Patent Application
20080126285
A portion of the disclosure of this patent document contains or references material which may be subject to copyright protection. The copyright owner has no objection to the facsimile reproduction by any one of the patent document or the patent disclosure, as it appears in the Patent and Trademark Office patent file or records, but otherwise reserves all copyright or mask work rights whatsoever.
This application relates to software provisioning, more particularly automatic software provisioning.
Because enterprise software systems are used by many different corporate users for many different purposes, they usually provide some level of software provisioning. A software provisioning system allows different users to access different features of a software system. There are two distinct elements in a software provisioning system: a method to determine whether a user should have access to a particular software feature and a mechanism which allows the user to access that software feature.
Different types of provisioning methods are commonly used. Those based on an “access control list” model or on a “roles and permissions” model are common. Different types of provisioning mechanisms are also common. The mechanism used typically depends on the nature of the software systems involved. For example, in a corporate network, provisioned software programs might be physically downloaded to and installed on a user's desktop computer. In a client-server environment, provisioning data might be returned to the client during the initialization process so that only the provisioned client modules will be displayed to the user. In a web application, the web pages returned to the user might only provide access to the individual product functions provisioned for that user.
Regardless of the method being used, software provisioning is predominantly managed by system administrators. Furthermore, the software provisioning process is typically based on a model in which an administrator creates certain rules to define access to software features. Most systems allow “static” rules to be created, in which case access is granted to specific users, or to predefined groups of users. Some systems also allow “dynamic” rules to be created, in which case access is granted to any users and/or groups for which an attribute or characteristic matches a defined value. In either case, these software systems typically use a corporate directory to store the user and group definitions used for provisioning.
Administration of software provisioning in existing systems, therefore, involves not only managing the rules that define access to software features, but it also involves some additional management of the corporate directory. As software systems become more complex, and as more systems are integrated with the corporate directory, an increasing amount of data must be stored in the corporate directory to support provisioning. At the same time, corporations are requiring increased levels of security for their corporate directories, which translates to additional constraints on the data that may be stored there and on access to that data. So, while software systems are increasingly dependent upon storing and accessing provisioning data in the corporate directory, their ability to store and access this data is being further constrained. This paradoxical situation can make the administration of software provisioning for existing systems quite difficult.
Furthermore, while there are many types of software features for which the existing provisioning methods are quite adequate, there are other types of software features for which the existing methods are not adequate. For example, in an existing enterprise portal, users might only be granted access to the accounting module if they are a member of the “Accountants” group in the corporate directory. The same system might allow users to access the Benefits module only after they have completed a benefits training course. This training requirement might currently be handled by adding a new group called “Trained Benefits Users” to the corporate directory. After users complete the benefits training, they are added to this group. In the best case scenario, a user will be automatically added to this group immediately after completion of the training. A more likely scenario is that they will be added to the group sometime after completion of the training. The delay in adding users to the group may be because a periodic task is handling the update to the corporate directory, or it may be because a system administrator is required to manually update the corporate directory based on training completion data. In the worst case scenario, corporate policies would forbid the addition of the new group to the corporate directory, and the software provisioning would have to be achieved by creating an individual access rule for each user who completes the training.
It follows that certain types of software provisioning would benefit from a method that does not rely upon storing data in the corporate directory or upon a manual processor.
According to exemplary embodiments, a method, computer program product, and system are provided for automatically provisioning software for a user by determining whether the user should be granted access to the software based upon the user's competency and learning history. Provisioning rules are obtained, the provisioning rules defining target objects and threshold criteria for competency and learning history. Information indicative of the user's competency level and learning history are obtained using the target objects, and the threshold criteria defined by the provisioning rules is compared with the information indicative of the user's competency level and learning history. If the information indicative of the user's learning history and competency level meets the threshold criteria defined in the provisioning rules for competency and learning history, the user is provided with access to the software.
Additional features and advantages are realized through the techniques of the present invention. Other embodiments and aspects of the invention are described in detail herein and are considered a part of the claimed invention. For a better understanding of the invention with advantages and features, refer to the description and to the drawings.
The subject matter which is regarded as the invention is particularly pointed out and distinctly claimed in the claims at the conclusion of the specification. The foregoing and other objects, features, and advantages of the invention are apparent from the following detailed description taken in conjunction with the accompanying drawings in which:
The detailed description explains exemplary embodiments of the invention, together with advantages and features, by way of example with reference to the drawings.
According to exemplary embodiments, the software provisioning technique described herein may be used instead of, or in addition to, current provisioning methods. When the provisioning of a software feature is logically based upon a user's competency level or upon some attribute of the user's learning history, the software provisioning technique described herein provides a distinct advantage over current provisioning models. Specifically, it allows the software system to handle the provisioning of a software feature automatically, without requiring the addition of a group to the corporate directory or any kind of manual administration process when a user's competency level or learning history is updated. For the purposes of this disclosure, a “software feature” could be an entire application, an entire module within an application, or an individual function within a module. The use of this new provisioning technique does require that a software system has access to the competency data and/or learning history data for the users of the system.
According to an exemplary embodiment, a software system creates provisioning rules that are based on a user's competency level and/or some attribute of a user's learning history. These provisioning rules may be created and managed by the software application being provisioned, although they may also be managed by a dedicated provisioning server. The competency level data and learning history data used may take many forms. For example, competency level data may be in a form described in detail in HR-XML Competencies Specification, version 2004-08-02, available at http://ns.hr-xml.org/2 4/. Learning history data may take the form described in the SCORM 2004 Specification, 3rd Edition, available at http://www.adlnet.gov/downloads/290.cfm.
According to an exemplary embodiment, Learning History data may be maintained by a Learning Management System (see
For example, after receiving a unit of instruction, the Learning Management System might contain Activity Progress information that indicates that the learner completed the Learning Activity in four minutes and thirty seconds. The system might also contain Objective Progress information which indicates that the learner passed the Learning Activity with a score of 92%.
Competency data may be maintained by a Skills Management System, a Human Capital Management System, or a Human Resources System (shown in
For example, the system might contain a Competency Definition for “Accounting”. A particular user's Competency collection for Accounting might contain three items of Competency Evidence information. The first item might indicate that the user has a skill level of 11 in Forensic Accounting, on a scale of 0 to 15. The second item might indicate that the user received a rating of 4 on the National Accounting Standards examination, where the rating scale was −5 to 5. The third item might indicate that the user has an interest level of 75 in the area of Tax Accounting, on a scale of 0 to 100.
In order to use the previously described information for software provisioning, a Provisioning Rule is created (see 310, 410 in
For Provisioning Rules 310 based on Learning History data, the target object is either a Learning Progress object 330 or a Learning Objective object 340, and the threshold criteria is a Learning Threshold object 340 as shown in
For Provisioning Rules 410 based on Competency Level data, the target object is a Competency Definition object 430, and the threshold criteria is a Competency Evidence object 440 as shown in
When the software system needs to determine whether a user should be granted access to a given Software Feature, it looks to see whether there are any Provisioning Rules defined for that feature. For each of these Provisioning Rules, the system compares the user's targeted Competency Level or Learning History data to the threshold value defined in the Provisioning Rule. If the user's data meets the defined threshold criteria for any of the Provisioning Rules, the user is granted access to the given Software Feature.
According to an exemplary embodiment, a method, computer program product, and system are provided for software provisioning that rely on a user's competency level and/or learning history. As shown in
As described above, embodiments can be embodied in the form of computer-implemented processes and apparatuses for practicing those processes. In exemplary embodiments, the invention is embodied in computer program code executed by one or more network elements. Embodiments include computer program code containing instructions embodied in tangible media, such as floppy diskettes, CD-ROMs, hard drives, or any other computer-readable storage medium, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention. Embodiments include computer program code, for example, whether stored in a storage medium, loaded into and/or executed by a computer, or transmitted over some transmission medium, such as over electrical wiring or cabling, through fiber optics, or via electromagnetic radiation, wherein, when the computer program code is loaded into and executed by a computer, the computer becomes an apparatus for practicing the invention. When implemented on a general-purpose microprocessor, the computer program code segments configure the microprocessor to create specific logic circuits.
While the invention has been described with reference to exemplary embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted for elements thereof without departing from the scope of the invention. In addition, many modifications may be made to adapt a particular situation or material to the teachings of the invention without departing from the essential scope thereof. Therefore, it is intended that the invention not be limited to the particular embodiment disclosed as the best mode contemplated for carrying out this invention, but that the invention will include all embodiments falling within the scope of the appended claims. Moreover, the use of the terms first, second, etc. do not denote any order or importance, but rather the terms first, second, etc. are used to destinguish one element from another. Furthermore, the use of the terms a, an, etc. do not denote a limitation of quantity, but rather denote the presence of at least one of the referenced item.
