公开(公告)号：US12056250B2

公开(公告)日：2024-08-06

申请号：US17680858

申请日：2022-02-25

Applicant: SAP SE

Inventor： Benny Rolle

IPC: G06F21/62 ,  G06F21/60

CPC classification number: G06F21/62 ,  G06F21/604 ,  G06F21/6245

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes generating voting metrics and blocking metrics for a data privacy integration protocol. Responder group assignment rules are accessed that include voting responder group rules for automatically assigning applications to voting responder groups based on the voting metrics and blocking responder group rules for automatically assigning applications to blocking responder groups based on the blocking metrics. The voting responder group rules are evaluated to automatically generate assignments of different applications to different voting responder groups and the blocking responder group rules are evaluated to automatically generate assignments of different applications to different blocking responder groups. A request to initiate the data privacy integration protocol is received and the data privacy integration protocol is coordinated in response to the request using the voting responder groups and the blocking responder groups.

公开(公告)号：US20240193298A1

公开(公告)日：2024-06-13

申请号：US18077493

申请日：2022-12-08

Applicant: SAP SE

Inventor： Benny Rolle ,  Matthias Vogel

IPC: G06F21/62 ,  G06F9/54

CPC classification number: G06F21/6236 ,  G06F9/546

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrating data privacy integration protocols across system landscapes. One example method includes receiving, at a first tenant of a kernel service, a message from a first application in a first landscape. Data from the message is provided to a core component of the kernel service that communicates with multiple tenants of the kernel service. The core component stores data from the message in a core storage area accessible by multiple tenants of the kernel service. The first tenant performs, in the first landscape, a first processing of the message using data in the core storage area for which the first tenant is authorized. The core component initiates a second processing of the message by a second tenant of the kernel service in a second landscape using data in the core storage area for which the second tenant is authorized.

公开(公告)号：US11741237B2

公开(公告)日：2023-08-29

申请号：US16722564

申请日：2019-12-20

Applicant: SAP SE

Inventor： Florian Loch ,  Benny Rolle

IPC: G06F21/57 ,  G06F11/36 ,  G06F21/62

CPC classification number: G06F21/577 ,  G06F11/3636 ,  G06F11/3664 ,  G06F21/62

Abstract: Disclosed herein are system, method, and computer program product embodiments for conducting taint analysis on inputted data from a user to a process, where based on pre-defined rules, input data may be marked as tainted. In a passive mode, logging or deletion actions may be taken on the tainted data. In an active mode, the process may be interrupted and a user prompt may be displayed each time a taint point is reached.

公开(公告)号：US20230177194A1

公开(公告)日：2023-06-08

申请号：US17702013

申请日：2022-03-23

Applicant: SAP SE

Inventor： Benny Rolle ,  Ufuoma Ighoroje ,  Matthias Vogel

IPC: G06F21/62 ,  G06F16/903

CPC classification number: G06F21/6218 ,  G06F16/90335

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes determining to initiate an integrated end of purpose protocol for an object. An end-of-purpose query is provided to multiple applications that requests each application to determine whether the application is able to block the object. End-of-purpose statuses are received, in response to the end-of-purpose query, that each indicate whether a respective application is able to block the object. The end-of-purpose statuses are evaluated to determine whether an aligned end of purpose has been reached for the object. In response to determining that the aligned end of purpose has been reached for the object, a block command is provided to each application that instructs the application to locally block the object in the application.

公开(公告)号：US20220309052A1

公开(公告)日：2022-09-29

申请号：US17216367

申请日：2021-03-29

Applicant: SAP SE

Inventor： Benny Rolle

IPC: G06F16/23 ,  G06F16/28 ,  G06F9/38 ,  G06F9/448

Abstract: An update system may be used to update referenced data objects that are used by multiple applications. In some cases incorrect data may be entered and later corrected. Data consistency techniques are described herein to help avoid use of incorrect data before the data is corrected. A communication from the update system may include updated master data objects and an indication that there are further updates queued. A flag may be set for each of the updated master data objects as they are stored in a database. Then when a request to access those objects is received, the request may be denied when the flag set, thereby preventing access to potentially incorrect or outdated data.

公开(公告)号：US20220058333A1

公开(公告)日：2022-02-24

申请号：US16995994

申请日：2020-08-18

Applicant: SAP SE

Inventor： Benny Rolle

IPC: G06F40/103 ,  G06F16/25 ,  G06Q10/10 ,  G06F40/197

Abstract: Systems and methods include requesting, from a first application system, of data associated with a data subject, reception, from the first application system and in response to the request, of the data associated with the data subject and data contexts respectively associated with the data, presentation of the data and the data contexts to a user, reception of instructions from the user to generate a first configuration including at least one mapping of a data context to a descriptive field value, generation of a first report based on the data, the data contexts and the first configuration, presentation of the first report to the user, and storage of the first configuration in association with the first application system.

公开(公告)号：US12184656B2

公开(公告)日：2024-12-31

申请号：US17680741

申请日：2022-02-25

Applicant: SAP SE

Inventor： Benny Rolle ,  Matthias Vogel

IPC: H04L9/40

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes receiving a request to initiate a data privacy integration protocol for applications in a multiple-application landscape. Voting responder group configurations are identified that group the applications into multiple voting responder groups for performing voting for the protocol. A voting request for the protocol is sent to applications in a first voting responder group. Data privacy integration protocol votes are received from the applications in the first voting responder group and a determination is made as to whether any application in the first voting responder group provided a veto vote for the protocol. If at least one application in the first voting responder group provided a veto vote for an object, the protocol is ended for the object without sending a voting request to applications in a second voting responder group.

公开(公告)号：US12164470B2

公开(公告)日：2024-12-10

申请号：US17457811

申请日：2021-12-06

Applicant: SAP SE

Inventor： Benny Rolle ,  Ufuoma Ighoroje ,  Matthias Vogel ,  Geetha Gopalakrishnan ,  Tobias Schmidt ,  Antsa Andriamboavonjy ,  Dharshan A ,  Carsten Pluder

IPC: G06F21/62 ,  G06F16/11 ,  G06F16/25 ,  H04L67/566

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes receiving, from a requesting application in a landscape that includes a set of multiple applications, a data subject information request for a data subject. A set of target applications is determined from the set of multiple applications. The data subject information request is provided to each target application in the set of target applications. A data subject information response is received from each of the target applications. Each data subject information response includes application data for the data subject that was retrieved by a respective target application in response to the data subject information request. The received data subject information responses are aggregated to generate an aggregated data subject information response. The aggregated data subject information response is provided to the requesting application in response to the data subject information request.

公开(公告)号：US12141302B2

公开(公告)日：2024-11-12

申请号：US17680717

申请日：2022-02-25

Applicant: SAP SE

Inventor： Benny Rolle ,  Matthias Vogel

IPC: G06F21/62

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes determining, by a data privacy integration service, a condition that indicates that all applications in a multiple-application landscape are to attempt a blocking operation on at least one object as part of a data privacy integration protocol. Blocking responder group configurations are identified that group applications in the multiple-application landscape into multiple blocking responder groups for performing blocking operations in response to requests from the data privacy integration service. A blocking command to perform a blocking operation on the at least one object is sent to applications in a first blocking responder group. Blocking statuses are received from each of the applications in the first blocking responder group and a determination is made as to whether all received blocking statuses indicate successful completion of the blocking command.

公开(公告)号：US12079358B2

公开(公告)日：2024-09-03

申请号：US17457827

申请日：2021-12-06

Applicant: SAP SE

Inventor： Ufuoma Ighoroje ,  Benny Rolle ,  Matthias Vogel ,  Carsten Pluder ,  Karl Tillmann Rendel

IPC: G06F21/62 ,  G06F16/903

CPC classification number: G06F21/6218 ,  G06F16/90335

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes sending a block command for an object to each application in a multiple-application landscape that includes a master data distribution application. A blocking status is received from each application that indicates whether the application successfully blocked the object in response to the block command. An overall blocking status is determined based on the received blocking statuses. In response to determining that at least one application failed to block the object, an unblock command is sent to each application. An unblocking status is received from each application and an overall unblocking status is determined. In response to determining that at least one application failed to unblock the object, a redistribution request is sent to the master data distribution application to redistribute the object to applications that failed to unblock the object.