Patents by Inventor Yuecel Karabulut
Yuecel Karabulut has filed for patents to protect the following inventions. This listing includes patent applications that are pending as well as patents that have already been granted by the United States Patent and Trademark Office (USPTO).
-
Patent number: 8843415Abstract: In one embodiment the present invention includes a method of performing a secure transaction in a software system, such as a software service system, for example. Embodiments of the invention include encoding symmetric keys for securing transactions between a service consumer and service provider. Asymmetric keys are also used for providing additional security during transactions. In one embodiment, license tokens and capability tokens are encoded and passed between a service consumer and service provider for allowing a consumer secure access to authorized services.Type: GrantFiled: October 3, 2008Date of Patent: September 23, 2014Assignee: SAP AGInventors: Yuecel Karabulut, Isaac Nassi
-
Patent number: 8572682Abstract: An embodiment includes a computer-implemented method of managing access control policies on a computer system having two high-level programming language environments. The method includes managing, by the computer system, a structured language environment. The method further includes managing, by the computer system, a dynamic language environment within the structured language environment. The method further includes receiving a policy. The policy is written in a dynamic language. The method further includes storing the policy in the dynamic language environment. The method further includes converting the policy from the dynamic language environment to the structured language environment. The method further includes generating a runtime in the structured language environment that includes the policy.Type: GrantFiled: December 21, 2009Date of Patent: October 29, 2013Assignee: SAP AGInventor: Yuecel Karabulut
-
Patent number: 8538799Abstract: A method and system to automatically monitor business collaborations. Collaboration participants can formally express obligations about their expected behavior during the collaboration in business terms, then automatically monitor processes carrying out the collaboration using the formulated obligations. The method and system extends existing service oriented monitoring standards and architecture, specifically, with additional business oriented metrics and plug-in components that allow the monitoring system to calculate business parameters from measurements of multiple services.Type: GrantFiled: June 30, 2006Date of Patent: September 17, 2013Assignee: SAP AGInventors: Jochen Haller, Philip A. Robinson, Yuecel Karabulut, Florian Kerschbaum
-
Patent number: 8312526Abstract: A method and system to delegate an authority to access collaborative resources are provided. The system enables a participant to re-delegate the authority to another participant by an authorization certificate. A chain of the authorization certificate is established along with the re-delegation of the authority from one participant to another. The participant requesting access to the collaborative resources is requested to provide the owner with the chain of authorization certificate for verification. Therefore, the re-delegation process may be performed without the need to notify the owner and yet without comprising the security of the collaborative resources. In addition, the system provides for restricting the participant from accessing the collaborative resources. Consequently, though the participant may not have access to the collaborative resources, he is still able to re-delegate the authority to another participant.Type: GrantFiled: November 30, 2004Date of Patent: November 13, 2012Assignee: SAP AktiengesellschaftInventor: Yuecel Karabulut
-
Patent number: 8250666Abstract: In one embodiment the present invention includes a security manager for managing security in a dynamic programming environment. The security manager interfaces between the dynamic programming environment and a non-dynamic programming environment. In this manner, the dynamic programming environment is unable to compromise the non-dynamic programming environment, yet still provide features desirable in a dynamic programming environment. An example using Ruby in a robust business programming environment is detailed.Type: GrantFiled: July 3, 2008Date of Patent: August 21, 2012Assignee: SAP AGInventors: Yuecel Karabulut, Juergen Schmerder
-
Patent number: 8175907Abstract: A system and method to collaborate participants of different administrative domains in a workflow process is provided. The system includes a membership module for managing the participants, an event module for correlating activities of the workflow process, the membership module and the event module exchanging information relating to changes in the participants and the activities of the workflow process. The membership module for managing the participants includes registering, identifying, adding, querying and modifying the participants. On the other hand, the event module for correlating activities of the workflow process further includes specifying, executing and terminating the activities.Type: GrantFiled: October 17, 2005Date of Patent: May 8, 2012Assignee: SAP AGInventors: Philip Robinson, Yuecel Karabulut, Jochen Haller
-
Publication number: 20110154433Abstract: An embodiment includes a computer-implemented method of managing access control policies on a computer system having two high-level programming language environments. The method includes managing, by the computer system, a structured language environment. The method further includes managing, by the computer system, a dynamic language environment within the structured language environment. The method further includes receiving a policy. The policy is written in a dynamic language. The method further includes storing the policy in the dynamic language environment. The method further includes converting the policy from the dynamic language environment to the structured language environment. The method further includes generating a runtime in the structured language environment that includes the policy.Type: ApplicationFiled: December 21, 2009Publication date: June 23, 2011Applicant: SAP AGInventor: Yuecel Karabulut
-
Patent number: 7818200Abstract: A method and system for a source participant assessing trustworthiness of a destination participant through one or more neighboring participants in a collaborative environment. The method comprises modeling all of the participants as network nodes and relationships between the participants as network paths and identifying a set of the network nodes and the network paths representing the neighboring participants that connects the network node of the source participant to the network node of the destination participant. Each of the network nodes of the neighboring participants as identified has a trust rating with best result, the trust rating is a relative measurement of feedback ratings. The trust rating of a first one of the network nodes of the neighboring participants as identified is computed with the feedback ratings between the first one of the network nodes and others of the network nodes directly connected to the first one of the network nodes.Type: GrantFiled: February 24, 2006Date of Patent: October 19, 2010Assignee: SAP AGInventors: Florian Kerschbaum, Jochen Haller, Yuecel Karabulut, Philip Robinson
-
Publication number: 20100088236Abstract: In one embodiment the present invention includes a method of performing a secure transaction in a software system, such as a software service system, for example. Embodiments of the invention include encoding symmetric keys for securing transactions between a service consumer and service provider. Asymmetric keys are also used for providing additional security during transactions. In one embodiment, license tokens and capability tokens are encoded and passed between a service consumer and service provider for allowing a consumer secure access to authorized services.Type: ApplicationFiled: October 3, 2008Publication date: April 8, 2010Applicant: SAP AGInventors: YUECEL KARABULUT, Isaac Nassi
-
Publication number: 20100005449Abstract: In one embodiment the present invention includes a security manager for managing security in a dynamic programming environment. The security manager interfaces between the dynamic programming environment and a non-dynamic programming environment. In this manner, the dynamic programming environment is unable to compromise the non-dynamic programming environment, yet still provide features desirable in a dynamic programming environment. An example using Ruby in a robust business programming environment is detailed.Type: ApplicationFiled: July 3, 2008Publication date: January 7, 2010Applicant: SAP AGInventors: Yuecel Karabulut, Juergen Schmerder
-
Patent number: 7546463Abstract: A method and system to delegate an authority to access collaborative resources are provided. The system enables a participant to re-delegate the authority to another participant by an authorization certificate. A chain of authorization certificates is established along with the re-delegation of the authority from one participant to another. The participant requesting access to the collaborative resources is requested to provide the owner with the chain of authorization certificates for verification. Therefore, the re-delegation process may be performed without the need to notify the owner and yet without comprising the security of the collaborative resources.Type: GrantFiled: November 30, 2004Date of Patent: June 9, 2009Assignee: SAP AGInventor: Yuecel Karabulut
-
Patent number: 7543292Abstract: A computer system, method and computer program for controlling a workflow process. A process modeling unit is configured to define a process model with at least a first task and a second task, wherein the second task needs to comply with a control aspect and depends on the first task, and is further configured to insert into the process model a control task between the first and the second task, wherein the control task is configured to enforce the control aspect on the second task by using a control service of a subsystem. A process execution unit of the system is configured to generate a process instance from the process model and to instantiate a control context to capture the current state of the process instance, the control context being used by an instance of the control task to invoke the control service according to the control aspect.Type: GrantFiled: December 19, 2005Date of Patent: June 2, 2009Assignee: SAP AGInventors: Jochen Haller, Philip Robinson, Yuecel Karabulut
-
Publication number: 20090099860Abstract: Automatic secure application composition, in which a specification for a business process is accessed, the specification including a security annotation that defines a security intention, and a task that defines at least a portion of the business process, and that calls an external service. A security pattern associated with the security annotation is invoked, and a service provider associated with the external service that satisfies the security intention is identified based on the invoked security pattern. The business process is invoked using the identified service provider.Type: ApplicationFiled: October 15, 2007Publication date: April 16, 2009Applicant: SAP AGInventors: Yuecel Karabulut, Murray Spork, Ming-Chien Shan
-
Publication number: 20090099882Abstract: Automatic secure application composition, in applying a security framework is applied to a business process. An external policy negotiation is conducted to specify a common policy between the composite application and an external service based on applying the security framework, the common policy is enforced for each interaction between the composite application and the external service, and access by the external service to local services and objects is regulated based on the security objectives.Type: ApplicationFiled: October 15, 2007Publication date: April 16, 2009Applicant: SAP AGInventor: Yuecel Karabulut
-
Patent number: 7451308Abstract: A system, to establish a trustworthy supplier in an online commerce environment, includes an aggregated service provider represents a buyer to source and evaluate a seller. The aggregated service provider collects the requirements from the buyer, whereby the requirements include product specification and qualifications of the seller. The aggregated service provider presents the requirements to a trusted service provider. At the same time, the aggregated service provider grants the trusted service provider a permit to issue bound property. A bound property is an award given to a seller in recognition for his qualifications. The trusted service provider first provides the seller with a Request For Invitation and requests the seller to submit a property certificate. The property certificate contains qualifications of the seller which are affirmed by a trusted agent. The trusted service provider evaluates the qualifications of the sellers based on the submitted property certificate and awards a bound property.Type: GrantFiled: October 12, 2004Date of Patent: November 11, 2008Assignee: SAP AGInventor: Yuecel Karabulut
-
Publication number: 20080004927Abstract: A method and system to automatically monitor business collaborations. Collaboration participants can formally express obligations about their expected behavior during the collaboration in business terms, then automatically monitor processes carrying out the collaboration using the formulated obligations. The method and system extends existing service oriented monitoring standards and architecture, specifically, with additional business oriented metrics and plug-in components that allow the monitoring system to calculate business parameters from measurements of multiple services.Type: ApplicationFiled: June 30, 2006Publication date: January 3, 2008Inventors: Jochen Haller, Philip A. Robinson, Yuecel Karabulut, Florian Kerschbaum
-
Publication number: 20070203781Abstract: A method and system for a source participant assessing trustworthiness of a destination participant through one or more neighboring participants in a collaborative environment. The method comprises modeling all of the participants as network nodes and relationships between the participants as network paths and identifying a set of the network nodes and the network paths representing the neighboring participants that connects the network node of the source participant to the network node of the destination participant. Each of the network nodes of the neighboring participants as identified has a trust rating with best result, the trust rating is a relative measurement of feedback ratings. The trust rating of a first one of the network nodes of the neighboring participants as identified is computed with the feedback ratings between the first one of the network nodes and others of the network nodes directly connected to the first one of the network nodes.Type: ApplicationFiled: February 24, 2006Publication date: August 30, 2007Inventors: Florian Kerschbaum, Jochen Haller, Yuecel Karabulut, Philip Robinson
-
Publication number: 20060161272Abstract: A computer system, method and computer program for controlling a workflow process. A process modelling unit is configured to define a process model with at least a first task and a second task, wherein the second task needs to comply with a control aspect and depends on the first task, and is further configured to insert into the process model a control task between the first and the second task, wherein the control task is configured to enforce the control aspect on the second task by using a control service of a subsystem. A process execution unit of the system is configured to generate a process instance from the process model and to instantiate a control context to capture the current state of the process instance, the control context being used by an instance of the control task to invoke the control service according to the control aspect.Type: ApplicationFiled: December 19, 2005Publication date: July 20, 2006Inventors: Jochen Haller, Philip Robinson, Yuecel Karabulut