System and method for producing audit trails
First Claim
1. A method for generating audit trails, comprising:
- establishing a connection between an event listener component and at least one event source;
collecting event data for one of a plurality of events from the at least one event source at the event listener component;
responsive to collecting the event data, transmitting an event notification from the event listener component to a correlator;
loading a process definition at the correlator, the process definition defining a plurality of state transitions each associated with different ones of the plurality of events;
responsive to receiving the event notification, determining at the correlator that the event data is representative of a state transition to a final process state;
traversing the process definition in reverse by a computer and, for each one of the plurality of state transitions, transmitting a query to the event listener component to retrieve the event associated with the one of the plurality of state transitions;
determining if all of the events associated with the plurality of state transitions have been retrieved or have not been retrieved;
generating, by the computer, at least one audit trail event at the correlator, based on the event data collected at the event listener component;
wherein if all of the events associated with the plurality of state transitions are retrieved, a normal audit trail event is generated, and if one or more events associated with the plurality of state transitions are not retrieved, an anomaly audit trail event is generated; and
transmitting the at least one audit trail event to a notification component.
2 Assignments
0 Petitions
Accused Products
Abstract
Business Processes handle business transactions. The life cycle of a transaction is controlled by state of the process and events. Events represent information exchange between systems. The states determine when the exchange should take place.
Key issues are to identify whether a transaction is anomalous and if so, determining the trace to the root cause
To detect anomalies, current approaches evaluate transaction data statistically. To validate whether the transaction is indeed anomalous requires significant storage, processing power and human resources.
The new approach audits events as they happen against the business process definition. Events that do not follow the right sequences and conditions of the process definition are identified to be anomalous. The generated audit trail traces the root cause of the transaction anomaly.
Businesses can now protect or re-engineer their strategic business processes using audit trail traces.
-
Citations
15 Claims
-
1. A method for generating audit trails, comprising:
-
establishing a connection between an event listener component and at least one event source; collecting event data for one of a plurality of events from the at least one event source at the event listener component; responsive to collecting the event data, transmitting an event notification from the event listener component to a correlator; loading a process definition at the correlator, the process definition defining a plurality of state transitions each associated with different ones of the plurality of events; responsive to receiving the event notification, determining at the correlator that the event data is representative of a state transition to a final process state; traversing the process definition in reverse by a computer and, for each one of the plurality of state transitions, transmitting a query to the event listener component to retrieve the event associated with the one of the plurality of state transitions; determining if all of the events associated with the plurality of state transitions have been retrieved or have not been retrieved; generating, by the computer, at least one audit trail event at the correlator, based on the event data collected at the event listener component;
wherein if all of the events associated with the plurality of state transitions are retrieved, a normal audit trail event is generated, and if one or more events associated with the plurality of state transitions are not retrieved, an anomaly audit trail event is generated; andtransmitting the at least one audit trail event to a notification component. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for generating audit trails, comprising:
-
a computer; an event listener component for establishing a connection to at least one event source, the event listener component configured to collect event data for one of a plurality of events from the at least one event source and to transmit an event notification; a correlator configured to load a process definition, the process definition defining a plurality of state transitions each associated with different ones of the plurality of events; the correlator further configured to determine, responsive to receiving the event notification, if the event data is representative of a state transition to a final process state; and
, when the determination is affirmative, to traverse the process definition in reverse by a computer and, for each one of the plurality of state transitions, to transmit a query to the event listener component for retrieving the event associated with the one of the plurality of state transitions;the correlator further configured to receive the event notification and generate, by the computer, at least one audit trail event, based on the event data collected at the event listener component; the correlator being further configured, if all of the events associated with the plurality of state transitions are retrieved, to generate a normal audit trail event; and
, if one or more of the events associated with the plurality of state transitions are not retrieved, to generate an anomaly audit trail event;the correlator further configured to transmit the at least one audit trail event; and
,a notification component configured to receive the at least one audit trail event from the correlator. - View Dependent Claims (9, 10, 11, 12, 13, 14, 15)
-
Specification