Patents by Inventor Bernhard Drabant
Bernhard Drabant has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 10740483Abstract: A data model is defined to describe objects. Attributes from the data model are associated with providing authorization right for executing actions on object instances of the objects. A hierarchy of object groups is declared. Objects group collections are defined on top of the hierarchy. A vocabulary including definitions of attributes of objects and including definitions of assignments of objects to object groups is created. The vocabulary is related to determining authorization rights for executing actions based on attributes and hierarchy organization of objects. A capability to determine authorization to perform an action by a user on a set of objects is defined based on the vocabulary. When a request for performing an action by a user on object instances is received, a filtering expression based on the capability is generated to be included in a where clause of a query.Type: GrantFiled: November 22, 2016Date of Patent: August 11, 2020Assignee: SAP SEInventors: Michael Aakolk, Bernhard Drabant, Andrea Waldi
-
Patent number: 10560458Abstract: In one respect, there is provided a system a data processor and a memory. The system can be configured to receive, from a first user associated with a first tenant, a request to access a resource associated with a second tenant. The first tenant and the second tenant can be tenants of a multi-tenant cloud-computing platform. The resource can be accessible via the multi-tenant cloud-computing platform. The first user can be authorized to access the resource associated with the second tenant based on a sharing relationship that allows the first user to access the resource. In response to determining that the first user is authorized to access the resource associated with the second tenant, access to the resource can be provided to the first user. Related methods and articles of manufacture, including computer program products, are also provided.Type: GrantFiled: July 6, 2017Date of Patent: February 11, 2020Assignee: SAP SEInventor: Bernhard Drabant
-
Publication number: 20190014120Abstract: In one respect, there is provided a system a data processor and a memory. The system can be configured to receive, from a first user associated with a first tenant, a request to access a resource associated with a second tenant. The first tenant and the second tenant can be tenants of a multi-tenant cloud-computing platform. The resource can be accessible via the multi-tenant cloud-computing platform. The first user can be authorized to access the resource associated with the second tenant based on a sharing relationship that allows the first user to access the resource. In response to determining that the first user is authorized to access the resource associated with the second tenant, access to the resource can be provided to the first user. Related methods and articles of manufacture, including computer program products, are also provided.Type: ApplicationFiled: July 6, 2017Publication date: January 10, 2019Inventor: Bernhard Drabant
-
Publication number: 20180144150Abstract: A data model is defined to describe objects. Attributes from the data model are associated with providing authorization right for executing actions on object instances of the objects. A hierarchy of object groups is declared. Objects group collections are defined on top of the hierarchy. A vocabulary including definitions of attributes of objects and including definitions of assignments of objects to object groups is created. The vocabulary is related to determining authorization rights for executing actions based on attributes and hierarchy organization of objects. A capability to determine authorization to perform an action by a user on a set of objects is defined based on the vocabulary. When a request for performing an action by a user on object instances is received, a filtering expression based on the capability is generated to be included in a where clause of a query.Type: ApplicationFiled: November 22, 2016Publication date: May 24, 2018Inventors: Michael Aakolk, Bernhard Drabant, Andrea Waldi
-
Patent number: 9760734Abstract: Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions.Type: GrantFiled: June 26, 2015Date of Patent: September 12, 2017Assignee: SAP SEInventors: Bernhard Drabant, Bernhard Drittler, Roland Lucius, Martin Schmid
-
Publication number: 20160379002Abstract: Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions.Type: ApplicationFiled: June 26, 2015Publication date: December 29, 2016Inventors: Bernhard Drabant, Bernhard Drittler, Roland Lucius, Martin Schmid
-
Patent number: 8584136Abstract: The present disclosure involves systems, software, and computer implemented methods for providing context-aware request dispatching in a clustered environment. One process includes operations for receiving an event at a first computer node. The contents of the event are analyzed to determine a target process instance for handling the event. A target computer node hosting the target process instance is determined, and the event is sent to the target computer node for handling by the target process instance.Type: GrantFiled: August 15, 2011Date of Patent: November 12, 2013Assignee: SAP AGInventors: Oliver C. Goetz, Bernhard Drabant, Erik Dick
-
Patent number: 8484657Abstract: A plurality of nodes may be arranged within a hierarchy to perform actions, each node may perform a task associated an action. A dependency evaluator may determine, based on a request to perform an action, the first subset of the nodes configured to perform the action, wherein a first node of a higher level of the hierarchy is dependent upon a response from a second node of a lower level of the hierarchy to perform a task associated with the action. A request engine may provide the request to a lowest level of the hierarchy, wherein the second node of the lowest level may perform a task associated with the requested action and respond to the dependent first node. A response engine may receive the response from one of the nodes on a highest level of the hierarchy, including a performance of the tasks and the requested action.Type: GrantFiled: October 30, 2008Date of Patent: July 9, 2013Assignee: SAP AGInventors: Bernhard Drabant, Uwe Bloching
-
Publication number: 20130047165Abstract: The present disclosure involves systems, software, and computer implemented methods for providing context-aware request dispatching in a clustered environment. One process includes operations for receiving an event at a first computer node. The contents of the event are analyzed to determine a target process instance for handling the event. A target computer node hosting the target process instance is determined, and the event is sent to the target computer node for handling by the target process instance.Type: ApplicationFiled: August 15, 2011Publication date: February 21, 2013Applicant: SAP AGInventors: Oliver C. Goetz, Bernhard Drabant, Erik Dick
-
Patent number: 8381206Abstract: The subject matter discloses a method for enabling computerized extensions, comprising receiving data concerning an extension required to a computerized application utilizing a process model, detecting an event received from the external entity and executing the computerized extension according to the event. The extension may be activated before after or during operation of the computerized application.Type: GrantFiled: December 22, 2009Date of Patent: February 19, 2013Assignee: SAP AGInventors: Soren Balko, Bernhard Drabant, Erik Dick
-
Patent number: 8260762Abstract: Example methods and apparatus for storing and providing application runtime data are disclosed. An example method include receiving, at a data list manager, a set of identifiers associated, respectively, with one or more persistently stored structured data records. The example method further includes storing, by the data list manager, the set of identifiers. The example method also includes receiving, at the data list manager, a request for one or more of the structured data records and retrieving, by the data list manager, the one or more requested structured data records. The example method still further includes storing, by the data list manager, the retrieved data records in correspondence with their respective identifiers and providing, by the data list manager, the retrieved data records for display to a user.Type: GrantFiled: December 15, 2008Date of Patent: September 4, 2012Assignee: SAP AGInventors: Bernhard Drabant, Uwe Bloching
-
Publication number: 20110154312Abstract: The subject matter discloses a method for enabling computerized extensions, comprising receiving data concerning an extension required to a computerized application utilizing a process model, detecting an event received from the external entity and executing the computerized extension according to the event. The extension may be activated before after or during operation of the computerized application.Type: ApplicationFiled: December 22, 2009Publication date: June 23, 2011Applicant: SAP AGInventors: Soren BALKO, Bernhard Drabant, Erik Dick
-
Patent number: 7930251Abstract: The subject matter disclosed herein provides methods and apparatus, including computer program products, for model driven state management of applications. In one aspect, there is provided a computer-implemented method. The method may include instantiating one or more business objects associated with an application. The transitions between states of the application may be checked using one or more models defined based on at least one of a context of the business object and a context of the application. An indication regarding the results of checking of the transitions may be provided to a user interface. Related apparatus, systems, methods, and articles are also described.Type: GrantFiled: August 9, 2007Date of Patent: April 19, 2011Assignee: SAP AGInventors: Uwe Bloching, Frank Brunswig, Bernhard Drabant
-
Patent number: 7774463Abstract: An electronic message, containing a request to initiate a service, can be received in a landscape of computer systems providing message-based services. Thereafter, a contract can be accessed to determine if provision of the requested service is permitted. As a result, the requested service identified in the message if provision of the requested service is permitted can be initiated. Related techniques, articles, apparatus, and systems are also described.Type: GrantFiled: July 25, 2006Date of Patent: August 10, 2010Assignee: SAP AGInventors: Uwe Bloching, Frank Brunswig, Bernhard Drabant
-
Patent number: 7752484Abstract: A wrapper can receive a request for application data. The wrapper wraps a first reference to a cross-session object and a second reference to a wrapper mapper object. Thereafter, the cross-session object can be accessed using the first reference and the wrapper mapper object is polled using the second reference to access a session-local object. The wrapper mapper object includes a wrapper list references the wrapper and any wrappers contained therein to facilitate recovery after session failover. Related apparatus, systems, methods, and articles are also described.Type: GrantFiled: December 15, 2006Date of Patent: July 6, 2010Assignee: SAP AGInventors: Oliver Goetz, Bernhard Drabant, Thomas Gauweiler
-
Publication number: 20100153976Abstract: Example methods and apparatus for storing and providing application runtime data are disclosed. An example method include receiving, at a data list manager, a set of identifiers associated, respectively, with one or more persistently stored structured data records. The example method further includes storing, by the data list manager, the set of identifiers. The example method also includes receiving, at the data list manager, a request for one or more of the structured data records and retrieving, by the data list manager, the one or more requested structured data records. The example method still further includes storing, by the data list manager, the retrieved data records in correspondence with their respective identifiers and providing, by the data list manager, the retrieved data records for display to a user.Type: ApplicationFiled: December 15, 2008Publication date: June 17, 2010Inventors: Bernhard Drabant, Uwe Bloching
-
Publication number: 20100115515Abstract: A plurality of nodes may be arranged within a hierarchy to perform actions, each node may perform a task associated an action. A dependency evaluator may determine, based on a request to perform an action, the first subset of the nodes configured to perform the action, wherein a first node of a higher level of the hierarchy is dependent upon a response from a second node of a lower level of the hierarchy to perform a task associated with the action. A request engine may provide the request to a lowest level of the hierarchy, wherein the second node of the lowest level may perform a task associated with the requested action and respond to the dependent first node. A response engine may receive the response from one of the nodes on a highest level of the hierarchy, including a performance of the tasks and the requested action.Type: ApplicationFiled: October 30, 2008Publication date: May 6, 2010Applicant: SAP AGInventors: Bernhard Drabant, Uwe Bloching
-
Publication number: 20090044202Abstract: The subject matter disclosed herein provides methods and apparatus, including computer program products, for model driven state management of applications. In one aspect, there is provided a computer-implemented method. The method may include instantiating one or more business objects associated with an application. The transitions between states of the application may be checked using one or more models defined based on at least one of a context of the business object and a context of the application. An indication regarding the results of checking of the transitions may be provided to a user interface. Related apparatus, systems, methods, and articles are also described.Type: ApplicationFiled: August 9, 2007Publication date: February 12, 2009Inventors: Uwe Bloching, Frank Brunswig, Bernhard Drabant
-
Patent number: 7480920Abstract: Methods and apparatus, including computer program products, are provided for providing a language for defining a service. In one embodiment, there is provided a method for making a call to the service having a business object. Moreover, the method may include formatting a message based on a language, the language defining an interaction with the business object at the service and an association between the business object and a business object node, the association enabling an instantiation of the business object including the business object node; and calling the service using the formatted message, such that the formatted message instantiates the business object.Type: GrantFiled: March 23, 2006Date of Patent: January 20, 2009Assignee: SAP AGInventors: Rainer Brendle, Frank Brunswig, Bernhard Drabant, Thomas Fiedler, Ulrike Heuer, Axel Schuller
-
Publication number: 20080155320Abstract: A wrapper can receive a request for application data. The wrapper wraps a first reference to a cross-session object and a second reference to a wrapper mapper object. Thereafter, the cross-session object can be accessed using the first reference and the wrapper mapper object is polled using the second reference to access a session-local object. The wrapper mapper object includes a wrapper list references the wrapper and any wrappers contained therein to facilitate recovery after session failover. Related apparatus, systems, methods, and articles are also described.Type: ApplicationFiled: December 15, 2006Publication date: June 26, 2008Inventors: Oliver Goetz, Bernhard Drabant, Thomas Gauweiler