×

System and method for managing controls within a heterogeneous enterprise environment

  • US 8,671,013 B2
  • Filed: 05/01/2007
  • Issued: 03/11/2014
  • Est. Priority Date: 05/01/2006
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented system for managing controls within a heterogeneous enterprise environment using a service-oriented open controls architecture, the system comprising:

  • one or more processors;

    an integration component implemented on the one or more processors configured to;

    import, from a plurality of heterogeneous enterprise applications, user role information that describes authorizations or permissions assigned to one or more users in the plurality of heterogeneous enterprise applications;

    import, from the plurality of heterogeneous enterprise applications, business transaction information that describes one or more business process activity instances in the plurality of heterogeneous enterprise applications;

    import, from the plurality of heterogeneous enterprise applications, configuration information that describes one or more internal control settings that govern usage in the plurality of heterogeneous enterprise applications and indicate what the plurality of heterogeneous enterprise applications are allowed to do; and

    normalize the user role information, the business transaction information, and the configuration information imported from the plurality of heterogeneous enterprise applications into a predetermined format;

    a foundation services component configured to store the user role information, the business transaction information, and the configuration information imported from the plurality of heterogeneous enterprise applications in the predetermined format and provide one or more services to manage and process the user role information, the business transaction information, and the configuration information;

    a controls authoring suite implemented on the one or more processors, wherein the controls authoring suite includes one or more studios configured to;

    receive one or more inputs to the one or more studios to author a role management rule, a business transaction rule, and a configuration rule;

    load the role management rule into the service-oriented open controls architecture to test the normalized user role information, the normalized business transaction information, and the normalized configuration information for compliance with one or more access controls;

    load the business transaction rule into the service-oriented open controls architecture to test normalized user role information, the normalized business transaction information, and the normalized configuration information for compliance with one or more process or operational controls; and

    load the configuration rule into the service-oriented open controls architecture to test the normalized user role information, the normalized business transaction information, and the normalized configuration information for compliance with one or more application controls; and

    an enterprise controls component implemented on the one or more processors and configured to;

    apply the role management rule to the normalized user role information, the normalized business transaction information, and the normalized configuration information to test whether the authorizations or permissions assigned to the one or more users violate the role management rule or comply with the one or more access controls;

    apply the business transaction rule to the normalized user role information, the normalized business transaction information, and the normalized configuration information to test whether the business process activity instances violate the business transaction rule or comply with the one or more process or operational controls; and

    apply the configuration rule to the normalized user role information, the normalized business transaction information, and the normalized configuration information to test whether the internal control settings violate the configuration rule or comply with the one or more application controls.

View all claims
  • 12 Assignments
Timeline View
Assignment View
    ×
    ×