This application is related to the following pending patent application which assigned to the assignee of the present application: System and Method for Compliance Based Automation, filed in the U.S. Patent Office on Jan. 6, 2016, and assigned application Ser. No. 14/988,877.
This disclosure relates generally to the field of data processing systems and more particularly to robotic process automation systems.
Robotic process automation (RPA) is the application of technology that allows workers in an organization to configure a computer software or a “robot” to capture and interpret existing applications for processing a transaction, manipulating data, triggering responses and communicating with other digital systems. Conventional RPA systems employ software robots to interpret the user interface of third party applications and to execute steps identically to a human user. In certain environments, the robots will encounter information that needs to be protected for various reasons such as confidentiality considerations or privacy or other legal or regulatory requirements. In such environments, care must be taken to ensure that administrators and users, such as creators and operators of the robots have the appropriate credentials to access the protected information. As the number of tasks performed increases and the different types of tasks increases it becomes increasingly difficult to manage access to the protected information, and the consequences of failing to adequately protect the protected information continues to grow. Accordingly, there is a need for improved automation and management of access controls in RPA systems.
A robotic process automation system with improved security in the form of a credential vault includes data storage for storing a plurality of credentials for bots to login and access software applications. The data storage also stores credentials in encrypted form where the credentials are not associated with any of the plurality of bots. The credentials include standard credentials and user specific credentials. A processor is operatively coupled to the data storage and is configured to execute instructions that when executed cause the processor to provide to a privileged user a control console. The instructions implement a standard credential generator that is operable by a privileged user by way of the control console, to generate a set of standard credentials associated and useable by any authorized user. The instructions also implement a user specific credential generator, operable by the privileged user by way of the control console, to generate a user specific credential template useable by a user to enter credentials specific to the user. The instructions also implement a configurable locker that is stored in encrypted form in the data storage and that is operable by the privileged user and the user, to associate a set of users as a group and to provide selected standard credentials to the group via a locker. A bot deployed by a user of the group obtains standard credentials assigned to the group and user specific credentials of the user that executes the bot.
Additional aspects related to the invention will be set forth in part in the description which follows, and in part will be apparent to those skilled in the art from the description or may be learned by practice of the invention. Aspects of the invention may be realized and attained by means of the elements and combinations of various elements and aspects particularly pointed out in the following detailed description and the appended claims.
It is to be understood that both the foregoing and the following descriptions are exemplary and explanatory only and are not intended to limit the claimed invention or application thereof in any manner whatsoever.
The accompanying drawings, which are incorporated in and constitute a part of this specification exemplify the embodiments of the present invention and, together with the description, serve to explain and illustrate principles of the inventive techniques disclosed herein. Specifically:
In the following detailed description, reference will be made to the accompanying drawings, in which identical functional elements are designated with like numerals. The aforementioned accompanying drawings show by way of illustration, and not by way of limitation, specific embodiments and implementations consistent with principles of the present invention. These implementations are described in sufficient detail to enable those skilled in the art to practice the invention and it is to be understood that other implementations may be utilized and that structural changes and/or substitutions of various elements may be made without departing from the scope and spirit of present invention. The following detailed description is, therefore, not to be construed in a limited sense.
The centralized credential vault (CV) disclosed herein operates to securely store all credentials and provision them to bots on an on-demand basis. The CV preferably implements NIST controls IA-2 to uniquely identify and authenticate organizational users (or processes acting on behalf of organizational users). Since sensitive credentials need not be stored in bots or on bot runner systems, the CV facilitates a logical separation of credentials from the bots. CV variables are created from a control room and are instantly available to all the bot creators and bot runners registered with the respective CR. The CV adds flexibility and dynamic character to bots since only the credential references are present in the bots and not the credentials. When bots are moved from one environment to another environment, absolutely no change is needed in bots. Bots can seamlessly pick up the credentials values applicable for the new environment from the CR of that environment. Additionally, the CR automatically stores configuration related sensitive data into the CV by default.
Bot runner 110 takes the form of a player that executes, via a computing device, a bot to perform the functions encoded by the bot. Additional aspects of operation of bots may be found in the following pending patent application, which refers to bots as automation profiles, System and Method for Compliance Based Automation, filed in the U.S. Patent Office on Jan. 6, 2016, and assigned application Ser. No. 14/988,877, which is hereby incorporated by reference.
The CV 101 stores credentials 112 that are created by way of CR 104 and used across bot creators 108 and bot runners 110. To further facilitate access control, credentials 112 are further divided in logical groups called lockers, seen at 114. Lockers 114 enable complete separation between the credentials of one department in an organization from another's. For example, users in the finance department of an organization will be able to see credentials in the finance locker, but not in the accounting or HR department lockers.
The credentials 112 are created and managed through a CR 104 user interface. The credentials 112 are advantageously encrypted via an encryption engine 116 (such as to AES-256 bits format) to conform to NIST SC-28 to prevent unauthorized access or disclosure of credentials. Consequently, only encrypted credentials 112 travel from the CR 104 to the database 118 and are stored in the database 118 in encrypted from. In certain embodiments, the data encryption key encrypts all credentials using AES 256-bit key using a FIPS 140-2 Level 1 validated algorithm to meet the NIST IA-7, SC-12 and 13 requirements for implementation of mechanisms for authentication to a cryptographic module that meet the requirements of applicable federal laws.
Role based access control in the system 10 permits fine grained access control to permit differentiation between credential management and consumption. A creator of a locker 114 is the owner of the locker and the owner can invite others to publish credentials 112 into a designated locker 114. A consumer of a credential 112, such as a bot 108 or 110 or a person needs to have the right role to the locker.
Bot creators 108 and bot runners 110 do not store credentials locally. Instead, credentials are advantageously only provisioned during execution of bot creators 108 and bot runners 110. When the credentials are requested by bot runners 110, encoded credentials are provided by the CR 104 to the applicable bot runner 110 over a secure (e.g. HTTPS) protocol. Once credentials usage is over, the credentials are encrypted (eg. to AES-256 bits encryption). Advantageously, encrypted credentials stay in system memory. This ensures that memory mapping tools cannot hack the credentials from system memory. When the bots 108, 110 finish execution, credentials are erased from the memory.
The credential vault 101 permits all sensitive data to be stored in encrypted form. Along with the credentials created from the CR 104, the following data may also be encrypted and securely stored in the CV 101: user credentials for auto-login to bot runners 110, connectivity details for a version control system, connectivity details of an SMTP server. Passwords entered in the application or any other sensitive information are not stored on the client machine, rather they are encrypted and stored into the CV 101 using for example a SHA256 algorithm after salting.
A locker 114 has associated there with one more privileges and as seen in the table of
To meet NIST IA-5 PKI-based authentication requirements, the CR 104 employs a deliberate methodology to manage the content of PKI. The CV 101 gets automatically locked every time the CR 104 service is down. When the CR service 104 is started again, the CV 101 must be unlocked through a combination of the public and private keys. This ensures that there is no single point of failure, even if someone hacks into database 118 and gets access to the public key, credential security is not compromised since the private key is stored externally.
As may be appreciated from the above, granting a user rights to enter credentials causes a notification to be sent to the user to enter their credentials. Also, user login to the system automatically causes retrieval of their credentials. Moreover, if a user role doesn't have access to a set of bot runners 110 the user will never see those bot runners. Moreover, administration roles can be further segmented for separation of administrative tasks.
As seen, from the foregoing description, the CV 101 and CR 104 together provide a number of advantageous features. Segregation of duties is achieved with fine grained RBAC, on credential management and consumption. The fine grained nature is by role, so if you create a credential locker you are the owner and you can then invite others to publish credentials into your locker, and to consume locker you need to have the right role. To publish to locker you need to be an owner or participant and for consumption the role has to be consistent with that required by the appropriate locker. For instance, a user may be granted privileges to execute bots on bot runners 110 but have no access to the bot creators 108.
Computing system 500 may have additional features such as for example, storage 510, one or more input devices 514, one or more output devices 512, and one or more communication connections 516. An interconnection mechanism (not shown) such as a bus, controller, or network interconnects the components of the computing system 500. Typically, operating system software (not shown) provides an operating system for other software executing in the computing system 500, and coordinates activities of the components of the computing system 500.
The tangible storage 510 may be removable or non-removable, and includes magnetic disks, magnetic tapes or cassettes, CD-ROMs, DVDs, or any other medium which can be used to store information in a non-transitory way and which can be accessed within the computing system 500. The storage 510 stores instructions for the software implementing one or more innovations described herein.
The input device(s) 514 may be a touch input device such as a keyboard, mouse, pen, or trackball, a voice input device, a scanning device, or another device that provides input to the computing system 500. For video encoding, the input device(s) 514 may be a camera, video card, TV tuner card, or similar device that accepts video input in analog or digital form, or a CD-ROM or CD-RW that reads video samples into the computing system 500. The output device(s) 512 may be a display, printer, speaker, CD-writer, or another device that provides output from the computing system 500.
The communication connection(s) 516 enable communication over a communication medium to another computing entity. The communication medium conveys information such as computer-executable instructions, audio or video input or output, or other data in a modulated data signal. A modulated data signal is a signal that has one or more of its characteristics set or changed in such a manner as to encode information in the signal. By way of example, and not limitation, communication media can use an electrical, optical, RF, or other carrier.
The innovations can be described in the general context of computer-executable instructions, such as those included in program modules, being executed in a computing system on a target real or virtual processor. Generally, program modules include routines, programs, libraries, objects, classes, components, data structures, etc. that perform particular tasks or implement particular abstract data types. The functionality of the program modules may be combined or split between program modules as desired in various embodiments. Computer-executable instructions for program modules may be executed within a local or distributed computing system.
The terms “system” and “computing device” are used interchangeably herein. Unless the context clearly indicates otherwise, neither term implies any limitation on a type of computing system or computing device. In general, a computing system or computing device can be local or distributed, and can include any combination of special-purpose hardware and/or general-purpose hardware with software implementing the functionality described herein.
While the invention has been described in connection with a preferred embodiment, it is not intended to limit the scope of the invention to the particular form set forth, but on the contrary, it is intended to cover such alternatives, modifications, and equivalents as may be within the spirit and scope of the invention as defined by the appended claims.
Number | Name | Date | Kind |
---|---|---|---|
5560008 | Johnson | Sep 1996 | A |
5604490 | Blakley, III | Feb 1997 | A |
5757920 | Misra | May 1998 | A |
5764890 | Glasser | Jun 1998 | A |
5768504 | Kells | Jun 1998 | A |
5774551 | Wu | Jun 1998 | A |
5949999 | Song | Sep 1999 | A |
5983001 | Boughner | Nov 1999 | A |
6133917 | Feigner | Oct 2000 | A |
6144959 | Anderson | Nov 2000 | A |
6389592 | Ayres | May 2002 | B1 |
6427234 | Chambers | Jul 2002 | B1 |
6473794 | Guheen | Oct 2002 | B1 |
6496979 | Chen | Dec 2002 | B1 |
6640244 | Bowman-Amuah | Oct 2003 | B1 |
6704873 | Underwood | Mar 2004 | B1 |
6898764 | Kemp | May 2005 | B2 |
7091898 | Arling | Aug 2006 | B2 |
7246128 | Jordahl | Jul 2007 | B2 |
7441007 | Kirkpatrick | Oct 2008 | B1 |
7533096 | Rice | May 2009 | B2 |
7568109 | Powell, Jr. | Jul 2009 | B2 |
7765525 | Davidson | Jul 2010 | B1 |
7805317 | Khan | Sep 2010 | B2 |
7805710 | North | Sep 2010 | B2 |
7810070 | Nasuti | Oct 2010 | B2 |
7846023 | Evans | Dec 2010 | B2 |
8028269 | Bhatia | Sep 2011 | B2 |
8056092 | Allen | Nov 2011 | B2 |
8095910 | Nathan | Jan 2012 | B2 |
8132156 | Malcolm | Mar 2012 | B2 |
8234622 | Meijer | Jul 2012 | B2 |
8438558 | Adams | May 2013 | B1 |
8443291 | Ku | May 2013 | B2 |
8464240 | Fritsch | Jun 2013 | B2 |
8498473 | Chong | Jul 2013 | B2 |
8504803 | Shukla | Aug 2013 | B2 |
8682083 | Kumar | Mar 2014 | B2 |
8769482 | Batey | Jul 2014 | B2 |
8965905 | Ashmore | Feb 2015 | B2 |
9213625 | Schrage | Dec 2015 | B1 |
9278284 | Ruppert | Mar 2016 | B2 |
9444844 | Edery | Sep 2016 | B2 |
9462042 | Shukla | Oct 2016 | B2 |
20030033590 | Leherbauer | Feb 2003 | A1 |
20030101245 | Srinivasan | May 2003 | A1 |
20030159089 | DiJoseph | Aug 2003 | A1 |
20040083472 | Rao | Apr 2004 | A1 |
20040172526 | Tann | Sep 2004 | A1 |
20040210885 | Wang | Oct 2004 | A1 |
20040243994 | Nasu | Dec 2004 | A1 |
20050188357 | Derks | Aug 2005 | A1 |
20050204343 | Kisamore | Sep 2005 | A1 |
20050257214 | Moshir | Nov 2005 | A1 |
20060095276 | Axelrod | May 2006 | A1 |
20060150188 | Roman | Jul 2006 | A1 |
20070101291 | Forstall | May 2007 | A1 |
20070112574 | Greene | May 2007 | A1 |
20080005086 | Moore | Jan 2008 | A1 |
20080028392 | Chen | Jan 2008 | A1 |
20080209392 | Able | Aug 2008 | A1 |
20080222454 | Kelso | Sep 2008 | A1 |
20080263024 | Landschaft | Oct 2008 | A1 |
20090037509 | Parekh | Feb 2009 | A1 |
20090103769 | Milov | Apr 2009 | A1 |
20090172814 | Khosravi | Jul 2009 | A1 |
20090199160 | Vaitheeswaran | Aug 2009 | A1 |
20090217309 | Grechanik | Aug 2009 | A1 |
20090249297 | Doshi | Oct 2009 | A1 |
20090313229 | Fellenstein | Dec 2009 | A1 |
20090320002 | Peri-Glass | Dec 2009 | A1 |
20100023602 | Martone | Jan 2010 | A1 |
20100023933 | Bryant | Jan 2010 | A1 |
20100100605 | Allen | Apr 2010 | A1 |
20100235433 | Ansari | Sep 2010 | A1 |
20110022578 | Fotev | Jan 2011 | A1 |
20110145807 | Molinie | Jun 2011 | A1 |
20110197121 | Kletter | Aug 2011 | A1 |
20110276568 | Fotev | Nov 2011 | A1 |
20110276946 | Pletter | Nov 2011 | A1 |
20110296440 | Laurich | Dec 2011 | A1 |
20110302570 | Kurimilla | Dec 2011 | A1 |
20120042281 | Green | Feb 2012 | A1 |
20120124062 | Macbeth | May 2012 | A1 |
20120330940 | Caire | Dec 2012 | A1 |
20130151010 | Kubota | Jun 2013 | A1 |
20130173648 | Tan | Jul 2013 | A1 |
20130290318 | Shapira | Oct 2013 | A1 |
20140181705 | Hey | Jun 2014 | A1 |
20150082280 | Betak | Mar 2015 | A1 |
20150347284 | Hey | Dec 2015 | A1 |
20160019049 | Kakhandiki | Jan 2016 | A1 |
20160078368 | Kakhandiki | Mar 2016 | A1 |
20160094546 | Innes | Mar 2016 | A1 |
20170019386 | Ylonen | Jan 2017 | A1 |
20170291295 | Gupta | Oct 2017 | A1 |
20180375886 | Kirti | Dec 2018 | A1 |
Entry |
---|
B. P. Kasper “Remote: A Means of Remotely Controlling and Storing Data from a HAL Quadrupole Gas Analyzer Using an IBM-PC Compatible Computer”, Nov. 15, 1995, Space and Environment Technology Center. |
Zhifang et al., Test automation on mobile device, May 2010, 7 pages. |
Hu et al., Automating GUI testing for Android applications, May 2011, 7 pages. |
Tom Yeh, Tsung-Hsiang Chang, and Robert C. Miller, Sikuli: Using GUI Screenshots for Search and Automation, Oct. 4-7, 2009, 10 pages. |
Bergen et al., RPC automation: making legacy code relevant, May 2013, 6 pages. |