公开(公告)号：US12072993B2

公开(公告)日：2024-08-27

申请号：US17457797

申请日：2021-12-06

Applicant: SAP SE

Inventor： Ufuoma Ighoroje ,  Benny Rolle ,  Matthias Vogel ,  Carsten Pluder

IPC: G06F21/62 ,  G06F16/903

CPC classification number: G06F21/6218 ,  G06F16/90335 ,  G06F21/629

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes determining to initiate an integrated end of purpose protocol for an object. An end-of-purpose query is provided to multiple applications that requests each application to determine whether the application is able to block the object. End-of-purpose statuses are received, in response to the end-of-purpose query, that each indicate whether a respective application is able to block the object. The end-of-purpose statuses are evaluated to determine whether an aligned end of purpose has been reached for the object. In response to determining that the aligned end of purpose has been reached for the object, a block command is provided to each application that instructs the application to locally block the object in the application.

公开(公告)号：US20240184914A1

公开(公告)日：2024-06-06

申请号：US18073164

申请日：2022-12-01

Applicant: SAP SE

Inventor： Benny Rolle ,  Matthias Vogel

IPC: G06F21/62

CPC classification number: G06F21/6245

Abstract: The present disclosure involves systems, software, and computer implemented methods for using multiple synonymous identifiers in data privacy integration protocols. One example method includes identifying a request to initiate a protocol in a multiple-application landscape for an object with an identifier. A determination is made that at least one context-using application participant of the protocol relies on a context-providing application participant of the protocol for resolving the identifier to a local identifier local to a context of the context-providing application participant. A resolution request is sent to context-providing application participants that can provide resolution for an identifier for at least one context-using application. A local identifier corresponding to the identifier that is local to the context of the context-providing application participant is received from each context-providing application participant. A protocol work package that includes a resolved local identifier to is sent to each context-using application participant.

公开(公告)号：US20230177213A1

公开(公告)日：2023-06-08

申请号：US17457811

申请日：2021-12-06

Applicant: SAP SE

Inventor： Benny Rolle ,  Ufuoma Ighoroje ,  Matthias Vogel ,  Geetha Gopalakrishnan ,  Tobias Schmidt ,  Antsa Andriamboavonjy ,  Dharshan A ,  Carsten Pluder

IPC: G06F21/62 ,  G06F16/11 ,  H04L67/566

CPC classification number: G06F21/629 ,  G06F16/125 ,  G06F16/113 ,  H04L67/2833

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes receiving, from a requesting application in a landscape that includes a set of multiple applications, a data subject information request for a data subject. A set of target applications is determined from the set of multiple applications. The data subject information request is provided to each target application in the set of target applications. A data subject information response is received from each of the target applications. Each data subject information response includes application data for the data subject that was retrieved by a respective target application in response to the data subject information request. The received data subject information responses are aggregated to generate an aggregated data subject information response. The aggregated data subject information response is provided to the requesting application in response to the data subject information request.

公开(公告)号：US20230177189A1

公开(公告)日：2023-06-08

申请号：US17457827

申请日：2021-12-06

Applicant: SAP SE

Inventor： Ufuoma Ighoroje ,  Benny Rolle ,  Matthias Vogel ,  Carsten Pluder ,  Karl Tillmann Rendel

IPC: G06F21/62 ,  G06F16/903

CPC classification number: G06F21/6218 ,  G06F16/90335

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes sending a block command for an object to each application in a multiple-application landscape that includes a master data distribution application. A blocking status is received from each application that indicates whether the application successfully blocked the object in response to the block command. An overall blocking status is determined based on the received blocking statuses. In response to determining that at least one application failed to block the object, an unblock command is sent to each application. An unblocking status is received from each application and an overall unblocking status is determined. In response to determining that at least one application failed to unblock the object, a redistribution request is sent to the master data distribution application to redistribute the object to applications that failed to unblock the object.

公开(公告)号：US20230177187A1

公开(公告)日：2023-06-08

申请号：US17457816

申请日：2021-12-06

Applicant: SAP SE

Inventor： Matthias Vogel ,  Benny Rolle ,  Ufuoma Ighoroje

IPC: G06F21/62 ,  G06F21/55 ,  G06F21/31

CPC classification number: G06F21/6218 ,  G06F21/554 ,  G06F21/31

Abstract: The present disclosure involves systems, software, and computer implemented methods for integrated data privacy services. An example method includes determining to initiate an integrated end of purpose protocol for an object of an object type. Target applications are determined that are allowed to process objects of the object type for at least one purpose, based on identified purpose information. An end-of-purpose query is provided to the target applications and an end-of-purpose status is received from each target application that indicates whether the application is able to block the object. The received statuses are evaluated to determine whether an aligned end of purpose has been reached for the object. In response to determining that the aligned end of purpose has been reached for the object, a block command is provided to each of the multiple applications that instructs a respective application to locally block the object.

公开(公告)号：US11550781B2

公开(公告)日：2023-01-10

申请号：US16995175

申请日：2020-08-17

Applicant: SAP SE

Inventor： Benny Rolle ,  Matthias Vogel ,  Stefan Hesse

IPC: G06F7/00 ,  G06F16/242 ,  G06F16/248

Abstract: Systems and methods include requesting, from a first application system, of a first one or more combinations of search parameters for identifying a data subject identifier of the first application system, transmission of a first query to the first application system including values of search parameters of a first one of the first one or more combinations of search parameters, the values associated with a first data subject, reception of a first data subject identifier of the first application system in response to the first query, transmission of a second query to the first application system including the first data subject identifier, and reception of data of the first application system associated with the first data subject identifier in response to the second query.

公开(公告)号：US11514065B2

公开(公告)日：2022-11-29

申请号：US17037323

申请日：2020-09-29

Applicant: SAP SE

Inventor： Benny Rolle

IPC: G06F16/00 ,  G06F16/2458 ,  G06F16/28 ,  G06N5/04

Abstract: Techniques for accessing implicit information that is used by, but not explicitly persisted in, a computer system are disclosed. In some embodiments, a method comprises: storing a schema for a relational database, the schema indicating relationships between tables of the relational database; persisting explicit data concerning a data subject in at least one of the tables; processing the explicit data using a software application, the processing of the explicit data comprising: inferring implicit information based on the explicit data and the schema; and using the implicit information by the software application; receiving a request for a report of personal data concerning the data subject; and in response to the request, generating the report, the generating of the report comprising: inferring the implicit information based on the explicit data and the schema; and including the explicit data and the implicit information in the generated report.

公开(公告)号：US11494546B2

公开(公告)日：2022-11-08

申请号：US16995994

申请日：2020-08-18

Applicant: SAP SE

Inventor： Benny Rolle

IPC: G06F40/103 ,  G06F40/197 ,  G06Q10/10 ,  G06F16/25

Abstract: Systems and methods include requesting, from a first application system, of data associated with a data subject, reception, from the first application system and in response to the request, of the data associated with the data subject and data contexts respectively associated with the data, presentation of the data and the data contexts to a user, reception of instructions from the user to generate a first configuration including at least one mapping of a data context to a descriptive field value, generation of a first report based on the data, the data contexts and the first configuration, presentation of the first report to the user, and storage of the first configuration in association with the first application system.

公开(公告)号：US20220100755A1

公开(公告)日：2022-03-31

申请号：US17037323

申请日：2020-09-29

Applicant: SAP SE

Inventor： Benny Rolle

IPC: G06F16/2458 ,  G06N5/04 ,  G06F16/28

Abstract: Techniques for accessing implicit information that is used by, but not explicitly persisted in, a computer system are disclosed. In some embodiments, a method comprises: storing a schema for a relational database, the schema indicating relationships between tables of the relational database; persisting explicit data. concerning a data subject in at least one of the tables; processing the explicit data using a software application, the processing of the explicit data comprising: inferring implicit information based on the explicit data and the schema; and using the implicit information by the software application; receiving a request for a report of personal data concerning the data subject; and in response to the request, generating the report, the generating of the report comprising: inferring the implicit information based on the explicit data and the schema; and including the explicit data and the implicit information in the generated report.

公开(公告)号：US20210192052A1

公开(公告)日：2021-06-24

申请号：US16722564

申请日：2019-12-20

Applicant: SAP SE

Inventor： Florian Loch ,  Benny Rolle

IPC: G06F21/57 ,  G06F11/36

Abstract: Disclosed herein are system, method, and computer program product embodiments for conducting taint analysis on inputted data from a user to a process, where based on pre-defined rules, input data may be marked as tainted. In a passive mode, logging or deletion actions may be taken on the tainted data. In an active mode, the process may be interrupted and a user prompt may be displayed each time a taint point is reached.