Patent Grant
9998450
The proliferation of computerized automation of processes in every aspect of life, data storage and processing have become a major component of networked systems handling financial and other transactions. In such systems, data is entered, modified, or deleted from a number of sources. The same data is maintained in multiple data stores in same or different formats, and a data store has to pick up or synchronize changes to data based on changes in a different store. Various data stores from simple tables to complicated databases is maintained and synchronized as new entries or modifications are made by different sources. The changes are synchronized at regular intervals. In addition, variety of services are offered to enable internal and external parties' interactivity with the data hosted by the data stores. Consumers of the data as well as providers usually demand certifications associated with the services to enable compliance-associated processes between the parties.
Compliance certifications demand complex documents. The complexity of the documents rarely comply with strict templates used to generate legacy certification documents. Components for certifications of a service frequently need to be reported at differing levels of detail. Variations in detail force compliance systems to maintain a large number of documents. The documents usually host similar content, but aggregated differently, at differing levels of detail and with changes to terminology.
This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the Detailed Description. This summary is not intended to exclusively identify key features or essential features of the claimed subject matter, nor is it intended as an aid in determining the scope of the claimed subject matter.
Embodiments are directed to automated generation of certification documents. A certification application may retrieve a component information associated with a status of a service from a data store maintaining the component information. The component information may include component security information and component metadata. The component information may be transformed for insertion into a certification template. Risk analysis data, phraseology data, and localization data may be used to transform the component information. In addition, a certification document may be generated based on the certification template by inserting the component information into the certification template.
These and other features and advantages will be apparent from a reading of the following detailed description and a review of the associated drawings. It is to be understood that both the foregoing general description and the following detailed description are explanatory and do not restrict aspects as claimed.
As briefly described above, a certification document may be automatically generated based on component information associated with a status of a service. certification application may retrieve and transform the component information from a data store. The certification document may be generated based on the certification template by inserting the component information into the certification template.
In the following detailed description, references are made to the accompanying drawings that form a part hereof, and in which are shown by way of illustrations specific embodiments or examples. These aspects may be combined, other aspects may be utilized, and structural changes may be made without departing from the spirit or scope of the present disclosure. The following detailed description is therefore not to be taken in a limiting sense, and the scope of the present invention is defined b the appended claims and their equivalents.
While the embodiments will be described in the general context of program modules that execute in conjunction with an application program that runs on an operating system on a computing device, those skilled in the art will recognize that aspects may also be implemented in combination with other program modules.
Generally, program modules include routines, programs, components, data structures, and other types of structures that perform particular tasks or implement particular abstract data types. Moreover, those skilled in the art will appreciate that embodiments may be practiced with other computer system configurations, including hand-held devices, multiprocessor systems, microprocessor-based or programmable consumer electronics, minicomputers, mainframe computers, and comparable computing devices. Embodiments may also be practiced in distributed computing environments where tasks are performed by remote processing devices that are linked through a communications network. In a distributed computing environment, program modules may be located in both local and remote memory storage devices.
Embodiments may be implemented as a computer-implemented process (method), a computing system, or as an article of manufacture, such as a computer program product or computer readable media. The computer program product may be a computer storage medium readable by a computer system and encoding a computer program that comprises instructions for causing a computer or computing system to perform example process(es). The computer-readable storage medium is a computer-readable memory device. The computer-readable storage medium can for example be implemented via one or more of a volatile computer memory, a non-volatile memory, a hard drive, and a flash drive.
Throughout this specification, the term “platform” may be a combination of software and hardware components to generate automatically a certification document. Examples of platforms include, but are not limited to, a hosted service executed over a plurality of servers, an application executed on a single computing device, and comparable systems. The term “server” generally refers to a computing device executing one or more software programs typically in a networked environment. However, a server may also be implemented as a virtual server (software programs) executed on one or more computing devices viewed as a server on the network, More detail on these technologies and example embodiments may be found in the following description.
A certification application may generate certification documents associated with components of a service. A server 102 may provide services. A service may include variety of applications including web services, reporting services, financial services, and similar ones. Consumers may demand compliance certification documents associated with provided services such as storage policy certification, security policy certification, and similar ones. As such, a scheme may be in demand to provide certification documents associated with the services of server 102.
A server 104 executing a certification application may generate a certification document 114 associated with a component of a service provided by server 102. The certification application may generate the certification document 114 associated with the component. Component information 112 retrieved from the server 102 may provide data associated with the service. The component information 112 may be processed and inserted into a template to generate the certification document 114. Alternatively, the certification application may also generate a certification document 114 associated with a network infrastructure or a personnel associated with a service.
The certification document 114 may be transmitted, to client devices 106, 108, and 110 consuming the service from server 102. The certification document 114 may also be printed into a hard copy such as a paper printout, an identification card, and similar ones. The certification document 114 may be used to validate the service associated with the certification document 114 or establish a trust based communication between the service and a consumer. A certification document 114 may be generated for each service offered by the server 102. The client devices 106, 108, and 110 may include a server, a desktop computer, a tablet computer, a notebook computer, a smartphone, and similar ones.
While the example system in
A data store 212 associated with the certification application may store component information associated with the service 202. The component information may include information associated with components of the service 202 reflecting a status of the service 202. The component information may include component security data 204 and component metadata 206. The component metadata 206 may include descriptive information about the service including a name, a description, input parameters, output parameters, and similar ones. The component security data 204 may include security implementation information associated with security rules executed by the service. The service 202 may have multiple components and each component may have component security data 204 and component metadata 206 associated with the service 202.
The data store 212 may be subscribed to the service to update the component security data 204 and component metadata 206 in response to changes associated with the service. In an example scenario, if the service 202 updates its encryption method the data store may receive component information associated with the update and store the component information in the component security data 204. In another example scenario, if the service 202 changes its name, the data store may receive a component information from the service 202 and update the component metadata 206 to reflect the change. Alternatively, the certification application may periodically query the service 202 to retrieve changes to the service 202 and submit the changes to the data store to update the component metadata 206 and the component security data 204. Update frequency may be on a predetermined schedule an automatically adjusted schedule, and an event based action to meet service and certification application parameters and limitations (e.g. available network bandwidth). The event based action may be determined based on a push scenario where execution or detection of a change may generate an event to induce the certification application to submit the change to the data store to update the component metadata 206 and the component security data 204.
The transformation module 208 may retrieve the component information from data store 212. The transformation module 208 may process the component information to insert the component information into a certification template. The transformation module 208 may select a certification template from multiple available templates based on matching attributes between the component information and the selected certification template. In an example scenario, the transformation template may select a we certification template in response to detecting web services related information within the component metadata 206 of the component information associated with the service 202. The processed component information may be inserted into the selected certification template to generate the certification document 214. The certification document 214 may be transmitted to a risk analysis entity and/or a consumer of the service 202 to provide compliance information associated with the service to the consumer. The certification document 214 may be used to establish a trusted subscription, encrypted communications, and similar ones between the consumer and the service 202.
As shown in the diagram 300, a transformation module 308 may retrieve component information from data store 312 to generate a certification document 314 based on the component information. The component information may reflect a present status of a service. The transformation module 308 may compare risk, analysis data 302 to the component information to verify a status of the service. The risk analysis data 302 may include a subset of component information retrieved externally to verify data associated with the service. The risk analysis data 302 may be determined from any source that estimates a risk to the security of the service such as audits, third party reviews, automated testing, and similar ones. In addition, the transformation module 308 may query the service directly or query a risk analysis provider to retrieve the risk analysis data 302. The risk analysis data 302 may include top level metadata associated with the service. The top level metadata may include component identifiers and status associated with the service.
The transformation module may validate the component information with the risk analysis data 302. In response to determining a discrepancy, the component information may be updated with the risk analysis data 302 and the component information may be transmitted back to the data store 312 for storage. The risk analysis data 302 may also be used to change a level of detail of the component information to be inserted into the certification template 310. Level of detail may be determined based on attributes of the top level metadata stored in the risk analysis data 302. Number of footnotes in the certification document may also be determined based on the risk analysis data 302. In addition, the transformation module may also determine a placement of a portion of content of the component information within a body of the certification document 314 and another portion of the content in appendices of the certification document 314 based on the risk analysis data 302.
In addition, the transformation module 308 may utilize phraseology data 304 to transform the component information to parameters associated with a language sorting of a consumer. The phraseology data 304 may be used to translate the component information to a coherent sentence structure of the language parameter associated with the consumer. The translated component information may be inserted into the certification template 310 associated with the language parameter of the consumer. Furthermore, the certification template 310 may be selected based on the language parameter of the consumer to provide a translated certification document 314.
Moreover, the phraseology data 304 may be used to process the component information to a technical detail to match a technical detail setting provided by the consumer. The technical detail may also be associated with the certification template. The phraseology data 304 may be used to transform the component information to a technical detail to match a technical detail setting of the certification template 310. In an example scenario, the transformation module 308 may transform the component information to a graph to present a status of the service in a visual format. Furthermore, the phraseology data 304 may be retrieved from a local resource or from a trusted external resource providing phraseology services associated with the consumer of the service.
According to some embodiments, localization data 306 may be used to translate the component information to match a localization setting of the consumer. The localization data may be retrieved from a local resource or a trusted external resource. The localization setting may be determined based on a location of the consumer. Alternatively, the localization setting may be a consumer provided setting.
The localization data 306 may include metric parameters to convert metrics and measurements within the component information to match the localization setting of the consumer. The converted metrics and measurements may be inserted into the certification template 310 to generate the certification document 314. The certification document 314 may be formatted based on a headnote parameter, a footnote parameter, and/or an appendix parameter retrieved from the localization data matching the localization setting of the consumer.
The example scenarios and schemas in
Client applications executed on any of the client devices 411-413 may facilitate communications via application(s) executed by servers 414, or on individual server 416. A certification application may automatically generate certification documents for the client devices 411-413. The certification application may retrieve a component information associated with a status of a service from a data store maintaining the component information. The component information may be transformed and inserted into a certification template to generate a certification document associated with the service. The certification application may store the updates or additional data associated with the component information in data store(s) 419 directly or through database server 418.
Network(s) 410 may comprise any topology of servers, clients, Internet service providers, and communication media. A system according to embodiments may have a static or dynamic topology. Network(s) 410 may include secure networks sub as an enterprise network, an unsecure network such as a wireless open network, or the Internet. Network(s) 410 may also coordinate communication over other networks such as Public Switched Telephone Network (PSTN) or cellular networks. Furthermore, network(s) 410 may include short range wireless networks such as Bluetooth or similar ones. Network(s) 410 provide communication between the nodes described herein. By way of example, and not limitation, network(s) 410 may include wireless media such as acoustic, RF, infrared and other wireless media.
Many other configurations of computing devices, applications, data sources, and data distribution systems may be employed to generate automatically a certification document. Furthermore, the networked environments discussed in
The certification application 522 may automatically generate certification documentation. The certification application 522 may retrieve a component information associated with a service from a data store. The component information may include status information associated with components of the service. The component information ma be transformed for insertion into a certification template by the transformation module 524. The certification template may be selected automatically based on matching attributes between a certification template and the component information. Alternatively, a consumer of the service may provide attributes to the certification application matching a certification template. The transformation module 524 may generate the certification by inserting the component information into the template. This basic configuration is illustrated in
Computing device 500 may have additional features or functionality. For example, the computing device 500 may also include additional data storage devices (removable and/or non-removable) such as, for example, magnetic disks, optical disks, or tape. Such additional storage is illustrated in
Computing device 500 may also contain communication connections 516 that allow the device to communicate with other devices 518, such as over a wired or wireless network in a distributed computing environment, a satellite link, a cellular link, a short range network, and comparable mechanisms. Other devices 518 may include computer device(s) that execute communication applications, web servers, and comparable devices. Communication connection(s) 516 is one example of communication media, Communication media can include therein computer readable instructions, data structures, program modules, or other data. By way of example, and not limitation, communication media includes wired media such as a wired network or direct-wired connection, and wireless media such as acoustic, RF, infrared and other wireless media.
Example embodiments also include methods. These methods can be implemented in any number of ways, including the structures described in this document. One such way is by machine operations, of devices of the type described in this document.
Another optional way is for one or more of the individual operations of the methods to be performed in conjunction with one or more human operators performing some. These human operators need not be collocated with each other, but each can be only with a machine that performs a portion of the program.
Process 600 begins with operation 610 retrieving a component information associated with a status of a service from a data store maintaining the component information. The component information may be retrieved in response to a consumer request to receive a certification document associated with the service. The component information may be transformed for insertion into a certification template at operation 620. The component information may be processed with risk analysis data, phraseology data, and localization data to transform the component information to match attributes associated with the certification template and/or the consumer. Next, a certification document may be generated based on the certification template by inserting the component information into the certification template at operation 630.
The operations included in process 600 are for illustration purposes. A certification application may be implemented by similar processes with fewer or additional steps, as well as in different order of operations using the principles described herein.
The above specification, examples and data provide a complete description of the manufacture and use of the composition of the embodiments. Although the subject matter has been described in language specific to structural features and/or methodological acts, it is to be understood that the subject matter defined in the appended claims is not necessarily limited to the specific features or acts described above. Rather, the specific features and acts described above are disclosed as example forms of implementing the claims and embodiments.
This application is a continuation filing under 35 U.S.C. § 120 of co-pending U.S. patent application Ser. No. 14/017,088 filed on Sep. 3, 2013, by the same inventors, commonly assigned herewith. The disclosure of the U.S. patent application is hereby incorporated by reference in its entirety.
| Number | Name | Date | Kind |
|---|---|---|---|
| 5692206 | Shirley et al. | Nov 1997 | A |
| 7240213 | Ritter | Jul 2007 | B1 |
| 7437764 | Sobel et al. | Oct 2008 | B1 |
| 7475151 | Delany et al. | Jan 2009 | B2 |
| 7527195 | Keithley et al. | May 2009 | B2 |
| 7543228 | Kelkar et al. | Jun 2009 | B2 |
| 7694191 | Bono et al. | Apr 2010 | B1 |
| 7747938 | Elkady | Jun 2010 | B2 |
| 7757167 | Kobashi et al. | Jul 2010 | B2 |
| 7870485 | Seliutin et al. | Jan 2011 | B2 |
| 8037101 | Bargas et al. | Oct 2011 | B1 |
| 8234570 | Ananthanarayanan et al. | Jul 2012 | B2 |
| 8271949 | Bernardini et al. | Sep 2012 | B2 |
| 8707385 | Jain et al. | Apr 2014 | B2 |
| 20020042687 | Tracy et al. | Apr 2002 | A1 |
| 20020199122 | Davis | Dec 2002 | A1 |
| 20040006704 | Dahlstrom et al. | Jan 2004 | A1 |
| 20040102923 | Tracy et al. | May 2004 | A1 |
| 20040250062 | Douglas | Dec 2004 | A1 |
| 20050010819 | Williams et al. | Jan 2005 | A1 |
| 20050091067 | Johnson | Apr 2005 | A1 |
| 20050228688 | Visser et al. | Oct 2005 | A1 |
| 20050257267 | Williams et al. | Nov 2005 | A1 |
| 20060004814 | Lawrence | Jan 2006 | A1 |
| 20060010049 | Sunde | Jan 2006 | A1 |
| 20060015934 | Wool | Jan 2006 | A1 |
| 20060021054 | Costa | Jan 2006 | A1 |
| 20060059026 | King et al. | Mar 2006 | A1 |
| 20060075219 | Callaghan et al. | Apr 2006 | A1 |
| 20060090206 | Ladner et al. | Apr 2006 | A1 |
| 20060101517 | Banzhof et al. | May 2006 | A1 |
| 20060233114 | Alam et al. | Oct 2006 | A1 |
| 20070101432 | Carpenter | May 2007 | A1 |
| 20070124797 | Gupta et al. | May 2007 | A1 |
| 20080177799 | Wilson | Jul 2008 | A1 |
| 20080183459 | Simonsen et al. | Jul 2008 | A1 |
| 20080189788 | Bahl | Aug 2008 | A1 |
| 20080270316 | Guidotti et al. | Oct 2008 | A1 |
| 20090007264 | Chatterjee et al. | Jan 2009 | A1 |
| 20090187963 | Bori | Jul 2009 | A1 |
| 20090205011 | Jain et al. | Aug 2009 | A1 |
| 20090205012 | Jain et al. | Aug 2009 | A1 |
| 20090276695 | Hodges et al. | Nov 2009 | A1 |
| 20100223541 | Clee et al. | Sep 2010 | A1 |
| 20100293617 | Wool | Nov 2010 | A1 |
| 20110112974 | Hinton et al. | May 2011 | A1 |
| 20110179477 | Starnes et al. | Jul 2011 | A1 |
| 20110212717 | Rhoads et al. | Sep 2011 | A1 |
| 20110264438 | Chiu et al. | Oct 2011 | A1 |
| 20120117608 | Metke et al. | May 2012 | A1 |
| 20130055394 | Beresnevichiene et al. | Feb 2013 | A1 |
| 20130067581 | Venketeshwar | Mar 2013 | A1 |
| 20130073704 | Whitlock et al. | Mar 2013 | A1 |
| 20130198799 | Staggs et al. | Aug 2013 | A1 |
| 20130198848 | Wolff | Aug 2013 | A1 |
| 20130205364 | Kiehtreiber et al. | Aug 2013 | A1 |
| 20130227636 | Bettini et al. | Aug 2013 | A1 |
| 20130298192 | Kumar | Nov 2013 | A1 |
| 20130298244 | Kumar et al. | Nov 2013 | A1 |
| 20140109176 | Barton et al. | Apr 2014 | A1 |
| 20140195445 | Abuelsaad et al. | Jul 2014 | A1 |
| 20140337528 | Barton et al. | Nov 2014 | A1 |
| 20140351939 | Moore et al. | Nov 2014 | A1 |
| Number | Date | Country |
|---|---|---|
| 1756193 | Apr 2006 | CN |
| 101313298 | Nov 2008 | CN |
| 102281300 | Dec 2011 | CN |
| 102792632 | Nov 2012 | CN |
| 2005322123 | Nov 2005 | JP |
| 2011133815 | May 2013 | RU |
| 2494455 | Sep 2013 | RU |
| 2002015032 | Feb 2002 | WO |
| Entry |
|---|
| “Final Office Action Issued in U.S. Appl. No. 14/037,368”, dated Mar. 2, 2016, 36 Pages. |
| “First Office Action Issued in Chinese Patent Application No. 201480048624.9”, dated Nov. 16, 2017, 14 Pages. |
| “Office Action Issued in Chile Patent Application No. 480-2016”, dated Nov. 29, 2017, 7 Pages. |
| “International Preliminary Report on Patentability Issued in PCT Application No. PCT/US2014/056706”, dated Dec. 11, 2015, 7 Pages. |
| “Office Action Issued in Colombian Application No. 1652279”, dated Mar. 31, 2016, 4 Pages. (w/o English Translation). |
| “International Preliminary Report on Patentability Issued in PCT Application No. PCT/US2014/053317”, dated Dec. 10, 2015, 7 Pages. |
| Office Action received for U.S. Appl. No. 14/035,760, dated May 27, 2015 and filed on Sep. 24, 2013. |
| Notice of Allowance received for U.S. Appl. No. 14/017,088, dated May 13, 2015 and filed on Sep. 3, 2013. |
| “International Search Report and Written Opinion Issued in PCT Application No. PCT/US2014/056706”, dated Feb. 2, 2015, 11 Pages. |
| King, et al., “Towards Self-Testing in Autonomic Computing Systems”, In Eighth International Symposium on Autonomous Decentralized Systems, Mar. 21, 2007, 8 pages. |
| Ghosh, et al., “Self-healing Systems—Survey and Synthesis”, In Journal of Decision Support Systems, vol. 42, Issue 4, Aug. 17, 2006, 22 pages. |
| Jiang, et al., “A Modeling Framework for Self-Healing Software Systems”, In Workshop “Models@ Run. Time” at the 10th International Conference on Model Driven Engineering Languages and Systems, Sep. 2007, 9 pages. |
| Saha, Goutam Kumar, “Software—Implemented Self-healing System”, In CLEI Electronic Journal, vol. 10, Issue 2, Paper 5, Dec. 2007, 6 pages. |
| Gorla, et al., “Achieving Cost-Effective Software Reliability through Self-Healing”, In Journal of Computing and Informatics, vol. 2, Feb. 2010, 22 pages. |
| Keromytis, Angelos D., “The Case for Self-Healing Software”, Published on: Aug. 24, 2007, Available at: http://www.cs.columbia.edu/-angelos/Papers/2007/self-heal.pdf. |
| Office Action received for U.S. Appl. No. 14/037,368, dated Jan. 5, 2015 and filed on Sep. 26, 2013. |
| “International Search Report and Written Opinion issued for PCT Application No. PCT/US2014/053317”, dated Nov. 21, 2014, 9 Pages. |
| “E-Document Shift”, Published on: Sep. 8, 2011, Available at: http://www.intelledox.com/Products/Business—Needs/eDocument-Shift.aspx. |
| “Symantec™ Control Compliance Suite”, Published on: Sep. 16, 2008, Available at: http://eval.symantec.com/mktg info/enterprise/fact_s heets/b-datasheet_ control_ compliance_s uite_ 9.0-06 11_2008.en-us.pdf. |
| Kharbili, et al., “Towards a Framework for Semantic Business Process Compliance Management”, In Proceedings of the Workshop on Governance, Risk and Compliance for Information Systems, Jun. 17, 2008, 15 pages. |
| “IT Governance, Risk Management and Compliance”, Retrieved on: Jul. 30, 2013, Available at: http://www.tecnocomputacion.com/images/pdf/modulo-riskmanager-overview.pdf. |
| “Compliance Auditor Software Features”, Retrieved on: Jul. 30, 2013, Available at: http://www.avatie r. com/products/identity-manage me nU a ccess-governa nee/comp l ia nce-aud ito r/featu res/. |
| “International Search Report and Written Opinion Issued in PCT Patent Application No. PCT/US2014/056425”, dated Dec. 3, 2014, 7 Pages. |
| “Second Written Opinion Issued in PCT Application No. PCT/US2014/053317”, dated Sep. 10, 2015, 7 Pages. |
| “Non-Final Office Action Issued in U.S. Appl. No. 14/017,088”, dated Feb. 3, 2015, 21 Pages. |
| “Final Office Action Issued in U.S. Appl. No. 14/037,368”, dated Sep. 1, 2015, 34 Pages. |
| “Final Office Action Issued in U.S. Appl. No. 14/037,368”, dated Jun. 12, 2015, 36 Pages. |
| “International Preliminary Report on Patentability Issued in PCT Patent Application No. PCT/US2014/053317”, dated Dec. 10, 2015, 8 Pages. |
| “International Preliminary Report on Patentability Issued in PCT Application No. PCT/US2014/056425”, dated Dec. 23, 2015, 6 Pages. |
| “Second Written Opinion Issued in PCT Application No. PCT/US2014/056425”, dated Sep. 8, 2015, 5 Pages. |
| “Second Written Opinion Issued in PCT Application No. PCT/US2014/056706”, dated Sep. 16, 2015, 6 Pages. |
| “Office Action Issued in Japanese Patent Application No. 2016-540289”, dated Jan. 18, 2018, 7 Pages. |
| “Office Action Issued in Colombian Patent Application No. 201480066425.0”, dated Jan. 16, 2018, 11 Pages. (W/o English Translation). |
| “Office Action Issued in Russian Patent Application No. 2016107545”, dated Mar. 21, 2018, 6 Pages. (W/o English Translation). |
| Number | Date | Country | |
|---|---|---|---|
| 20150339286 A1 | Nov 2015 | US |
| Number | Date | Country | |
|---|---|---|---|
| Parent | 14017088 | Sep 2013 | US |
| Child | 14820465 | US |
