System and Method of Performing Risk Analysis using a Portal

US 20100250603A1
Filed: 03/27/2009
Published: 09/30/2010
Est. Priority Date: 03/27/2009
Status: Active Grant

First Claim

Patent Images

1. A computer-implemented method comprising:

receiving a plurality of requests from a risk analysis software component across a network in an agent software component, wherein the agent is coupled to an enterprise system portal software component, wherein said portal is coupled to a plurality of enterprise software systems and stores a plurality of user information and user authorization data for a plurality of users for specifying actions a user is authorized to perform in said enterprise software systems, the requests to said agent each including parameters corresponding to a risk analysis process executing on said risk analysis software;

generating, by said agent, a plurality of queries in response to said plurality of requests, each query retrieving data based on parameters from a corresponding request;

retrieving, by said portal, said user information stored in a user management component of said portal in response to a first query generated in response to a first request of said plurality of requests, and returning said user information to said agent in response to the first query;

retrieving, by said portal, said user authorization data stored in a content directory component of said portal in response to a second query generated in response to a second request of said plurality of requests, and returning said user authorization data to said agent in response to the second query; and

sending said user information and said user authorization data from said agent across said network to said risk analysis software for use in executing said risk analysis process.

View all claims

2 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one embodiment the present invention includes a system and method of performing risk analysis on a portal. In one embodiment, risk analysis software sends requests for user information and user authorization data to an agent. The agent may be coupled to a portal and may generate queries for accessing information on the portal. The portal may include user information and authorization data useful for performing risk analysis. The agent may retrieve information used in a risk analysis process and send the information to the risk analysis software.

38 Citations

View as Search Results

20 Claims

1. A computer-implemented method comprising:
- receiving a plurality of requests from a risk analysis software component across a network in an agent software component, wherein the agent is coupled to an enterprise system portal software component, wherein said portal is coupled to a plurality of enterprise software systems and stores a plurality of user information and user authorization data for a plurality of users for specifying actions a user is authorized to perform in said enterprise software systems, the requests to said agent each including parameters corresponding to a risk analysis process executing on said risk analysis software;
  
  generating, by said agent, a plurality of queries in response to said plurality of requests, each query retrieving data based on parameters from a corresponding request;
  
  retrieving, by said portal, said user information stored in a user management component of said portal in response to a first query generated in response to a first request of said plurality of requests, and returning said user information to said agent in response to the first query;
  
  retrieving, by said portal, said user authorization data stored in a content directory component of said portal in response to a second query generated in response to a second request of said plurality of requests, and returning said user authorization data to said agent in response to the second query; and
  
  sending said user information and said user authorization data from said agent across said network to said risk analysis software for use in executing said risk analysis process.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The method of claim 1 wherein said portal is configured to receive real time updates of said plurality of user information and user authorization data from said plurality of enterprise software systems, and in accordance therewith, said agent sends real time user information and user authorization data to said risk analysis software for use in executing said risk analysis process.
  - 3. The method of claim 1 wherein said request includes a security token, and wherein said queries are generated after said security token has been validated.
  - 4. The method of claim 1 further comprisingreceiving, in said agent, a credential for said risk analysis software in a first request of said plurality of requests;
    - sending, from said agent to said portal, said credential;
      
      generating, by said portal, a security token if the credential is authorized by said portal,wherein said agent sends said queries to said portal with said security token, and wherein said portal performs said queries if said security token is validated, and wherein said portal does not performs said queries if said security token is not validated.
  - 5. The method of claim 1 wherein said user information or said user authorization data is mapped by said agent from a first format used by said portal to a second format used by said risk analysis software.
  - 6. The method of claim 5 wherein said agent comprises a plurality of different objects instantiated from a plurality of different classes for processing different data types.
  - 7. The method of claim 6 wherein said mapped user information or user authorization data is merged from each object into a list by said agent before sending.
  - 8. The method of claim 1 wherein first data retrieved by a first query based on a first parameter is stored in a first object, and second data retrieved by a second query based on a second parameter is stored in a second object, and wherein the first object maps the first data from a first format used by said portal to a second format used by said risk analysis software for said first data, and the second object maps the second data from a third format used by said portal to a fourth format used by said risk analysis software for said second data.

9. A computer readable medium embodying a computer program for performing a method, said method comprising:
- receiving a plurality of requests from a risk analysis software component across a network in an agent software component, wherein the agent is coupled to an enterprise system portal software component, wherein said portal is coupled to a plurality of enterprise software systems and stores a plurality of user information and user authorization data for a plurality of users for specifying actions a user is authorized to perform in said enterprise software systems, the requests to said agent each including parameters corresponding to a risk analysis process executing on said risk analysis software;
  
  generating, by said agent, a plurality of queries in response to said plurality of requests, each query retrieving data based on parameters from a corresponding request;
  
  retrieving, by said portal, said user information stored in a user management component of said portal in response to a first query generated in response to a first request of said plurality of requests, and returning said user information to said agent in response to the first query;
  
  retrieving, by said portal, said user authorization data stored in a content directory component of said portal in response to a second query generated in response to a second request of said plurality of requests, and returning said user authorization data to said agent in response to the second query; and
  
  sending said user information and said user authorization data from said agent across said network to said risk analysis software for use in executing said risk analysis process.
- View Dependent Claims (10, 11, 12, 13, 14, 15, 16)
- - 10. The computer readable medium of claim 9 wherein said portal is configured to receive real time updates of said plurality of user information and user authorization data from said plurality of enterprise software systems, and in accordance therewith, said agent sends real time user information and user authorization data to said risk analysis software for use in executing said risk analysis process.
  - 11. The computer readable medium of claim 9 wherein said request includes a security token, and wherein said queries are generated after said security token has been validated.
  - 12. The computer readable medium of claim 9 further comprisingreceiving, in said agent, a credential for said risk analysis software in a first request of said plurality of requests;
    - sending, from said agent to said portal, said credential;
      
      generating, by said portal, a security token if the credential is authorized by said portal,wherein said agent sends said queries to said portal with said security token, and wherein said portal performs said queries if said security token is validated, and wherein said portal does not performs said queries if said security token is not validated.
  - 13. The computer readable medium of claim 9 wherein said user information or said user authorization data is mapped by said agent from a first format used by said portal to a second format used by said risk analysis software.
  - 14. The computer readable medium of claim 13 wherein said agent comprises a plurality of different objects instantiated from a plurality of different classes for processing different data types.
  - 15. The computer readable medium of claim 14 wherein said mapped user information or user authorization data is merged from each object into a list by said agent before sending.
  - 16. The computer readable medium of claim 9 wherein first data retrieved by a first query based on a first parameter is stored in a first object, and second data retrieved by a second query based on a second parameter is stored in a second object, and wherein the first object maps the first data from a first format used by said portal to a second format used by said risk analysis software for said first data, and the second object maps the second data from a third format used by said portal to a fourth format used by said risk analysis software for said second data.

17. A computer system comprising:
- one or more processors;
  
  a network interface for coupling the computer system to a network;
  
  an enterprise system portal software component coupled to one or more enterprise software systems, wherein said portal stores a plurality of user information and user authorization data for a plurality of users for specifying actions each user is authorized to perform in said enterprise software systems; and
  
  an agent software component coupled to said portal, said agent receiving a plurality of requests from a risk analysis software component across the network, wherein the requests to said agent each include parameters corresponding to a risk analysis process executing on said risk analysis software,wherein said agent generates a plurality of queries in response to said plurality of requests, each query retrieving data based on parameters from a corresponding request,wherein said portal retrieves said user information stored in a user management component of said portal in response to a first query generated in response to a first request of said plurality of requests, and returns said user information to said agent in response to the first query,wherein said portal retrieves said user authorization data stored in a content directory component of said portal in response to a second query generated in response to a second request of said plurality of requests, and returns said user authorization data to said agent in response to the second query, andwherein said agent sends said user information and said user authorization data across said network to said risk analysis software for use in executing said risk analysis process.
- View Dependent Claims (18, 19, 20)
- - 18. The computer system of claim 17 wherein said agent receives a credential for said risk analysis software in a first request of said plurality of requests, said agent sends said credential to said portal, said portal generates a security token if the credential is authorized by said portal, wherein said agent sends said queries to said portal with said security token, and wherein said portal performs said queries if said security token is validated, and wherein said portal does not performs said queries if said security token is not validated.
  - 19. The computer system of claim 17 wherein said user information or said user authorization data is mapped by said agent from a first format used by said portal to a second format used by said risk analysis software.
  - 20. The computer system of claim 19 wherein said agent comprises a plurality of different objects instantiated from a plurality of different classes for processing different data types.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
SAP SE
Original Assignee
SAP AG (SAP SE)
Inventors
Balakrishnaiah, Venkatesh B., Chinnathambi, Senthil K., Subbarayan, Ravikumar

Granted Patent

US 8,745,088 B2
Time in Patent Office

Days
Field of Search
US Class Current

707/781
CPC Class Codes

G06F 21/577   Assessing vulnerabilities a...

G06Q 10/10   Office automation; Time man...

H04L 9/3234   involving additional secure...

System and Method of Performing Risk Analysis using a Portal

First Claim

2 Assignments

0 Petitions

Accused Products

Abstract

38 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

System and Method of Performing Risk Analysis using a Portal

First Claim

2 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

38 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links