System and method for secure complex event processing in heterogeneous environments

US 20120166688A1
Filed: 01/12/2011
Published: 06/28/2012
Est. Priority Date: 12/23/2010
Status: Active Grant

First Claim

Patent Images

1. A system for secure complex event processing (CEP), comprising:

a. an input adaptor configured to receive at least one input event from at least one external source system, wherein the at least one input event comprises at least one event-specific disclosure permission concerning data of the input event;

b. a CEP engine configured to process the at least one input event and to produce at least one corresponding complex output event;

c. a security enforcer configured to remove data from the at least one output event that is not in accordance with the at least one event-specific disclosure permission defined in the corresponding at least one input event; and

d. an output adaptor configured to send the at least one output event to at least one external target system.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

Certain example embodiments relate to a system for secure complex event processing (CEP). The system includes an input adaptor configured to receive at least one input event from at least one external source system. The at least one input event comprises at least one event-specific disclosure permission concerning data of the input event. A CEP engine is configured to process the at least one input event and to produce at least one corresponding complex output event. A security enforcer is configured to remove data from the at least one output event that is not in accordance with the at least one event-specific disclosure permission defined in the corresponding at least one input event. An output adaptor is configured to send the at least one output event to at least one external target system.

7 Citations

View as Search Results

14 Claims

1. A system for secure complex event processing (CEP), comprising:
- a. an input adaptor configured to receive at least one input event from at least one external source system, wherein the at least one input event comprises at least one event-specific disclosure permission concerning data of the input event;
  
  b. a CEP engine configured to process the at least one input event and to produce at least one corresponding complex output event;
  
  c. a security enforcer configured to remove data from the at least one output event that is not in accordance with the at least one event-specific disclosure permission defined in the corresponding at least one input event; and
  
  d. an output adaptor configured to send the at least one output event to at least one external target system.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8)
- - 2. The system of claim 1,wherein the input adaptor is further configured to add at least one source-specific disclosure permission to the at least one input event;
    - andwherein the security enforcer is further configured to remove data from the at least one output event that is not in accordance with the at least one source-specific disclosure permission.
  - 3. The system of claim 1,wherein the input adaptor is further configured to add at least one global disclosure permission to the at least one input event;
    - andwherein the security enforcer is further configured to remove data from the at least one output event that is not in accordance with the at least one global disclosure permission.
  - 4. The system of claim 1,wherein the output adaptor is further configured to add at least one target-specific disclosure permission to the at least one output event;
    - andwherein the security enforcer is further configured to remove data from the at least one output event that is not in accordance with the at least one target-specific disclosure permission.
  - 5. The system of claim 1,wherein the output adaptor is further configured to add at least one global disclosure permission to the at least one output event;
    - andwherein the security enforcer is further configured to remove data from the at least one output event that is not in accordance with the at least one global disclosure permission.
  - 6. The system of claim 1, wherein the input adaptor is further configured to transform the at least one input event into a common scheme, while maintaining all event-specific disclosure permissions defined in the at least one input event.
  - 7. The system of claim 6, wherein.the output adaptor is further configured to transform the at least one output event into a target-specific scheme, while maintaining all event-specific disclosure permissions defined in the corresponding at least one input event.
  - 8. The system of claim 1, wherein the communication with the at least one external source system and/or the communication with the at least one external target system is performed over secure channels.

9. A method for secure complex event processing (CEP), the method comprising:
- a. receiving at least one input event from at least one external source system, wherein the at least one input event comprises at least one event-specific disclosure permission concerning data of the input event;
  
  b. processing the at least one input event and producing at least one corresponding complex output event;
  
  c. removing data from the at least one output event that is not in accordance with the at least one event-specific disclosure permission defined in the corresponding at least one input event; and
  
  d. sending the at least one output event to at least one external target system.
- View Dependent Claims (10, 11, 12, 13, 14)
- - 10. The method of claim 9, further comprising:
    - adding at least one source-specific disclosure permission to the at least one input event; and
      
      removing data from the at least one output event that is not in accordance with the at least one source-specific disclosure permission.
  - 11. The method of claim 9, further comprising:
    - adding at least one global disclosure permission to the at least one input event; and
      
      removing data from the at least one output event that is not in accordance with the at least one global disclosure permission.
  - 12. The method of claim 9, further comprising:
    - adding at least one target-specific disclosure permission to the at least one output event; and
      
      removing data from the at least one output event that is not in accordance with the at least one target-specific disclosure permission.
  - 13. The method of claim 9, further comprising:
    - adding at least one global disclosure permission to the at least one output event; and
      
      removing data from the at least one output event that is not in accordance with the at least one global disclosure permission.
  - 14. A non-transitory computer readable storage medium tangibly storing a computer program comprising instructions that, when executed by a computer, implement a method of claim 9.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Software AG
Original Assignee
Software AG
Inventors
Schöning, Harald, Weber, Heiko, Gesmann, Michael, Harbarth, Juliane

Granted Patent

US 8,266,351 B2
Time in Patent Office

Days
Field of Search
US Class Current

710/62
CPC Class Codes

G06F 21/6218 to a system of files or obj...

H04L 63/105 Multiple levels of security

System and method for secure complex event processing in heterogeneous environments

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

7 Citations

14 Claims

Specification

Solutions

Use Cases

Quick Links

System and method for secure complex event processing in heterogeneous environments

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

7 Citations

14 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links