Integrated robotics and access management for target systems

US 9,817,967 B1
Filed: 01/13/2017
Issued: 11/14/2017
Est. Priority Date: 01/13/2017
Status: Active Grant

First Claim

Patent Images

1. A access management system comprising:

an identity and access management (IAM) system comprising;

a central directory data storage storing electronic identities of individuals and credentials of the individuals; and

an IAM computer to;

receive a request to perform an access management task on an associated target system;

determine whether the request is approved;

in response to determining the request is approved, generate an access management request to perform the access management task based on the received request;

an access management robot facilitation (AMRF) system comprising;

a robot instruction queue; and

an access management robot facilitation computer to;

receive the access management request from the IAM system and extract information from the access management request;

generate an access management instruction in the robot instruction queue based on the extracted information;

determine whether the access management instruction is missing required information;

obtain the required information from the central directory data storage if the access management instruction is missing the required information, and insert the obtained information in the access management instruction;

mark the access management instruction in the robot instruction queue as not yet started;

identify when the access management instruction in the robot instruction queue has failed; and

determine one or more remedial actions that can be performed for the failed access management instruction based on information associated with the failed access management instruction, wherein the one or more remedial actions comprise automatically reprogramming a robot of a plurality of robots included in a robotic process automation (RPA) system to execute the failed access management instruction based on recorded desktop operations of a system administrator, the desktop operations successfully executing access management tasks associated with the failed access management instruction;

the robotic process automation (RPA) system comprising;

the plurality of robots configured to control access to a plurality of target systems that include the associated target system,the plurality of robots comprising the robot, wherein the robot is identified as controlling access to the associated target system, the robot including a processor to;

monitor the robot instruction queue for new access management instructions;

identify the access management instruction in the robot instruction queue;

mark the access management instruction in the robot instruction queue as pending;

execute the access management instruction on the associated target system specified in the access management instruction; and

update a status of the access management instruction in the robot instruction queue based on the execution of the access management instruction.

View all claims

1 Assignment

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

An access management robot facilitation system facilitates a robot to execute access management tasks on a target system.

Citations

17 Claims

1. A access management system comprising:
- an identity and access management (IAM) system comprising;
  
  a central directory data storage storing electronic identities of individuals and credentials of the individuals; and
  
  an IAM computer to;
  
  receive a request to perform an access management task on an associated target system;
  
  determine whether the request is approved;
  
  in response to determining the request is approved, generate an access management request to perform the access management task based on the received request;
  
  an access management robot facilitation (AMRF) system comprising;
  
  a robot instruction queue; and
  
  an access management robot facilitation computer to;
  
  receive the access management request from the IAM system and extract information from the access management request;
  
  generate an access management instruction in the robot instruction queue based on the extracted information;
  
  determine whether the access management instruction is missing required information;
  
  obtain the required information from the central directory data storage if the access management instruction is missing the required information, and insert the obtained information in the access management instruction;
  
  mark the access management instruction in the robot instruction queue as not yet started;
  
  identify when the access management instruction in the robot instruction queue has failed; and
  
  determine one or more remedial actions that can be performed for the failed access management instruction based on information associated with the failed access management instruction, wherein the one or more remedial actions comprise automatically reprogramming a robot of a plurality of robots included in a robotic process automation (RPA) system to execute the failed access management instruction based on recorded desktop operations of a system administrator, the desktop operations successfully executing access management tasks associated with the failed access management instruction;
  
  the robotic process automation (RPA) system comprising;
  
  the plurality of robots configured to control access to a plurality of target systems that include the associated target system,the plurality of robots comprising the robot, wherein the robot is identified as controlling access to the associated target system, the robot including a processor to;
  
  monitor the robot instruction queue for new access management instructions;
  
  identify the access management instruction in the robot instruction queue;
  
  mark the access management instruction in the robot instruction queue as pending;
  
  execute the access management instruction on the associated target system specified in the access management instruction; and
  
  update a status of the access management instruction in the robot instruction queue based on the execution of the access management instruction.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The access management system of claim 1, wherein the AMRF system transmits the updated status to the IAM system, and the IAM system sends an operation request to the AMRF system to delete the access management instruction from the robot instruction queue.
  - 3. The access management system of claim 1, wherein in response to not obtaining the missing information, the access management robot facilitation computer is to update the status of the access management instruction to failed in the robot instruction queue.
  - 4. The access management system of claim 1, wherein the robot is programmed to perform exception handling in response to identifying a predetermined exception when executing the access management task on the associated target system, and to mark the status of the access management instruction in the robot instruction queue as exception when the predetermined exception is identified.
  - 5. The access management system of claim 4, wherein the access management instruction in the robot instruction queue includes a remarks field, and the robot is programmed to populate the remarks field with a cause of the predetermined exception when the predetermined exception is identified.
  - 6. The access management system of claim 1, wherein the robot updates the status to completed if the execution of the access management instruction is successfully completed;
    - wherein the robot updates the status to failed if the execution of the access management instruction failed; and
      
      wherein the robot updates the status to exception if a predetermined exception is encountered during the execution of the access management task.
  - 7. The access management system of claim 1, wherein the robot is programmed to automate access management tasks on the associated target system.
  - 8. The access management system of claim 7, wherein the access management system tasks include creating, deleting or modifying user accounts on the associated target system.
  - 9. The access management system of claim 1, wherein the access management robot facilitation computer is to:
    - determine whether the received the access management request is a composite request;
      
      in response to determining that the access management request is a composite request, determining a series of tasks to be performed on the associated target system to execute the composite request; and
      
      generate access management instructions in the robot instruction queue to perform the series of tasks by at least one robot of the RPA system.
  - 10. The access management system of claim 1, wherein the access management robot facilitation computer is to further:
    - generate an alert fix if no remedial actions are determined for the failed instructions; and
      
      automatically execute the one or more remedial actions if it is determined that the one or more remedial actions can execute the failed instructions.

11. An access management robot facilitation system comprising:
- a storage device storing a robot instruction queue; and
  
  an access management robot facilitation computer comprising a processor to;
  
  receive an access management request for an associated target system selected from a plurality of target systems from an identity access management system;
  
  extract information from the received request;
  
  generate an access management instruction in the robot instruction queue based on the extracted information;
  
  determine whether the access management instruction is missing required information;
  
  obtain the required information from a directory of an access management system if the access management instruction is missing the required information;
  
  insert the obtained information in the access management instruction; and
  
  mark the access management instruction in the robot instruction queue as not yet started;
  
  identify, from a plurality of robots controlling access to the plurality of target systems, a robot controlling access to the associated target system, wherein the robot includes a processor that is programmed to;
  
  monitor the robot instruction queue for new access management instructions;
  
  identify the access management instruction in the robot instruction queue;
  
  mark the access management instruction in the robot instruction queue as pending;
  
  execute the access management instruction on the associated target system specified in the access management instruction; and
  
  update a status of the access management instruction in the robot instruction queue based on the execution of the access management instruction;
  
  identify when the robot has failed to execute the access management instruction; and
  
  determine one or more remedial actions that can be performed for the failed access management instruction based on information associated with the failed access management instruction, wherein the one or more remedial actions comprise automatically reprogramming the robot to execute the failed access management instruction based on recorded desktop operations of a system administrator, the desktop operations successfully executing access management tasks associated with the failed access management instruction.
- View Dependent Claims (12, 13, 14, 15, 16)
- - 12. The access management robot facilitation system of claim 11, wherein the access management robot facilitation computer is to receive an operation request from the robot to update a status of the access management instruction in the robot instruction queue to pending in response to the robot executing the access management instruction on the associated target system, and the access management robot facilitation computer updates the status to pending.
  - 13. The access management robot facilitation system of claim 12, wherein the access management robot facilitation computer is to further update the status of the access management instruction in the robot instruction queue based on the execution of the automated access management task by the robot in the associated target system.
  - 14. The access management robot facilitation system of claim 13, wherein the further updated status comprises completed if the execution of the automated access management task is successfully completed;
    - wherein the further updated status comprises failed if the execution of the automated access management task failed; and
      
      wherein the further updated status comprises exception if a predetermined exception is encountered during the execution of the automated access management task.
  - 15. The access management robot facilitation system of claim 11, wherein in response to not obtaining the missing information, the access management robot facilitation computer is to update status of the access management instruction to failed in the robot instruction queue.
  - 16. The access management robot facilitation system of claim 11, wherein the access management instruction in the robot instruction queue includes a remarks field, and the robot is programmed to populate the remarks field with a cause of a predetermined exception if the predetermined exception is encountered during execution of the automated access management task.

17. A computer implemented method to facilitate execution of access management tasks by at least one robot, the method comprising:
- receiving an access management request for an associated target system from an identity access management system;
  
  extracting information from the received request;
  
  generating an access management instruction in a robot instruction queue based on the extracted information;
  
  determining whether the access management instruction is missing required information;
  
  obtaining the required information from a central directory of the identity access management system if the access management instruction is missing the required information;
  
  inserting the obtained information in the access management instruction;
  
  marking status of the access management instruction in the robot instruction queue as not yet started;
  
  identifying, from a plurality of robots controlling access to a plurality of target systems, a robot controlling access to the associated target system, wherein the robot includes a processor that is programmed for;
  
  monitoring the robot instruction queue for new access management instructions;
  
  identifying the access management instruction in the robot instruction queue;
  
  marking the access management instruction in the robot instruction queue as pending;
  
  executing the access management instruction on the associated target system specified in the access management instruction; and
  
  updating a status of the access management instruction in the robot instruction queue based on the execution of the access management instruction;
  
  identifying when the robot has failed to execute the access management instruction; and
  
  determining one or more remedial actions that can be performed for the failed access management instruction based on information associated with the failed access management instruction, wherein the one or more remedial actions comprise automatically reprogramming the robot to execute the failed access management instruction based on recorded desktop operations of a system administrator, the desktop operations successfully executing access management tasks associated with the failed access management instruction.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Accenture Global Solutions Limited (Accenture PLC)
Original Assignee
Accenture Global Solutions Limited (Accenture PLC)
Inventors
Shukla, Sanjeev, Tandon, Gaurav, Thexton, Rexall E., Joshi, Neha, Parker, David Michael, Ramesh, Avinash, Dasari, Krishna M., Ramakrishnan, Parvathy
Primary Examiner(s)
Chiang, Jason C

Application Number

US15/406,559
Time in Patent Office

305 Days
Field of Search
US Class Current
CPC Class Codes

B25J 9/1674   characterised by safety, mo...

G05B 19/042   using digital processors G0...

G05B 2219/24158   Access only for service, hi...

G05B 2219/39371   Host and robot controller

G06F 21/45   Structures or tools for the...

G06F 21/52   during program execution, e...

G06F 2221/031   Protect user input by softw...

G06F 2221/2117   User registration

G06F 30/00   Computer-aided design [CAD]

H04L 63/10   for controlling access to d...

Integrated robotics and access management for target systems

First Claim

1 Assignment

0 Petitions

Accused Products

Abstract

Citations

17 Claims

Specification

Solutions

Use Cases

Quick Links

Integrated robotics and access management for target systems

First Claim

1 Assignment

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

17 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links