Hierarchical entitlement system with integrated inheritance and limit checks

US 7,797,239 B2
Filed: 09/13/2006
Issued: 09/14/2010
Est. Priority Date: 03/12/2004
Status: Active Grant

First Claim

Patent Images

1. A method for specifying and enforcing transaction amount limits comprising:

defining, by one or more computing devices, a transaction amount limit for a transaction;

specifying, by the one or more computing devices, conditions under which the transaction amount limit is applicable to the transaction, comprising a unit of the transaction and an entitlement group;

identifying, by the one or more computing devices, membership of a user in the entitlement group, responsive to a request from the user to perform a the transaction;

identifying, by the one or more computing devices, the transaction amount limit associated with the entitlement group and the unit of the transaction, wherein the entitlement group has a negative role-based permission inheritance from a parent entitlement group such that the transaction amount limit is within boundaries of a parent transaction amount limit associated with the parent entitlement group wherein the transaction amount limit is configured to specify a rule selected from one of;

(a) wherein the transaction amount limit is a first limit applicable to the transaction only if the unit of the transaction is equivalent to a unit of the transaction amount limit without a conversion, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified in the same unit of the transaction amount limit, or(b) wherein the transaction amount limit is a second limit applicable to the transaction regardless of the unit of the transaction, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified as applicable regardless of the unit of the transaction, wherein the first limit and the second limit are set independently of each other; and

processing, by the one or more computing devices, the transaction if the transaction satisfies the transaction amount limit based on comparison of the converted amount limit and/or converted amount of the transaction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A hierarchical entitlement system, method, and computer program product with integrated inheritance and limit checks are described. In one embodiment, for example, a computer-implemented method is described for specifying and enforcing entitlements for performance of financial transactions, the method comprises steps of: providing a hierarchical entitlement structure with inheritance for specifying entitlements for performing financial transactions; receiving user input for defining a plurality of entitlement groups of the hierarchical entitlement structure, wherein each entitlement group has specified permissions to perform financial transactions, limits on performance of the financial transactions, and membership of each user; in response to a particular user request to perform a financial transaction at runtime, identifying the particular user'"'"'s membership in a certain entitlement group; and determining whether to allow the particular user to perform the financial transaction based on permissions and limits of the hierarchical entitlement structure applicable to the particular user'"'"'s performance of the financial transaction.

Citations

20 Claims

1. A method for specifying and enforcing transaction amount limits comprising:
- defining, by one or more computing devices, a transaction amount limit for a transaction;
  
  specifying, by the one or more computing devices, conditions under which the transaction amount limit is applicable to the transaction, comprising a unit of the transaction and an entitlement group;
  
  identifying, by the one or more computing devices, membership of a user in the entitlement group, responsive to a request from the user to perform a the transaction;
  
  identifying, by the one or more computing devices, the transaction amount limit associated with the entitlement group and the unit of the transaction, wherein the entitlement group has a negative role-based permission inheritance from a parent entitlement group such that the transaction amount limit is within boundaries of a parent transaction amount limit associated with the parent entitlement group wherein the transaction amount limit is configured to specify a rule selected from one of;
  
  (a) wherein the transaction amount limit is a first limit applicable to the transaction only if the unit of the transaction is equivalent to a unit of the transaction amount limit without a conversion, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified in the same unit of the transaction amount limit, or(b) wherein the transaction amount limit is a second limit applicable to the transaction regardless of the unit of the transaction, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified as applicable regardless of the unit of the transaction, wherein the first limit and the second limit are set independently of each other; and
  
  processing, by the one or more computing devices, the transaction if the transaction satisfies the transaction amount limit based on comparison of the converted amount limit and/or converted amount of the transaction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The method of claim 1, wherein the transactions are financial transactions.
  - 3. The method of claim 1, wherein the units are currencies.
  - 4. The method of claim 1, further comprising:
    - identifying a cumulative amount limit using a particular unit and associated with the entitlement group; and
      
      maintaining a running total of all transactions performed by the user and/or the entitlement group having units equivalent to the particular unit, the running total defined in terms of the particular unit.
  - 5. The method of claim 4, wherein the processing the transaction comprises:
    - declining to process the transaction if the cumulative amount limit would be exceeded based on the sum of the running total and the transaction requested by the user, only if the particular unit is equivalent to the units of the transaction.
  - 6. The method of claim 1, further comprising:
    - identifying a cumulative amount limit using a particular unit and associated with the entitlement group; and
      
      maintaining a running total of all transactions performed by the user and/or the entitlement group, the running total defined in terms of the particular unit.
  - 7. The method of claim 6, wherein the maintaining the running total comprises:
    - converting the transaction requested by the user to the particular unit, if the unit of the transaction requested by the user is not equivalent to the particular unit.
  - 8. The method of claim 7, wherein the converting the transaction comprises:
    - using a converter module to convert the transaction requested by the user to the particular unit.
  - 9. The method of claim 8, wherein the converter module is a currency exchange module, and further wherein the units are currencies.
  - 10. The method of claim 6, wherein the processing the transaction comprises:
    - declining to process the transaction if the cumulative amount limit would be exceeded based on the sum of the running total and the transaction requested by the user, regardless of the units of the transaction.

11. A computer-readable storage medium having stored thereon computer-executable instructions for enabling a processor to specify and enforce transaction amount limits that, if executed by a computing device, cause the computing device to perform a method comprising:
- defining a transaction amount limit for a transaction;
  
  specifying conditions under which the transaction amount limit is applicable to the transaction, comprising a unit of the transaction and an entitlement group;
  
  identifying membership of a user in the entitlement group, responsive to a request from the user to perform a the transaction;
  
  identifying the transaction amount limit associated with the entitlement group and the unit of the transaction, wherein the entitlement group has a negative role-based permission inheritance from a parent entitlement group such that the transaction amount limit is within boundaries of a parent transaction amount limit associated with the parent entitlement group wherein the transaction amount limit is configured to specify a rule selected from one of;
  
  wherein the transaction amount limit is a first limit applicable to the transaction only if the unit of the transaction is equivalent to a unit of the transaction amount limit without a conversion, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified in the same unit of the transaction amount limit, orwherein the transaction amount limit is a second limit applicable to the transaction regardless of the unit of the transaction, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified as applicable regardless of the unit of the transaction, wherein the first limit and the second limit are set independently of each other; and
  
  processing the transaction if the transaction satisfies the transaction amount limit based on comparison of the converted amount limit and/or converted amount of the transaction.
- View Dependent Claims (12, 13, 14, 16, 17, 18)
- - 12. The computer-readable storage medium of claim 11, wherein the transactions are financial transactions.
  - 13. The computer-readable storage medium of claim 11, wherein the units are currencies.
  - 14. The computer-readable storage medium of claim 11, the method further comprising:
    - identifying a cumulative amount limit using a particular unit and associated with the entitlement group; and
      
      maintaining a running total of all transactions performed by the user and/or the entitlement group having units equivalent to the particular unit, the running total defined in terms of the particular unit.
  - 16. The computer-readable storage medium of claim 11, the method further comprising:
    - identifying a cumulative amount limit using a particular unit and associated with the entitlement group; and
      
      maintaining a running total of all transactions performed by the user and/or the entitlement group, the running total defined in terms of the particular unit.
  - 17. The computer-readable storage medium of claim 16, wherein the maintaining the running total comprises:
    - converting the transaction requested by the user to the particular unit, if the unit of the transaction requested by the user is not equivalent to the particular unit.
  - 18. The computer-readable storage medium of claim 16, wherein the processing the transaction comprises:
    - declining to process the transaction if the cumulative amount limit would be exceeded based on the sum of the running total and the transaction requested by the user, regardless of the units of the transaction.

15. The computer-readable storage medium of step 14, wherein the processing the transaction comprises:
- declining to process the transaction if the cumulative amount limit would be exceeded based on the sum of the running total and the transaction requested by the user, only if the particular unit is equivalent to the units of the transaction.

19. A system that specifies and enforces transaction amount limits, comprising:
- a first module configured to define a transaction amount limit for a transaction;
  
  a second module configured to specify conditions under which the transaction amount limit is applicable to the transaction, comprising a unit of the transaction and an entitlement group;
  
  a third module configured to identify membership of a user in an the entitlement group, responsive to a request from the user to perform a the transaction;
  
  a fourth module configured to identify the transaction amount limit associated with the entitlement group and the unit of the transaction, wherein the entitlement group has a negative role-based permission inheritance from a parent entitlement group such that the transaction amount limit is within boundaries of a parent transaction amount limit associated with the parent entitlement group wherein the transaction amount limit is configured to specify a rule selected from one of;
  
  (a) wherein the transaction amount limit is a first limit applicable to the transaction only if the unit of the transaction is equivalent to a unit of the transaction amount limit without a conversion, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified in the same unit of the transaction amount limit, or(b) wherein the transaction amount limit is a second limit applicable to the transaction regardless of the unit of the transaction, and further wherein the transaction amount limit is within boundaries of the parent transaction amount limit specified as applicable regardless of the unit of the transaction, wherein the first limit and the second limit are set independently of each other; and
  
  a fifth module configured to process the transaction if the transaction satisfies the transaction amount limit based on comparison of the converted amount limit and/or converted amount of the transaction;
  
  wherein the first module, the second module, the third module, the fourth module, and the fifth module execute in one or more processors.

20. A method for specifying and enforcing cumulative amount limits comprising:
- defining, by one or more computing devices, a cumulative amount limit;
  
  specifying, by the one or more computing devices, conditions under which the cumulative amount limit is applicable to a transaction, comprising a unit of the transaction and an entitlement group;
  
  identifying, by the one or more computing devices, membership of a user in the entitlement group, responsive to a request from the user to perform the transaction;
  
  identifying, by the one or more computing devices, the cumulative amount limit associated with the entitlement group and the unit of the transaction, wherein the entitlement group has a negative role-based permission inheritance from a parent entitlement group such that the cumulative amount limit is within boundaries of a parent cumulative amount limit associated with the parent entitlement group, wherein the cumulative amount limit is configured to specify a rule selected from one of;
  
  (a) wherein the cumulative amount limit is a first limit that maintains a running total of all transactions performed by the user and/or the entitlement group where the unit of the transaction is equivalent to a unit of the cumulative amount limit without a conversion, the running total defined in terms of the unit of the cumulative amount limit, and further wherein the cumulative amount limit is within boundaries of the parent cumulative amount limit specified in the same unit of the transaction amount limit, or(b) wherein the cumulative amount limit is a second limit that maintains a running total of all transactions performed by the user and/or the entitlement group regardless of the unit of the transaction, and further wherein the cumulative amount limit is within boundaries of the parent cumulative amount limit specified as applicable regardless of the units of the transaction, wherein the first limit and the second limit are set independently of each other; and
  
  rejecting, by the one or more computing devices, the processing of the transaction if the cumulative amount limit would be exceeded based on the sum of the running total and the transaction requested by the user, based on the first limit or the second limit.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sybase Incorporated (SAP SE)
Original Assignee
Sybase Incorporated (SAP SE)
Inventors
Smith, Debra
Primary Examiner(s)
Kazimi; Hani
Assistant Examiner(s)
MADAMBA, CLIFFORD B

Application Number

US11/519,927
Publication Number

US 20070011091A1
Time in Patent Office

1,462 Days
Field of Search

705 35- 45
US Class Current

705/44
CPC Class Codes

G06Q 20/10   specially adapted for elect...

G06Q 20/40   Authorisation, e.g. identif...

G06Q 40/02   Banking, e.g. interest calc...

Hierarchical entitlement system with integrated inheritance and limit checks

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Hierarchical entitlement system with integrated inheritance and limit checks

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links