  utilizing the log to audit an effectiveness of the software factory in creating deliverable software.
- View Dependent Claims (2, 3, 4, 5, 6)
- - 2. The computer-implemented method of claim 1, fisher comprising:
    - receiving a work packet in the software factory, wherein the software factory comprises;
      
      a software factory governance section that evaluates the project proposal for acceptance by the software factory,a design center composed of a requirements analysis team and an architecture team, wherein the design center sections the project proposal into major functional areas that are to be handled by the requirements analysis team and the architecture team, and wherein the design center creates work packets, andan assembly line that receives and executes the work packets to create the deliverable software;
      
      receiving a description of software needs from a customer;
      
      inducting the project proposal into the software factory, wherein inducting the project proposal initially evaluates the project proposal'"'"'s compatibility with a capacity of the software factory;
      
      parsing the project proposal into major functional areas;
      
      retrieving work packets that are appropriate for the project proposal, wherein the work packets include pre-stored, reusable, self-contained, discrete units of software code;
      
      assembling the work packets into the deliverable software;
      
      testing the deliverable software; and
      
      delivering the deliverable software to the customer.
  - 3. The computer-implemented method of claim 2, wherein the assembly line further comprises:
    - a published set of services and a published set of requirements for the assembly line, wherein the published set of services and the published set of requirements for the assembly line are published to the design center, and wherein the published set of services describes what assembly services for assembling work packets are offered by the assembly line, and wherein the published set of requirements describes what execution environment must be used by work packets that are provided by the design center for assembly in the assembly line.
  - 4. The computer-implemented method of claim 3, wherein the work packets include governance procedures, standards, reused assets, work packet instructions, integration strategy, schedules, exit criteria and artifact checklist templates for Input/Output routines.
  - 5. The computer-implemented method of claim 2, wherein the assembly line includes software that automatically recognizes a project type for the project proposal, and wherein the assembly line assembles the work packets into the deliverable software in accordance with the project type that is recognized by the assembly line.
  - 6. The computer-implemented method of claim 2, wherein the assembly line conducts an integration test, a system test, a system integration test and a performance test of the deliverable software, wherein the integration test tests the deliverable software for compatibility with the client'"'"'s system, the system test checks the client'"'"'s system to ensure that the client'"'"'s system is operating properly, the system integration test tests for bugs that may arise when the deliverable software is integrated into the client'"'"'s system, and the performance test tests the deliverable software for defects as it is executing in the client'"'"'s system.

7. A system comprising:
- a processor;
  
  a data bus coupled to the processor;
  
  a memory coupled to the data bus; and
  
  a computer-usable medium embodying computer program code, the computer program code comprising instructions executable by the processor and configured for preventing unauthorized activity within a software factory by performing the steps of;
  
  detecting a request by a user to utilize a software factory;
  
  in response to authenticating the user as being authorized to utilize the software factory, granting the user permission to access specific areas of the software factory for which the user is specifically authorized;
  
  maintaining a log of locations in the software factory that have been accessed by the user; and
  
  utilizing the log to audit an effectiveness of the software factory in creating deliverable software.
- View Dependent Claims (8, 9, 10, 11, 12)
- - 8. The system of claim 7, wherein the instructions further comprise executable instructions for:
    - receiving a work packet in the software factory, wherein the software factory comprises;
      
      a software factory governance section that evaluates the project proposal for acceptance by the software factory,a design center composed of a requirements analysis team and an architecture team, wherein the design center sections the project proposal into major functional areas that are to be handled by the requirements analysis team and the architecture team, and wherein the design center creates work packets, andan assembly line that receives and executes the work packets to create the deliverable software;
      
      receiving a description of software needs from a customer;
      
      inducting the project proposal into the software factory, wherein inducting the project proposal initially evaluates the project proposal'"'"'s compatibility with a capacity of the software factory;
      
      parsing the project proposal into major functional areas;
      
      retrieving work packets that are appropriate for the project proposal, wherein the work packets include pre-stored, reusable, self-contained, discrete units of software code;
      
      assembling the work packets into the deliverable software;
      
      testing the deliverable software; and
      
      delivering the deliverable software to the customer.
  - 9. The system of claim 8, wherein the design center further comprises:
    - a requirements analysis team, wherein the requirements analysis team is responsible for determining system requirements for executing the deliverable software on the customer'"'"'s system; and
      
      an architectural team, wherein the architectural team models the project proposal in accordance with customer constraints, and wherein the architectural team bundles the customer constraints together with the work packets for execution in the assembly line.
  - 10. The system of claim 9, wherein the work packets include governance procedures, standards, reused assets, work packet instructions, integration strategy, schedules, exit criteria and artifact checklist templates for Input/Output routines.
  - 11. The system of claim 8, wherein the assembly line includes software that automatically recognizes a project type for the project proposal, and wherein the assembly line assembles the work packets into the deliverable software in accordance with the project type that is recognized by the assembly line.
  - 12. The system of claim 8, wherein the assembly line conducts an integration test, a system test, a system integration test and a performance test of the deliverable software, wherein the integration test tests the deliverable software for compatibility with the client'"'"'s system, the system test checks the client'"'"'s system to ensure that the client'"'"'s system is operating properly, the system integration test tests for bugs that may arise when the deliverable software is integrated into the client'"'"'s system, and the performance test tests the deliverable software for defects as it is executing in the client'"'"'s system.

13. A computer-readable medium encoded with a computer program, the computer program comprising computer executable instructions configured for:
- detecting a request by a user to utilize a software factory;
  
  in response to authenticating the user as being authorized to utilize the software factory, granting the user permission to access specific areas of the software factory for which the user is specifically authorized;
  
  maintaining a log of locations in the software factory that have been accessed by the user; and
  
  utilizing the log to audit an effectiveness of the software factory in creating deliverable software.
- View Dependent Claims (14, 15, 16, 17, 18, 19, 20)
- - 14. The computer-readable medium of claim 13, wherein the computer executable instructions further comprise executable instructions for:
    - receiving a work packet in the software factory, wherein the software factory comprises;
      
      a software factory governance section that evaluates the project proposal for acceptance by the software factory,a design center composed of a requirements analysis team and an architecture team, wherein the design center sections the project proposal into major functional areas that are to be handled by the requirements analysis team and the architecture team, and wherein the design center creates work packets, andan assembly line that receives and executes the work packets to create the deliverable software;
      
      receiving a description of software needs from a customer;
      
      inducting the project proposal into the software factory, wherein inducting the project proposal initially evaluates the project proposal'"'"'s compatibility with a capacity of the software factory;
      
      parsing the project proposal into major functional areas;
      
      retrieving work packets that are appropriate for the project proposal, wherein the work packets include pre-stored, reusable, self-contained, discrete units of software code;
      
      assembling the work packets into the deliverable software;
      
      testing the deliverable software; and
      
      delivering the deliverable software to the customer.
  - 15. The computer-readable medium of claim 14, wherein the design center further comprises:
    - a requirements analysis team, wherein the requirements analysis team is responsible for determining system requirements for executing the deliverable software on the customer'"'"'s system; and
      
      an architectural team, wherein the architectural team models the project proposal in accordance with customer constraints, and wherein the architectural team bundles the customer constraints together with the work packets for execution in the assembly line.
  - 16. The computer-readable medium of claim 15, wherein the work packets include governance procedures, standards, reused assets, work packet instructions, integration strategy, schedules, exit criteria and artifact checklist templates for Input/Output routines.
  - 17. The computer-readable medium of claim 14, wherein the assembly line includes software that automatically recognizes a project type for the project proposal, and wherein the assembly line assembles the work packets into the deliverable software in accordance with the project type that is recognized by the assembly line.
  - 18. The computer-readable medium of claim 14, wherein the assembly line conducts an integration test, a system test, a system integration test and a performance test of the deliverable software, wherein the integration test tests the deliverable software for compatibility with the client'"'"'s system, the system test checks the client'"'"'s system to ensure that the client'"'"'s system is operating properly, the system integration test tests for bugs that may arise when the deliverable software is integrated into the client'"'"'s system, and the performance test tests the deliverable software for defects as it is executing in the client'"'"'s system.
  - 19. The computer-readable medium of claim 13, wherein the computer-usable medium is a component of a remote server, and wherein the computer executable instructions are deployable to a supervisory computer from the remote server.
  - 20. The computer-readable medium of claim 13, wherein the computer executable instructions are capable of being provided by a service provider to a customer on an on-demand basis.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
International Business Machines Corporation, ServiceNow Incorporated
Original Assignee
International Business Machines Corporation
Inventors
Reddington, Francis X., Finlayson, Ronald D., Mitsumori, Naomi M.

Granted Patent

US 8,539,437 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/21
CPC Class Codes

G06F 21/6218   to a system of files or obj...

G06F 2221/2101   Auditing as a secondary aspect

G06Q 10/06   Resources, workflows, human...

Security Process Model for Tasks Within a Software Factory

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Security Process Model for Tasks Within a Software Factory

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links