US 8,539,437 B2
Sep. 17, 2013
green et a1~
7,051,036 B2
7,137,100 B2 *
HOW
(75)
7,159,206 B1
, ,
gilihes tal
a ieuxe .
1/2008 Diab
2/2008 P
7,406,432 B1
*
, ,
7/2008 (2335M
tal.
7,406,453 B2 7,418,443 B2
7,603,653 B2
( * ) Notice:
11 1 t 1
ren e e a. .............. ..
717mm
10/2009 Sundammjan et a1
7,610,575 B2* 10/2009 Sproule ....................... .. 717/103 7,774,747 B2 8/2010 Kayam et a1.
(Continued)
OTHER PUBLICATIONS
Stallard et a1.Automated analysis for digital forensic science: Seman
(51) Int-CL
G06F 9/44 (2006.01)
ieee.org/Xpls/absiall.jsp?arnumber:1254321>.*
_
G06F 7/04
(52) US. Cl.
(2006.01)
. .
(Con?rmed)
(56)
References Cited
U.S. PATENT DOCUMENTS
5,729,749 6,226,784 6,237,020 6,286,104 A B1 B1 B1 3/1998 5/2001 5/2001 9/2001 Ito Holmes et al. Leyrnann et al. Buhle et a1.
(57) ABSTRACT Security for a software factory is provided by detecting a request by a user to utilize the software factory. Upon being
authenticated, the user is granted permission to access spe ci?c areas of the software factory. A log is created of locations in software factory that have been accessed by the user. This log is then utilized in an audit that describes how effective the
6,405,317 B1 *
1600
1602
1604
1606
1606
H
USER
1
R
USER SESSION
AUTHENTICATE 2
x
FACTORY SEClRITY PROCESS
\
AUDIT
AUTHORIZE (Pm/115510115)
LOG TRANSACTIONO
US 8,539,437 B2
Page 2
(56) References Cited
U.S. PATENT DOCUMENTS 7,778,866 B2 8/2010 Hughes
7,810,067 B2 7,823,120 B2 7,853,556 B2
7,865,875 B2*
URL<http://dl.acm.org/citation.
loads/SFiMethodologyiWPpdg>.
U.S. Appl. No. 11/735,152, Software Factory Readiness Review,
Non-Final Of?ce Action dated Apr. 29, 2011.
8,141,030 B2
8,141,040 B2
2002/0038449 A1*
3/2012 Finlayson
3/2012 Chaar
3/2002
8/2002
2002/0095650 A1
2002/0108099 A1*
2003/0097650 A1
2003/0106039 A1*
A1 A1 A1 A1 A1
8/ 2003 Kannenberg
10/2003 Hughes
11/2003 Gunjal et al.
1/ 2004 McKenna et al. 1/ 2004 ArbouZov et al.
3/2004
4/2004
2004/0054984 A1 *
2004/0064805 A1
2004/0073886 A1*
A1 A1 A1 A1 A1 A1
Action dated May 26, 2011. US. Appl. No. 1 1/ 735,099, entitled Software Factory Health Moni toring; Non-?nal of?ce action dated Apr. 16, 2012. US. Appl. No. 1 1/ 836,937, entitled Waste Determinants Identi?ca
tion and Elimination Process Model Within a Software Factory Oper
2005/0160395 A1
2005/0166178 A1
2005/0198618 A1*
7/2005 Hughes
7/2005 Masticola et al.
9/2005 Lalonde et al. ............. .. 717/110
2006/0248504 A1
2007/0006161 A1
2007/0124803 A1*
11/2006 Hughes
1/2007 Kuester et al.
5/2007 TaraZ .............................. .. 726/4
2007/0174810 A1
2007/0220479 A1
2008/0046859 2008/0255696 2008/0256390 2008/0256507 2008/0256516 2008/0256529 A1 A1 A1 A1 A1 A1
9/2007 Hughes
2/2008 10/2008 10/2008 10/2008 10/2008 10/2008
11/2008
2008/0282219 A1*
2009/0043622 A1 2009/0055795 A1
2009/0300577 2009/0300586 2010/0017252 2010/0017782 2010/0023918 2010/0023919 2010/0023920 2010/0031090 2010/0031226 2010/0031234 A1 A1 A1 A1 A1 A1 A1 A1 A1 A1
Operating Environment; Final of?ce action dated May 25, 2012. US. Appl. No. 11/735,275, entitled Software Factory; Notice of Allowance dated Sep. 14, 2012. US. Appl. No. 11/735,070, entitled Project Induction in a Software Factory; Final of?ce action dated Sep. 19, 2012. US. Appl. No. 11/735,168, entitled Life Cycle ofaWork Packet in
a Software Factory; Final of?ce action dated Oct. 18, 2012. US. Appl. No. 11/735,086, entitled Work Packet Forecasting in a Software Factory ; Final of?ce action dated Oct. 22, 2012. US. Appl. No. 11/735,168, entitled Life Cycle ofaWork Packet in a Software Factory; Notice of Allowance dated Jan. 4, 2013. US. Appl. No. 11/735,086, entitled Work Packet Forecasting in a Software Factory; Advisory Action dated Jan. 8, 2013.
OTHER PUBLICATIONS
Abbott et al. Automated Recognition of Event Scenarios for Digital Forensics, Proceedings of the 2006 ACM symposium on Applied computing, 2006, pp. 293-300, Retrieved on [Apr. 30, 2013]
* cited by examiner
US. Patent
Sheet 2 0f 25
US 8,539,437 B2
( START V202
RECEIVE INPUT, AT A SOFTWARE FACTORY, FROM CLIENT BUSINESS GOVERNANCE BOARD DESCRIBING SOFTWARE NEEDS OF ENTERPRISE CLIENT
f 204
CREATE A PROJECT SOFTWARE PROPOSAL DEFINITION FOR A SOFTWARE f 206 PROJECT THAT MEETS THE SOFTWARE NEEDS OF THE ENTERPRISE CLIENT
INDUCT/REINDUCT THE SOFTWARE PROJECT FOR EVALUATION, QUALIFICATION, SCORING AND CATEGORIZATION
f 205
OBTAIN WORK PACKETS NEEDED FOR ALL FUNCTIONAL AREAS OF THE SOFTWARE PROJECT
r214
SEND OBTAINED WORK PACKETS TO ASSEMBLY LINE TO CREATE DELIVERABLE r216 CUSTOM SOFTWARE THAT MEETS THE CRITERIA SET FOR THE SOFTWARE PROJECT
I218
FIG. 2
US. Patent
Sheet 3 0f 25
US 8,539,437 B2
5O2
5 r10
ASSEMBLY
LINE
504
520\
r515
MESSAGE
506
ASSET REPOSITORY
ASSET MANAGER
508
WE
OPU% EMawCDKAEU N TR
I
FIG. 5
US. Patent
Sheet 4 or 25
US 8,539,437 B2
GOVERNANCE
ARTIFACTS
4T0)
BUSINESS
CONTEXTUAL
ARTIFACTS
404
412)
ARCHITECTURAL _
/
CS
_
414/
ARTIFA T
TEST
416/
ARTIFACTS
PROJECT
418/
ARTIFACTS
420
422/
GOVERNANCE METRICS
~ ~ METRICS
424
SYSTEM IVIETRICS
4B6
FIG. 4
US. Patent
Sheet 5 0f 25
US 8,539,437 B2
( START V502
CREATE PACKET DEFINITIONS NEEDED FOR f 504 WORK PACKETS USED IN A DELIVERABLE
I
f506
r508
1-510
CID r514
FIG. 5
US. Patent
Sheet 6 0f 25
US 8,539,437 B2
602
/
NAME
SECURITY
FUNCT'ON
SECURITY
PO'NTER
Addressl
ORIGINAL DELIVERABLE
Server
COMPONENT NAME(S)
"Standard100
WORK PACKET
(TOW)
password manager
"Integration 101
600
604
/
CODE
FIG. 6A
US. Patent
Sheet 7 0f 25
US 8,539,437 B2
US. Patent
S heet 8 0f 25
US 8,539,437 B2
DEFINE HEADER COMPONENTS FOR ASSET (E.G., WORK x704 PACKET) HEADER
I
ARCHIVE WORK PACKET WITH PO|NTERS 1708 TO WORK PACKET HEADER ENTRIES
1
:N: r712
FIG. 7
US. Patent
Sheet 9 0f 25
US 8,539,437 B2
@802
f 504 DETERMINE CHOKE-POINTS IN SOFTWARE FACTORY FOR FIRST PROJECT
[805
US. Patent
Sheet 10 0f 25
US 8,539,437 B2
FACTORY PROJECT
CANDIDATE PROJECT
950A
OUT SERVICE INDUCTION
902
IN
FACTORY PROJECT PROPOSAL
SERVICE
REPOSITORY SCORECARD
/
904
910
/
928
SERVICE
\ DEFINITION
RENEDIATION
TEMPLATE
91$
:_|F____________?
I, 3RD PARTY H
SCOR|NG&
CLASSIFICATION
%
SERVICE
ASSESSMENT
I IOONTRAOTORI I
REVIEW
(sAR) %
CHECKLISTS
i _____________TI :
\\ w //
\~
100
924?; PRODUCT I:
.I_:::::::_'
H SUPPORT II
FIG. 9
US. Patent
Sheet 11 0125
US 8,539,437 B2
C
\
8 \A W. B \\ \O C% 9
C H E W. 9 .b
\\\
\ \
CAI|
\O _|
/
m H/ / C/
/
/
/PM / KU 9
\MW
\
\ \ \ \
/ /, n0 B
/ /
/
/ /
\
\
\
\
PRE-QUALIFYING QUESTIONS
1002
FIG.1OA
US. Patent
Sheet 12 0125
US 8,539,437 B2
1007A
/
Leading Indicator
PK Leading lndicatorilD
Leading lndicatoriDesc
FK1 Evaluation RuleilD
f1OO5A
10055
ChecklistiCategoryiDescription
/
_ Question
10075
Evauation Rule
checkl'st
PK ChecklistilD
I
PK QuestionilD
__
Questiion
ChecklsLDesC
FK1 ChecklistiCategoryilD
FK1 ChecklistilD
l
ParentiChecklistilD
FK2 Template ilD Answer
1085c
PK Answer_lD
Answerjlag
FK1 QuestionilD FK2 Evaluation RuleilD
REMEDY
PK Remedy_lD
RemedyiDesc
FK1 Evaluation RuleilD
1004
10050
\
1007c
FIG. 105
US. Patent
Sheet 13 0f 25
US 8,539,437 B2
US. Patent
Sheet 16 0f 25
US 8,539,437 B2
START
I014
I020
I028
FIG. IOE
US. Patent
Sheet 17 0f 25
US 8,539,437 B2
1102a
1102b
1lO\2c
100
/
Cache DB
% Metric DB %
-
Audit DB
xx Portal Portal
1120
m m
i x ,
U :ESEQPTW | l}. m1 qm
8 mm 4 6
FIG. 11
US. Patent
Sheet 18 0f 25
US 8,539,437 B2
START
I
I202
DEFINE WORK
[1204
PACKETS
I
TRACK WHEN AND WHERE THE WORK fI206 PACKETS ARE SENT IN SOFTWARE FACTORY
I
fI208
IVIONITOR ANY ON-GOING CHANGES OF WORK 1-1210 ACTIVITIES CONTAINED IN THE WORK PACKETS
DETERIVIINE IF EXECUTION OF WORK PACKETS CONFORIVIS 1-1212 WITH GOVERNANCE GUIDELINES FOR SOFTWARE FACTORY
fI2I6
FIG. 12