Patents by Inventor Roland Lucius

Roland Lucius has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).

  • Publication number: 20180373757
    Abstract: A system, method, and computer-readable medium, to receive a query specifying a result set of data from at least one database table; determine whether at least one column of the at least one database table is subject to a column-based authorization restriction; modify the query, in an instance it is determined that at least one column of the at least one database table is subject to a column-based authorization restriction, to restrict the result set of data in accordance with the column-based authorization restriction; and execute, in response to the modifying of the query, the modified query.
    Type: Application
    Filed: June 22, 2017
    Publication date: December 27, 2018
    Inventors: Igor Schukovets, Gregor Tielsch, Erich Schulzke, Nils Hartmann, Roland Lucius, Matthias Buehl, Timm Falter
  • Patent number: 9760734
    Abstract: Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions.
    Type: Grant
    Filed: June 26, 2015
    Date of Patent: September 12, 2017
    Assignee: SAP SE
    Inventors: Bernhard Drabant, Bernhard Drittler, Roland Lucius, Martin Schmid
  • Publication number: 20160379002
    Abstract: Embodiments manage user authorization to access multiple grouped software applications, via a catalog mechanism. Functionality of related software is divided into semantically meaningful catalogs, representing tasks or sub-processes within a business scenario. These catalogs represent a unit of functionality utilized to structure work and authorization. Functionality and authorizations are associated to system entry points, and assigned to catalogs bundling applications and services. Responsibilities may be defined statically or dynamically in terms of rule-based access restrictions to data structure (e.g., business object) instances. Catalogs may be assigned to business roles, and business roles assigned to users. Based on such assignments, corresponding authorizations are generated and linked to users at compile or deployment time. At run time, access decision and enforcement is granted based on these authorizations and restrictions.
    Type: Application
    Filed: June 26, 2015
    Publication date: December 29, 2016
    Inventors: Bernhard Drabant, Bernhard Drittler, Roland Lucius, Martin Schmid
  • Publication number: 20140181134
    Abstract: A query engine for integrating authorization conditions within a database query statement. The query engine may include an authorization handler configured to receive authorization parameters related to one or more authorization objects for data relevant to a query for performing an authority check, and obtain at least one user authorization profile for a current user based on the authorization parameters. The at least one user authorization profile may include an activity value and one or more authorization conditions associated with the activity value. The query engine may further include a query generator configured to receive query parameters related to the query and integrate the query parameters with the one or more authorization conditions to obtain a database query statement, and a database selector configured to obtain authorized data from an in-memory database based on the database query statement.
    Type: Application
    Filed: December 21, 2012
    Publication date: June 26, 2014
    Inventors: Marcel Hermanns, Hans-Christian Humprecht, Cristina Buchholz, Peter Drews-Walkling, Roland Lucius