WO2008024351A2 - System, method, and computer program product for providing an intelligent, portable, self-aware, secure object - Google Patents

System, method, and computer program product for providing an intelligent, portable, self-aware, secure object Download PDF

Info

Publication number
WO2008024351A2
WO2008024351A2 PCT/US2007/018491 US2007018491W WO2008024351A2 WO 2008024351 A2 WO2008024351 A2 WO 2008024351A2 US 2007018491 W US2007018491 W US 2007018491W WO 2008024351 A2 WO2008024351 A2 WO 2008024351A2
Authority
WO
WIPO (PCT)
Prior art keywords
workflow
managing
exemplary embodiment
exemplary
self
Prior art date
Application number
PCT/US2007/018491
Other languages
French (fr)
Other versions
WO2008024351A3 (en
Inventor
Bruce K. Lyman
Original Assignee
Enterprise Information Management, Inc.
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Enterprise Information Management, Inc. filed Critical Enterprise Information Management, Inc.
Publication of WO2008024351A2 publication Critical patent/WO2008024351A2/en
Publication of WO2008024351A3 publication Critical patent/WO2008024351A3/en

Links

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q10/00Administration; Management
    • G06Q10/06Resources, workflows, human or project management; Enterprise or organisation planning; Enterprise or organisation modelling

Definitions

  • the present invention relates generally to business process automation, and more particularly to forms automation systems for business process automation.
  • An exemplary embodiment may include a method for managing a form-based business process workflow using an electronic form may include: managing the workflow using the electronic form, wherein the electronic form may include an intelligent, portable, self-aware, secure object.
  • An exemplary embodiment may include where the intelligent object may include embedded workflow characteristics.
  • An exemplary embodiment may include where the intelligent object may include incorporating approximately 80% of an associated business process in the object.
  • An exemplary embodiment may include where the object is self contained.
  • An exemplary embodiment may include where the managing the self-aware object may include at least one of: managing whether the objected is connected or unconnected; managing network connectivity of the object; managing whether a user of the object is on network or off network; and/or managing communication with a recipient.
  • An exemplary embodiment may include where the managing the secure object may include at least one of: managing security; detecting tampering; managing access to the secure object; managing peer-to-peer communications between a plurality of the secure objects; providing visibility to another secure object in a peer-to-peer communications manner; encrypting the object; compressing the object; enabling viewing without decompressing; using innerwall/enclave; requiring authentication via biometrics; requiring user security validation and/or authentication; requiring user password authentication; and/or managing visibility of the secure object to peers.
  • An exemplary embodiment may include where the managing the object further may include: encrypting the object. ' '
  • An exemplary embodiment may include where the managing the secure object may include at least one of: using innerwall/enclave to ... [00015] An exemplary embodiment may include where the managing the object further may include: compressing the object. [00016] An exemplary embodiment may include where the managing the object further may include at least one of: requiring user authentication; and/or requiring user authentication using at least one of a password; and/or a biometrics.
  • An exemplary embodiment may include where the object may include at least one of: an extensible markup language (XML) object; a software object; an applet; an application; an electronic form; and/or an executable object.
  • XML extensible markup language
  • An exemplary embodiment may include where the managing the workflow may include at least one of: a process; a business workflow; a governmental workflow; an agency workflow; an administrative agency workflow; a defense department agency workflow; an armed services workflow; an immigration agency workflow; a defense agency workflow; a department of motor vehicles based workflow; a voting workflow; a federal government agency workflow; a state government agency workflow; a county government agency workflow; a city government agency workflow; a municipal government agency workflow; and/or a forms-based workflow.
  • An exemplary embodiment may further include managing peer-to-peer communication; managing security of the object; and managing workflow steps.
  • An exemplary embodiment may further include at least one of: managing upload transfers from the object to legacy systems; managing bandwidth related transactions; and/or managing legacy database relational transactions.
  • An exemplary embodiment may include where the upload transfers comprise a remaining 20% of workflow processing.
  • An exemplary embodiment may further include self tracking the object; tracking completion of the workflow; tracking workflow authorizations; seeking any necessary approval; seeking any transfers from and/or to another user; tracking what was performed, who performed it, and when it was performed; and/or tracking timestamps.
  • An exemplary embodiment may further include providing a viewer for access to the object; providing a version tailored for a portable device including at least one of a personal computer, a personal digital assistant, a mobile phone, and/or a mobile device; providing access in a low bandwidth environment; providing coupling to a backend system; and/or providing a portal for access to the object.
  • An exemplary embodiment may include a system, which may include an intelligent, portable, self-aware, secure object adapted to be placed on a portable device. [00025] An exemplary embodiment may further include a viewer operative to view contents of the object. [00026] An exemplary embodiment may include where the viewer is an embedded viewer, downloadable along with the object. [00027] An exemplary embodiment may further include a portal operative to provide user interactive access to the object via a browser. [00028] An exemplary embodiment may include where the browser may include an Internet web browser. [00029] An exemplary embodiment may include where the object is adapted to be coupled via a communications link to legacy systems.
  • An exemplary embodiment may include where the object is capable of peer-to-peer distributed communication in at least a low bandwidth environment.
  • FIG.l depicts an exemplary process flow diagram illustrating an exemplary embodiment of an exemplary conventional business process automation process, which may include identifying a business process, defining a solution, developing a technical solution, purchasing infrastructure, integrating technology, deploying a phase I of the automated process; deploying a phase II, deploying local, and finally, providing full operational capability, ' according to an exemplary embodiment;
  • FIG. 2 depicts an exemplary process flow diagram illustrating an exemplary embodiment of a plurality of exemplary conventional business process automation processes, each of which may include identifying a business process, defining a solution, developing a technical solution, purchasing infrastructure, integrating technology, deploying a phase I of the
  • FIG. 3 depicts an exemplary improved process flow diagram illustrating an exemplary embodiment of an improved exemplary service oriented architecture business process automation process, which may .include, e.g., but not limited to, identifying a. business process, defining a solution, building a solution, and providing full operational capability, according to an exemplary embodiment of the invention;
  • FIG- 4 depicts an exemplary improved process flow diagram illustrating an exemplary embodiment of applying the improved service oriented architecture to two independent business processes
  • FIG. 5 depicts an exemplary embodiment of a computer system as may be used in implementing an exemplary embodiment of the present invention
  • FIG. 6 depicts an exemplary embodiment of a diagram illustrating a legacy backend infrastructure including, a user seated at a client, via a portal accessing various exemplary applications by authenticating through exemplary security application, to access exemplary business applications and to access via integration engine, external data repositories, and external business applications;
  • FIG. 7 depicts another exemplary embodiment of a diagram illustrating another exemplary legacy backend infrastructure including a user which may be seated at an exemplary client device, accessing, via a portal, various exemplary stove pipe applications provided via integration framework including by authenticating through exemplary security application, to access exemplary business applications and to access via integration engine and the integration framework, external data repositories, and external business applications;
  • FIG. 8 depicts a diagram illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form having various fields, including, e.g., authentication, approvals, among others;
  • FIG. 9 depicts a diagram illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form having various exemplary fields;
  • FIG. 10 depicts a diagram illustrating an exemplary portal as may be provided according to an exemplary embodiment including an exemplary graphical user interface including an exemplary number of file folder tabs;
  • FIG. 1 1 depicts an exemplary embodiment of an exemplary use of a self-aware secure object, according to an exemplary embodiment, including a diagram illustrating an exemplary self-aware secure object being interactively accessed by a user by client, via a portal;
  • FIG. 12 depicts another exemplary embodiment of a diagram illustrating another exemplary backend infrastructure including a user which may be seated (or ambulatory) at an exemplary client device, accessing, via a portal, which may be tailored to a device, various exemplary applications which may include the self-aware portable intelligent object;
  • FlGs. 13A and 13B set forth an exemplary quarantining process, according to an exemplary embodiment of the present invention
  • FIG. 14 depicts another exemplary embodiment of a diagram illustrating an exemplary Trust component architecture including, in an exemplary embodiment, an exemplary client device, accessing, via a portal, an enclave application; and
  • FIG. 15 depicts a diagram, of an exemplary embodiment, illustrating a breakdown of relative embedded program logic between object and portal, according to an exemplary embodiment of the present invention.
  • FIG. 1 depicts an exemplary process flow diagram 100 illustrating an exemplary embodiment of a conventional business process automation process which may include identifying a business process 102, defining a solution 104, developing a technical solution 106, purchasing infrastructure 108, integrating technology 110, deploying a phase I 1 12 of the automated process; deploying a phase II 114, deploying locals 116, and finally, providing full operational capability, according to an exemplary embodiment of the invention.
  • the conventional process is lengthy and requires extensive systems integration and testing.
  • FIG. 2 depicts an exemplary process flow diagram 200 illustrating an exemplary embodiment of a plurality (two or more) exemplary conventional business process automation processes, which may include identifying a business process 102a, 102b, defining a solution 104a, 104b, developing a technical solution 106a, 106b, purchasing infrastructure 108a, 108b, integrating technology HOa, 110b, deploying a phase I of the automated process 112a, 1 12b; deploying a phase II 114a, 114b, deploying local 116a, 116b, and finally, providing full operational capability 118a, 1 18b, according to an exemplary embodiment of the invention.
  • identifying a business process 102a, 102b defining a solution 104a, 104b, developing a technical solution 106a, 106b, purchasing infrastructure 108a, 108b, integrating technology HOa, 110b, deploying a phase I of the automated process 112a, 1 12b; deploying a phase II 114
  • the conventional process is lengthy and requires extensive systems integration and testing. As shown, the conventional process when applied to two separate processes is redundant and thus may take an even longer time to complete, as the whole process must be performed for each of the two business processes being automated. What is needed is a shorting business process automation system which may result in a shorter business process automation cycle time.
  • FIG. 3 depicts an exemplary improved process flow diagram 300 illustrating an exemplary embodiment of an improved exemplary service oriented architecture business process automation process, which may include, e.g., but not limited to, identifying a business process 302, defining a solution 304, building a solution 306, and providing full operational capability 308, according to an exemplary embodiment of the invention.
  • the improved service oriented architecture business method process automation 300 is much more efficient and completes a cycle in record time.
  • FIG. 4 depicts an exemplary improved process flow diagram 400 illustrating an exemplary embodiment of applying the improved service oriented architecture to two independent business processes.
  • an improved exemplary service oriented architecture business process automation process is depicted, which may include, e.g., but not limited to, identifying a business process 302a, 302b, defining a solution 304a, 304b, building a solution 306a, 306b, and providing full operational capability 308a, 308b, according to an exemplary embodiment of the invention.
  • identifying a business process 302a, 302b may include, e.g., but not limited to, identifying a business process 302a, 302b, defining a solution 304a, 304b, building a solution 306a, 306b, and providing full operational capability 308a, 308b, according to an exemplary embodiment of the invention.
  • identifying a business process 302a, 302b may include, e.g., but not limited to, identifying a business
  • FIG. 5 depicts an exemplary embodiment of a computer system that may be used in computing devices such as, e.g., but not limited to, client or server devices according to an exemplary embodiment of the present invention.
  • FIG. S depicts an exemplary embodiment of a computer system that may be used as client device 108, or a server device (not shown), etc.
  • the present invention (or any part(s) or function(s) thereof) may be implemented using hardware, software, firmware, or a combination thereof and may be implemented in one or more computer systems or other processing systems.
  • FIG. 5 depicts an example computer 500, which in an exemplary embodiment may be, e.g., (but not limited to) a personal computer (PC) system running an operating system such as, e.g., (but not limited to) WINDOWS MOBlLETM for POCKET PC, or MICROSOFT® WINDOWS® NT/98/2000/XP/GE/,etc.
  • PC personal computer
  • operating system such as, e.g., (but not limited to) WINDOWS MOBlLETM for POCKET PC, or MICROSOFT® WINDOWS® NT/98/2000/XP/GE/,etc.
  • the present invention may be implemented on a computer system operating as discussed herein.
  • An exemplary computer system, computer 500 is shown in FIG. 5.
  • Other components of the invention such as, e.g., (but not limited to) a computing device, a communications device, a telephone, a personal digital assistant (PDA), a personal computer (PC), a handheld PC, client workstations, thin clients, thick clients, proxy servers, network communication servers, remote access devices, client computers, server computers, routers, web servers, data, media, audio, video, telephony or streaming technology servers, etc., may also be implemented using a computer such as that shown in FIG. 5.
  • the computer system 500 may include one or more processors, such as, e.g., but not limited to, processor(s) 504.
  • the processor(s) 504 may be connected to a communication infrastructure 506 (e.g., but not limited to, a communications bus, cross-over bar, or network, etc.).
  • a communication infrastructure 506 e.g., but not limited to, a communications bus, cross-over bar, or network, etc.
  • Various exemplary software embodiments may be described in terms of this exemplary computer system. After reading this description, it will become apparent to a person skilled in the relevant art(s) how to implement the invention using other computer systems and/or architectures.
  • Computer system 500 may include a display interface 502 that may forward, e.g., but not limited to, graphics, text, and other data, etc., from the communication infrastructure 506 (or from a frame buffer, etc., not shown) for display on the display unit 530.
  • a display interface 502 may forward, e.g., but not limited to, graphics, text, and other data, etc., from the communication infrastructure 506 (or from a frame buffer, etc., not shown) for display on the display unit 530.
  • the computer system 500 may also include, e.g., but may not be limited to, a main memory 508, random access memory (RAM), and a secondary memory 5,10, etc.
  • the secondary memory 510 may include, for example, (but not limited to) a hard disk drive 512 and/or a removable storage drive 514, representing a floppy diskette drive, a magnetic tape drive, an optical disk drive, a compact disk drive CD-ROM, etc.
  • the removable storage drive 514 may, e.g., but not limited to, read from and/or write to a removable storage unit 518 in a well known manner.
  • Removable storage unit 518 also called a program storage ( device or a computer program product, may represent, e.g., but not limited to, a floppy disk, 1 magnetic tape, optical disk, compact disk, etc. which may be read from and written to by removable storage drive 514.
  • the removable storage unit 518 may include a computer usable storage medium having stored therein computer software and/or data.
  • secondary memory 510 may include other similar devices for allowing computer programs or other instructions to be loaded into computer system 500.
  • Such devices may include, for example, a removable storage unit 522 and an interface 520. Examples of such may include a program cartridge and cartridge interface (such as, e.g., but not limited to, those found in video game devices), a removable memory chip (such as, e.g., but not limited to, an erasable programmable read only memory (EPROM), or programmable read only memory (PROM) and associated socket, and other removable storage units 522 and interfaces 520, which may allow software and data to be transferred from the removable storage unit 522 to computer system 500.
  • Computer 500 may also include an input device such as, e.gi, (but not limited to) a mouse or other pointing device such as a digitizer, and a keyboard or other data entry device (none of which are labeled).
  • Computer 500 may also include output devices, such as, e.g., (but not limited to) display 530, and display interface 502.
  • Computer 500 may include inpufoutput (I/O) devices such as, e.g., (but not limited to) communications interface 524, cable 528 and communications path 526, etc. These devices may include, e.g., but not limited to, a network interface card, and modems (neither are labeled).
  • Communications interface 524 may allow software and data to be transferred between computer system 500 and external devices.
  • communications interface 524 may include, e.g., but may not be limited to, a modem, a network interface (such as, e.g., an Ethernet card), a communications port, a Personal Computer Memory Card International Association (PCMCIA) slot and card, etc.
  • Software and data transferred via communications interface 524 may be in the form of signals 528 which may be electronic, electromagnetic, optical or other signals capable of being received by communications interface 524. These signals 528 may be provided to communications interface 524 via, e.g., but not limited to, a communications path 526(e.g., but not limited to, a channel).
  • This channel 526 may carry signals 528, which may include, e.g., but not limited to, propagated signals, and may be implemented using, e.g., but not limited to, wire or cable, fiber optics, a telephone line, a cellular link, an radio frequency (RF) link and other communications channels, etc.
  • signals 528 may include, e.g., but not limited to, propagated signals, and may be implemented using, e.g., but not limited to, wire or cable, fiber optics, a telephone line, a cellular link, an radio frequency (RF) link and other communications channels, etc.
  • signals 528 may include, e.g., but not limited to, propagated signals, and may be implemented using, e.g., but not limited to, wire or cable, fiber optics, a telephone line, a cellular link, an radio frequency (RF) link and other communications channels, etc.
  • RF radio frequency
  • computer program medium and “computer readable medium” may be used to generally refer to media such as, e.g., but not limited to removable storage drive 514, a hard disk installed in hard disk drive 512, and signals 528, etc.
  • These computer program products may provide software to computer system 500.
  • the invention may be directed to such computer program products.
  • Coupled may mean that two or more elements are in direct physical or electrical contact. However, “coupled” may also mean that two or more elements are not in direct contact with each other, but yet still co-operate or interact with each other.
  • An algorithm is here, and generally, considered to be a self-consistent sequence of acts or operations leading to a desired result. These include physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers or the like. It should be understood, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities.
  • processor may refer to any device or portion of a device that processes electronic data from registers and/or memory to transform that electronic data into other electronic data that may be stored in registers and/or memory.
  • a “computing platform” may comprise one or more processors.
  • Embodiments of the present invention may include apparatuses for performing the operations herein.
  • An apparatus may be specially constructed for the desired purposes, or it may comprise a general purpose device selectively activated or reconfigured by a program stored in the device.
  • Embodiments of the invention may be implemented in one or a combination of hardware, firmware, and software. Embodiments of the invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed by a computing platform to perform the operations described herein.
  • a machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer).
  • a machine-readable medium may include read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
  • Computer programs may; include object oriented computer programs, and may be stored in main memory 508 and/or the secondary memory 510 and/or removable storage units 514, also called computer program products. Such computer programs, when executed, may enable the computer system 500 to perform the features of the present invention as discussed herein. In particular, the computer programs, when executed, may enable the processor 504 to provide a method to resolve conflicts during data synchronization according to an exemplary embodiment of the present invention. Accordingly, such computer programs may represent controllers of the computer system 500.
  • the invention may be directed to a computer program product comprising a computer readable medium having control logic (computer software) stored therein.
  • the control logic when executed by the processor 504, may cause the processor 504 to perform the functions of the invention as described herein.
  • the software may be stored in a computer program product and loaded into computer system 500 using, e.g., but not limited to, removable storage drive 514, hard drive 512 or communications interface 524, etc.
  • the control logic when executed by the processor 504, may cause the processor 504 to perform the functions of the invention as described herein.
  • the computer software may run as a standalone software application program running atop an operating system, or may be integrated into the operating system.
  • the invention may be implemented primarily in hardware using, for example, but not limited to, hardware components such as application specific integrated circuits (ASICs), or one or more state machines, etc.
  • ASICs application specific integrated circuits
  • state machines etc.
  • the invention may be implemented primarily in firmware. ' ⁇ ⁇ . . . [00072] In yet another exemplary embodiment, the invention may be implemented using a combination of any of, e.g., but not limited to, hardware, firmware, and software, etc.
  • Exemplary embodiments of the invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed by a computing platform to perform the operations described herein.
  • a machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer).
  • a machine-readable medium may include read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
  • Wired networks include any of a wide variety of well known means for coupling voice and data communications devices together.
  • Exemplary wireless network types may include, e.g., but not limited to, code division multiple access (CDMA), spread spectrum wireless, orthogonal frequency division multiplexing (OFDM), IG, 2G, 3G wireless, Bluetooth, Infrared Data Association (IrDA), shared wireless access protocol (SWAP), "wireless fidelity” (Wi-Fi) 5 WlMAX, and other IEEE standard 802.11 -com pliant wireless local area network (LAN), 802.16-compliant wide area network (WAN), and ultrawideband (UWB), etc.
  • CDMA code division multiple access
  • OFDM orthogonal frequency division multiplexing
  • IG orthogonal frequency division multiplexing
  • 2G 2G
  • 3G wireless Bluetooth
  • IrDA Infrared Data Association
  • SWAP shared wireless access protocol
  • Wi-Fi wireless fidelity 5 WlMAX
  • Wi-Fi wireless local area network
  • WAN wide area network
  • UWB ultrawideband
  • Bluetooth is an emerging wireless technology promising to unify several wireless technologies for use in low power radio frequency (RJF) networks.
  • RJF radio frequency
  • IrDA is a standard method for devices to communicate using infrared light pulses, as promulgated by the Infrared Data Association from which the standard gets its name. Since IrDA devices use infrared light, they may depend on being in line of sight with each other.
  • WLANs examples include a shared wireless access protocol (SWAP) developed by Home radio frequency (HomeRF), and wireless fidelity (Wi-Fi), a derivative of IEEE 802.11, advocated by the wireless ethernet compatibility alliance (WECA).
  • SWAP shared wireless access protocol
  • Wi-Fi wireless fidelity
  • WECA wireless ethernet compatibility alliance
  • the IEEE 802.11 wireless LAN standard refers to various technologies that adhere to one or more of various wireless LAN standards.
  • An IEEE 802.11 compliant wireless LAN may comply with any of one or more of the various IEEE 802.11 wireless LAN standards including, e.g., but not limited to, wireless LANs compliant with IEEE std. 802.1 1a, b, d or g, such as, e.g., but not limited to, IEEE std. 802.11 a, b, d and g,(including, e.g., but not limited to IEEE 802.1 lg-2003, etc.), etc.
  • FIG. 6 depicts an exemplary embodiment of a diagram 600 illustrating a legacy backend infrastructure including a user seated at a client 602, via a portal 604 accessing various stove pipe applications 608 by authenticating through exemplary security application 606, to access exemplary business applications 608 including, in an exemplary embodiment, online publications, task tracking, medical(MED), military evaluations (MTL EVA), awards and decorations (AWDS DECS), accessing via integrated infrastructure 609 applications such as, e.g., but not limited to, digital signatures (DIGSIG), reports (REPORT), forms engine, messaging application (MSG), machine to machine and/or person to person workflow (WF), content management (CM), records management (RM), and to access via integration engine 610, external data repositories 612, and external business applications 614.
  • DIGSIG digital signatures
  • REPORT forms engine
  • MSG messaging application
  • WF machine to machine and/or person to person workflow
  • CM content management
  • RM records management
  • integration engine 610 external data repositorie
  • FIG. 7 depicts another exemplary embodiment of a diagram 700 illustrating another exemplary legacy backend infrastructure including a user which may be seated at an exemplary client device 602, accessing, via a portal 604, various exemplary stove pipe applications provided via integration framework 702 including by authenticating through exemplary security application 606, to access exemplary business applications 608 including, in an exemplary embodiment, electronic publishing authoring tool for creation, revision of organizational publications (E-PUBS Studio), enlisted/officer evaluation system (EES OES), publication management information system (PMIS), task management tracking including correspondence management and action tracking such as, e.g., but not limited to, how to repair something like an engine, etc., awards and decorations (AWDS DECS), accessing via integrated infrastructure 609 applications such as, e.g., but not limited to, reporting (REPORT) 5 Publish, IBM Workplace Forms application, previously (Pure Edge), also known as IBM Lotus Forms, document management (DM), messaging application (MSG), workflow (WF), collaboration and collaborative authoring (CA), records management (
  • FIG. 8 depicts a diagram 800 illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form 802 .having various fields, including, e.g., but not limited to, authentication, approvals, etc.
  • exemplary button 804 may be provided, in an exemplary embodiment to save the contents of the form, in one exemplary embodiment.
  • exemplary button 806 may be provided, in an exemplary embodiment to provide a save as function, allowing saving of the contents of the form at a user designated location, in one exemplary embodiment.
  • exemplary button 808 may be provided, in an exemplary embodiment to print the contents of the form, in one exemplary embodiment.
  • exemplary button 810 may be provided, in an exemplary embodiment to electronically send the contents of the form, in one exemplary embodiment.
  • exemplary button 812 may be provided, in an exemplary embodiment to provide a wizard functionality, which may prompt the user through filling out the form and performing an exemplary step of an automated business process, in one exemplary embodiment.
  • exemplary button 814 may be provided, in an exemplary embodiment to allow the user to move forward to a next step of the business process, in one exemplary embodiment.
  • exemplary checkbox 816 may be provided, in an exemplary embodiment, to permit a user to edit the component, in one exemplary embodiment.
  • some fields may be free form text fields, or intelligent fields, which may require entry in a particular format, as well as validation of entries, such as, e.g., but not limited to, administrative data fields, Name, SSN, Rank, Date of Rank, Branch, unit/org/station/zip code or APO/major command, status code, reason for submission, period covered dates, rated months, number of enclosures 1 , rated officers' AKO email address, UTC, CMD code, PSB code, name of rater, ssn, rank, position, signature field, date, senior rater's organization, branch senior rater telephone number, e-mail address, comments, signature of rated officer, date, duty description fields, principal duty title, position AOC/' BR, significant duties and responsibilities, etc.
  • Other functions may be provided for the form such as, e.g., but not limited to, zoom, spell check, help, information, configure,- open, save, and save as, etc.
  • FIG. 9 depicts a diagram 900 illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form 802 having various fields, including, e.g., but not limited to, authentication, approvals, etc.
  • a forms wizard feature may include an auto-fill capability to auto-fill fields from other databases such as, e.g., but not limited to, army databases.
  • a rated officer's identifier such as, e.g., but not limited to, a social security number (SSN) may be used, entered, and/or a rated officers' lastname (or subset such as, e.g., but not limited to, the last two letters may be entered).
  • SSN social security number
  • a rated officers' lastname or subset such as, e.g., but not limited to, the last two letters may be entered.
  • an exemplary notebook tab paradigm, user interface may be used for an exemplary officer evaluation form. Once a user selects to create an evaluation, according to an exemplary embodiment, a user may then choose to manually enter a rated soldier'si administrative data, or may choose to automatically populate the soldier's administrative data by searching a database to prefill fields.
  • a vertical tab 902 may be associated with a notebook page as shown for user selection of a method of data entry for a rated soldier.
  • Other vertical tabs shown, in an exemplary embodiment, may include 1 a tab 906 which may include representing administrative data for a rated soldier such as, e.g., but not limited to, name, rank, date of rank, unit, org., station, zip code, rated officer's AKO email address, etc., a tab 908 providing continued administrative data such as, e.g., but not limited to, demographics and administrative data, a tab 910 which may include providing data entry for a rating chain such as, e.g., but not limited to, life cycle workflow, a tab 912 which may include providing an authorized (auth) rating chain such as, e.g., but not limited to, a, new direct reporting management/reporting officer, etc., a tab 914 which may include providing duty description (DES) such as, e.g., a
  • DES duty description
  • a person in a rating chain may begin with the person who is being rated, and then every person who rates that person, including those in a reporting structure, and administrative people who may make sure that thfe form is getting to the next person in the chain.
  • a rater may be the first person who rates, such as a lieutenant
  • the second person is called an inter-rater and might be, e.g., a captain
  • the third person is called a senior rater, and might be, e.g., a lieutenant colonel, for example.
  • Button 916 may be used, in an exemplary embodiment to view a form. Other buttons may be included such as, e.g., but not limited to, previous, and next (not shown).
  • a tab 918 which may include rater actions such as, e.g., but not limited to, a lieutenant, providing a performance evaluation, etc.
  • a tab 920 which may include providing inter rater actions such as, e.g., but not limited to, an intermediate level rater such as captain
  • a tab 922 which may include providing senior rater actions such as, e.g., but not limited to, a senior level rater such as lieutenant colonel
  • a tab 924 which may include providing rated soldier information such as, e.g., but not limited to, demographics, statistics, health, medical, performance, etc.
  • a tab 926 which may include providing enclosures such as, e.g., but not limited to, related data, files, correspondence, links, correspondence, communications,etc, in one exemplary embodiment.
  • Administrative data may include, e.g., name, rank, date of rank, unit, org, station, zip code, APC, rated officer's AKO email address, drop down lists to populate fields, etc.
  • regulatory business logic e.g., regulatory business logic may be implemented such as, e.g.,but not limited to, army physical fitness, height/weight data, such as army fitness pass or fail test (APFT), date of report, height, weight, etc., officer development, tasks recorded, counseling conducted, etc.
  • FlG. 10 depicts a diagram 1000 illustrating an exemplary portal as may be provided according to an exemplary embodiment including an exemplary graphical user interface including an exemplary number of file folder tabs.
  • the portal may provide a view to a given user such as, e.g., a personalized view, depending on security/access rights/ level/position, etc., of a universal workspace.
  • a view to a given user such as, e.g., a personalized view, depending on security/access rights/ level/position, etc., of a universal workspace.
  • various data may be shown, as reflected in the illustration.
  • An exemplary portal may include, e.g., but not limited to, a form finder search, an inbox for incoming forms to be acted on, tracking, drafts, favorites, templates and/or routing, etc.
  • a plurality of file folder tabs may include, e.g., but may not be limited to, an inbox tab 1002, a welcome tab 1004, a drafts tab 1006, a favorites tab 1008, a recycle bin 1010, an admin tab 1012, a help tab 1014.
  • a form finder 1016 by, e.g., but not limited to, an exemplary form number search field 1018, a form title field 1020, using search button 1022, search by range button 1024, or via a non-PureEdge forms 1026.
  • one or more forms may be listed using forms tab 1030, in one or more folders, which may be viewed using folders tab 1032. In the exemplary embodiment shown, 12 forms and 2 folders are shown. If one of the forms is selected via a checkbox on the left of a listed form, then form action buttons 1034-1048 to the left of the forms list may be activated.
  • the forms action buttons 1034- 1048 may include, in an exemplary embodiment, an addto button 1034, a history button 1036, a rename button 1038, a copy button 1042, a delete button 1044, a route slip 1046, and a special tasks selectable function 1048, which in an exemplary embodiment, may be used to provide, e.g., but not limited to, communication, workflow, security, printing, inputting, outputting, processing, document and forms related tasks, and may include other functionality such as, e.g., but not limited to, Silanis TM Approve-lt software for digital signatures, etc..
  • a selection box may be provided, a title 1050 for the form, a form type 1052, a routed user 1054, which may be an email address according to an exemplary embodiment, an action date 1056, which may include the last date upon which a form has been acted upon, a suspend date 1058, which may be a deadline date for a user to act on the form, according to an exemplary embodiment.
  • FIG. 1 1 depicts an exemplary embodiment of an exemplary use of a self-aware secure object, according to an exemplary embodiment, including a diagram 1100 illustrating an exemplary self-aware secure object 1102a being interactively accessed by a user by client 602, e.g., but not limited to, via a portal 604.
  • the self-aware secure object 1102a may access various legacy systems, e.g., but not limited to, for accessing data from various legacy stove pipe applications 608 by authenticating through exemplary security application 606.
  • the client application may access exemplary business applications 608 including, in an exemplary embodiment, online publications, task tracking, medical (MED), military evaluation (MIL EVAL), awards and decorations (AWDS DECS), may access via integrated infrastructure 609 applications such as, e.g., but not limited to, digital signatures (DIGSIG), reporting (REPORT), forms engine, messaging application (MSG), workflow (WF), content manager (CM), record manager (RM), and may access via integration engine 610, external data repositories 612, and external business applications 614.
  • integrated infrastructure 609 applications such as, e.g., but not limited to, digital signatures (DIGSIG), reporting (REPORT), forms engine, messaging application (MSG), workflow (WF), content manager (CM), record manager (RM), and may access via integration engine 610, external data repositories 612, and external business applications 614.
  • self-aware secure object 1102 may in a distributed manner access external business applications 614 via self-aware secure object 1102b, as ' shown, or external data repositories 612 via self-aware secure object 1102c, as shown, in an exemplary embodiment.
  • self-aware secure object 1 102 can be used in an offline, disconnected mode as a standalone application, for example. Since the application includes 80% of the logic of a traditional form, the object 1102 may be executed with a substantial amount of functionality in disconnected mode. However, once the secure object is connected, the object 1102 may authenticate via security 1,104, and may access resources such as business applications 608, integrated infrastructure 6 ⁇ 9, external business applications 614, and data repositories 612.
  • the self-aware secure object 1102 may include about
  • the self-aware secure object 1102 may include, in an exemplary embodiment, compression, security, portability, and intelligent workflow.
  • the object 1102 may include compression.
  • the object may be compressed when transmitted such as, when transmitted from one device to another.
  • the viewer also may be compressed. For example, when a user wishes to access or view the object 1102, it may download the viewer to a client device. To be bandwidth efficient, the viewer may be compressed.
  • the object 1102 may include security.
  • the object may include security, which may require security authentication to access the object 1102, for example.
  • security 1104 when the client device containing the object 1102 is introduced into the network, security 1104, may be used to ensure that no viruses are provided to other devices which may access the device 602.
  • the device 602 and object 1102 may be security' aware and as part of a peer to peer network may be capable quarantining itself when malicious code such as a virus is found. An exemplary quarantining process is set forth and described further below with reference to FIGs. 13A and 13B.
  • the self-aware object 1 102 may be adapted for portability.
  • the object 1102 may be designed to be small in storage size for ease of transfer and storage.
  • the object 1 102 may be, for example, adapted for use with a mobile device, such as, e.g., but not limited to a mobile telephony device, a mobile telephone, a cellular phone, etc., a personal digital assistant (PDA), a blackberry.
  • PDA personal digital assistant
  • the object 1102 may be adapted, in an exemplary embodiment, for operation in either a connected mode and/or an unconnected mode.
  • the self-aware object 1102 may be adapted for providing intelligent workflow.
  • the self-aware object 1 102 may be adapted to know when the device on which the object is executed, is in a connected mode, or in an unconnected mode.
  • the object 1102, in an exemplary embodiment may behave differently depending on the connected/disconnected status which is self identified.
  • the self-aware object 1 102 may know the steps of the business process workflow and may enforce the business process by prompting the user to perform the next step of the business process.
  • the intelligence of the self-aware object 1102 also tracks the performance of the different steps of the workflow including requiring any authentication or validation as well as requiring any accountability.
  • the self-aware object 1 102 may in a distributed, disconnected manner, and/or in a peer-to-peer communications manner, may allow and/or enforce the steps of the workflow. As estimated, the self-aware object 1 102 may include about 80% of the business logic necessary to perform the process workflow.
  • the portal 604 when in a connected mode, for example, and/or when the self-aware object 1102 is being viewed via a portal 604, then the remaining about 20% of the business logic to perform the process workflow may be obtained.
  • the portal 604 may include a common user workspace, and may a web- based interface in an exemplary embodiment.
  • the portal 604, in an exemplary embodiment, may include an inbox for communications, a tracking capability for tracking the status of various forms and/or business processes that are being performed. See FlG. 10 for an exemplary portal interface 604.
  • the portal 604 may appear differently depending upon what device the portal 604 is being viewed. Interfaces may be tailored for different devices to improve readability on a given device 602.
  • the self-aware object 1102 may be approximately 10MB in size, or less, for portability purposes.
  • the viewer may be embedded in the self-aware object 1102 in one exemplary embodiment.
  • the object may also be resident on a portable device such as, e.g., but not limited to, a portable and/or mobile device.
  • the portable device 602 may be a device that communicates in a low bandwidth environment. For example, steps to be performed in a business process related to, e.g., but not limited to, an immigration form, may be transmitted to a mobile telephone or PDA and thus the size of the object as well as communications transmission bandwidth size may be desired to be small to accommodate available resources.
  • the object 1102 in an connected mode may be adapted to be coupled to a backend system, which may, e.g., but not limited to, provide access to legacy systems, external data sources and repositories, for example.
  • FIG. 12 depicts another exemplary embodiment of a diagram 1200 illustrating another exemplary backend infrastructure including a user which may beiseated (or ambulatory) at an exemplary client device 602, accessing, via a portal 604, which may be tailored to device 602, various exemplary applications which may include the self-aware portable intelligent object 1102.
  • object 1102 may include a PureEdge, or IBM Workplace Forms, or IBM Lotus forms application which are available from IBM Corporation of Armonk, NY USA, which may provide the following exemplary, but non-limiting functionality form technology and communication capabilities.
  • the object 1 102 may include forms, may include data which may be in extensible markup language (XML) format, may include presentation layer (PRES) of the systems network architecture, which may provide the following exemplary functionality, a graphical user interface (GUI), may include business logic such as, e.g., but not limited to, business process logic, workflow, communication, etc., may include data of various exemplary types including, e.g., but not limited to, inputted form data, time stamp data, business logic tracking data, workflow, etc., and/or may include digital signature, or other authentication tools such as biometrics, passwords, security, authentication, hashing, validation, etc..
  • XML extensible markup language
  • PRES presentation layer
  • GUI graphical user interface
  • business logic such as, e.g., but not limited to, business process logic, workflow, communication, etc.
  • data of various exemplary types including, e.g., but not limited to, inputted form data, time stamp data, business logic tracking data, workflow, etc., and
  • Diagram 1200 may further include, in an exemplary embodiment, backend infrastructure tools 609 such as, e.g., but not limited to, an IBM Content Manager (CM) Suite such as IBM CM Suite, V. 4.0, available from IBM of Armonk, NY, USA, which may include, e.g., but not limited to, a database application, such as, e.g., but not limited to, DB2, a content manager, such as, e.g., but not limited to, IBM Content Manager (CM), a content management tool, such as, e.g., but not limited to, records manager (RJM), a IBM content manager, such as, e.g., but not limited to, IBM MQ application, an enterprise application , such as, e.g., but not limited to, IBM Websphere portal server (WPS), a web based portal server, such as, e.g., but not limited to, IBM Document Manager (DM) for Air Force (AF), an access and/or network management tool/ manager, such as
  • the backend infrastructure 609 may access legacy applications via a legacy application access application such as, e.g., but not limited to, an integration framework 702 including, e.g., but not limited to, IBM information integrator application (I1CE), available from IBM Corporation of Armonk, NY USA, for accessing exemplary business applications 608, 612, 614, for example.
  • a legacy application access application such as, e.g., but not limited to, an integration framework 702 including, e.g., but not limited to, IBM information integrator application (I1CE), available from IBM Corporation of Armonk, NY USA, for accessing exemplary business applications 608, 612, 614, for example.
  • I1CE IBM information integrator application
  • FIG. 13A illustrates an exemplary embodiment of an exemplary network environment, where devices 602a, 602b, etc.
  • FIG. 13A depicts exemplary device 602a shown in communication with enclave server 1302, as are all other devices.
  • Device 602a when connecting to the network may register itself with enclave server 1302. Since device 602a includes a secure self-aware object 1102, if the self-aware object 1102 identifies that it has been tampered with in some way, it may notify enclave server 1302 as shown in FIG. 13B.
  • device 602a may be quarantined 1304 by enclave server 1302, and may be prevented from communicating with any of the remaining devices 602.
  • FIG. 14 depicts another exemplary embodiment of a diagram 1400 illustrating an exemplary Trust component architecture including, in an exemplary embodiment, an exemplary client device 602, accessing, via a portal 604, an enclave application 1402.
  • the client device 602 as shown in an exemplary embodiment, coupled to a realm controller 1302.
  • the realm controller 1302 may communicate in various ways. Exemplary communications, according to an exemplary embodiment, may include, e.g., but not limited to, email, pager or other notifications, policy compliance reports, composite reports, trouble tickets, discovery and vulnerability scanning, external data feeds, directory services, event management systems, etc.
  • realm controller 1302 may communicate with readiness managers 1404 via connection trust data security, via agent core communications 1420, and/or application firewall 1418, to device trust 1406, restoration/remediation 1408, integrity 1410, active quarantine 1412, intrusion detection 1414, and/or system availability 1416, etc.
  • FlG. 15 depicts a diagram 1500, of an exemplary embodiment, illustrating a breakdown of relative embedded program logic between object 1102 and portal 604, according to an exemplary embodiment of the present invention.
  • the object may be XML based with 80% of the logic embedded within and understands workflow.
  • the object may be compressed, and the viewer may be embedded and compressed within the object.
  • the object may be encrypted and may be secure, especially regarding introduction to a network.
  • the object may be adapted for use connected to a network, or unconnected to a network.
  • the object may be adapted for portable devices (such as, but not limited to, e.g. mobile phones, personal digital assistants (PDA), windows-enabled PDAs, RIM Blackberry, etc.).
  • PDA personal digital assistants
  • RIM Blackberry etc.
  • the object may include a intelligent self-aware workflow where the object may know if it is connected to a network, aware if it is comprised by a virus, knows the steps of a workflow, enables accountability, and/or creates timestamps of actions.
  • the intelligent self-aware workflow may exist as part of a business process, but not as part of the object.
  • the object may also be communication capable, capable of tieing into legacy databases when connected to a legacy system and capable of peer to peer communication when connected to peer systems.
  • the portal may be a common user workspace including the remaining approximate 20% logic, having an inbox and tracking. Of course more or less logic may be included, however, this illustrates an exemplary system.
  • a portal may provide 20% of functionality, including, e.g., but not limited to, a common user workspace, an Inbox, and Tracking capabilities.
  • an object may provide 80% of functionality, including, e.g., but not limited to, a viewer (embedded) of e.g., but not limited to about 10MB or less, portability, could be used (e.g., for immigration forms), may be used in a low bandwidth environment, may be coupled to backend systems such as, e.g., but not limited to, legacy, and/or systems.
  • the portal may adjust depending upon where the object is being viewed.

Abstract

A system, method and computer program product for managing a form-based business process workflow using an electronic form comprising: managing the workflow using the electronic form, wherein the electronic form comprises an intelligent, portable, self-aware, secure object is disclosed.

Description

SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PROVIDING AN INTELLIGENT, PORTABLE, SELF-AWARE, SECURE OBJECT
Cross-Reference to Related Application
[0001] This application is a Patent Cooperation Treaty (PCT) application claiming priority to related U.S. Provisional Patent Application Serial No. 60/838,864, entitled "SYSTEM, METHOD, AND COMPUTER PROGRAM PRODUCT FOR PROVIDING AN INTELLIGENT, PORTABLE, SELF-AWARE, SECURE OBJECT," filed August 21, 2006, to LYMAN, Bruce K., of common assignee to the present invention, the contents of which are incorporated herein by reference in their entireties.
Background of the Invention Field of the Invention
[0002] The present invention relates generally to business process automation, and more particularly to forms automation systems for business process automation.
RelatedArt
[0003] The business world and government have conventionally approached business process automation one business process at a time. Data processing applications conventionally were independent systems which did not communicate with one another. Process Re- engineering efforts have taken a single business process and attempted to automate steps within the process, yielding an automation system that then must be phased into use and ultimately maintained. The conventional cycle time of business process automation has been very long. Much of the business process automation time involves systems integration, which refers to getting different systems to interoperate. Thus, conventionally, interoperability was a large impediment to increased cycle time for business process automation.
[0004] Conventional solutions have often placed Internet web-based interfaces on legacy mainframe based systems.
[0005] What are needed are improved business process automation systems which may shorten business process automation cycle time. Summary of the Invention
[0006] In an exemplary embodiment of the present invention a system, method and computer program product for managing a business process workflow is disclosed. [0007] An exemplary embodiment may include a method for managing a form-based business process workflow using an electronic form may include: managing the workflow using the electronic form, wherein the electronic form may include an intelligent, portable, self-aware, secure object. [0008] An exemplary embodiment may include where the intelligent object may include embedded workflow characteristics. [0009] An exemplary embodiment may include where the intelligent object may include incorporating approximately 80% of an associated business process in the object. [00010] An exemplary embodiment may include where the object is self contained.
[00011] An exemplary embodiment may include where the managing the self-aware object may include at least one of: managing whether the objected is connected or unconnected; managing network connectivity of the object; managing whether a user of the object is on network or off network; and/or managing communication with a recipient. [00012] An exemplary embodiment may include where the managing the secure object may include at least one of: managing security; detecting tampering; managing access to the secure object; managing peer-to-peer communications between a plurality of the secure objects; providing visibility to another secure object in a peer-to-peer communications manner; encrypting the object; compressing the object; enabling viewing without decompressing; using innerwall/enclave; requiring authentication via biometrics; requiring user security validation and/or authentication; requiring user password authentication; and/or managing visibility of the secure object to peers. [00013] An exemplary embodiment may include where the managing the object further may include: encrypting the object. ' '
[00014] An exemplary embodiment may include where the managing the secure object may include at least one of: using innerwall/enclave to ... [00015] An exemplary embodiment may include where the managing the object further may include: compressing the object. [00016] An exemplary embodiment may include where the managing the object further may include at least one of: requiring user authentication; and/or requiring user authentication using at least one of a password; and/or a biometrics.
[00017] An exemplary embodiment may include where the object may include at least one of: an extensible markup language (XML) object; a software object; an applet; an application; an electronic form; and/or an executable object.
[00018] An exemplary embodiment may include where the managing the workflow may include at least one of: a process; a business workflow; a governmental workflow; an agency workflow; an administrative agency workflow; a defense department agency workflow; an armed services workflow; an immigration agency workflow; a defense agency workflow; a department of motor vehicles based workflow; a voting workflow; a federal government agency workflow; a state government agency workflow; a county government agency workflow; a city government agency workflow; a municipal government agency workflow; and/or a forms-based workflow.
[00019] An exemplary embodiment may further include managing peer-to-peer communication; managing security of the object; and managing workflow steps.
[00020] An exemplary embodiment may further include at least one of: managing upload transfers from the object to legacy systems; managing bandwidth related transactions; and/or managing legacy database relational transactions.
[00021] An exemplary embodiment may include where the upload transfers comprise a remaining 20% of workflow processing.
[00022] An exemplary embodiment may further include self tracking the object; tracking completion of the workflow; tracking workflow authorizations; seeking any necessary approval; seeking any transfers from and/or to another user; tracking what was performed, who performed it, and when it was performed; and/or tracking timestamps.
[00023] An exemplary embodiment may further include providing a viewer for access to the object; providing a version tailored for a portable device including at least one of a personal computer, a personal digital assistant, a mobile phone, and/or a mobile device; providing access in a low bandwidth environment; providing coupling to a backend system; and/or providing a portal for access to the object.
[00024] An exemplary embodiment may include a system, which may include an intelligent, portable, self-aware, secure object adapted to be placed on a portable device. [00025] An exemplary embodiment may further include a viewer operative to view contents of the object. [00026] An exemplary embodiment may include where the viewer is an embedded viewer, downloadable along with the object. [00027] An exemplary embodiment may further include a portal operative to provide user interactive access to the object via a browser. [00028] An exemplary embodiment may include where the browser may include an Internet web browser. [00029] An exemplary embodiment may include where the object is adapted to be coupled via a communications link to legacy systems. [00030] An exemplary embodiment may include where the object is capable of peer-to-peer distributed communication in at least a low bandwidth environment. [00031] Further features and advantages of the invention, as well as the structure and operation of various embodiments of the invention, are described in detail below with reference to the accompanying drawings.
Brief Description of the Drawings
[00032] The foregoing and other features and advantages of the invention will be apparent from the following, more particular description of a preferred embodiment of the invention, as illustrated in the accompanying drawings wherein like reference numbers generally indicate identical, functionally similar, and/or structurally similar elements. The left most digits in the corresponding reference number indicate the drawing in which an element first appears.
[00033] FIG.l depicts an exemplary process flow diagram illustrating an exemplary embodiment of an exemplary conventional business process automation process, which may include identifying a business process, defining a solution, developing a technical solution, purchasing infrastructure, integrating technology, deploying a phase I of the automated process; deploying a phase II, deploying local, and finally, providing full operational capability,' according to an exemplary embodiment;
[00034] FIG. 2 depicts an exemplary process flow diagram illustrating an exemplary embodiment of a plurality of exemplary conventional business process automation processes, each of which may include identifying a business process, defining a solution, developing a technical solution, purchasing infrastructure, integrating technology, deploying a phase I of the
A- automated process; deploying a phase I], deploying local, and finally, providing full operational capability, according to an exemplary embodiment;
[00035] FIG. 3 depicts an exemplary improved process flow diagram illustrating an exemplary embodiment of an improved exemplary service oriented architecture business process automation process, which may .include, e.g., but not limited to, identifying a. business process, defining a solution, building a solution, and providing full operational capability, according to an exemplary embodiment of the invention;
[00036] FIG- 4 depicts an exemplary improved process flow diagram illustrating an exemplary embodiment of applying the improved service oriented architecture to two independent business processes;
[00037] FIG. 5 depicts an exemplary embodiment of a computer system as may be used in implementing an exemplary embodiment of the present invention;
[00038] FIG. 6 depicts an exemplary embodiment of a diagram illustrating a legacy backend infrastructure including, a user seated at a client, via a portal accessing various exemplary applications by authenticating through exemplary security application, to access exemplary business applications and to access via integration engine, external data repositories, and external business applications;
[00039] FIG. 7 depicts another exemplary embodiment of a diagram illustrating another exemplary legacy backend infrastructure including a user which may be seated at an exemplary client device, accessing, via a portal, various exemplary stove pipe applications provided via integration framework including by authenticating through exemplary security application, to access exemplary business applications and to access via integration engine and the integration framework, external data repositories, and external business applications;
[00040] FIG. 8 depicts a diagram illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form having various fields, including, e.g., authentication, approvals, among others;
[00041] FIG. 9 depicts a diagram illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form having various exemplary fields; [00042] FIG. 10 depicts a diagram illustrating an exemplary portal as may be provided according to an exemplary embodiment including an exemplary graphical user interface including an exemplary number of file folder tabs;
[00043] FIG. 1 1 depicts an exemplary embodiment of an exemplary use of a self-aware secure object, according to an exemplary embodiment, including a diagram illustrating an exemplary self-aware secure object being interactively accessed by a user by client, via a portal;
[00044] FIG. 12 depicts another exemplary embodiment of a diagram illustrating another exemplary backend infrastructure including a user which may be seated (or ambulatory) at an exemplary client device, accessing, via a portal, which may be tailored to a device, various exemplary applications which may include the self-aware portable intelligent object;
[00045] FlGs. 13A and 13B set forth an exemplary quarantining process, according to an exemplary embodiment of the present invention;
[00046] FIG. 14 depicts another exemplary embodiment of a diagram illustrating an exemplary Trust component architecture including, in an exemplary embodiment, an exemplary client device, accessing, via a portal, an enclave application; and
[00047] FIG. 15 depicts a diagram, of an exemplary embodiment, illustrating a breakdown of relative embedded program logic between object and portal, according to an exemplary embodiment of the present invention.
Detailed Description of Exemplary Embodiments of the Present Invention
[00048] Various exemplary embodiments, including preferred embodiments of the invention, are discussed in detail below. While specific exemplary embodiments are discussed, it should be understood that this is done for illustration purposes only. A person skilled in the relevant art will recognize that other components and configurations can be used without parting from the spirit and scope of the invention.
Overview of an Exemplary Embodiment of the Invention
[00049] FIG. 1 depicts an exemplary process flow diagram 100 illustrating an exemplary embodiment of a conventional business process automation process which may include identifying a business process 102, defining a solution 104, developing a technical solution 106, purchasing infrastructure 108, integrating technology 110, deploying a phase I 1 12 of the automated process; deploying a phase II 114, deploying locals 116, and finally, providing full operational capability, according to an exemplary embodiment of the invention. Unfortunately, the conventional process is lengthy and requires extensive systems integration and testing.
[00050] FIG. 2 depicts an exemplary process flow diagram 200 illustrating an exemplary embodiment of a plurality (two or more) exemplary conventional business process automation processes, which may include identifying a business process 102a, 102b, defining a solution 104a, 104b, developing a technical solution 106a, 106b, purchasing infrastructure 108a, 108b, integrating technology HOa, 110b, deploying a phase I of the automated process 112a, 1 12b; deploying a phase II 114a, 114b, deploying local 116a, 116b, and finally, providing full operational capability 118a, 1 18b, according to an exemplary embodiment of the invention. As discussed above with reference to FIG. 1, the conventional process is lengthy and requires extensive systems integration and testing. As shown, the conventional process when applied to two separate processes is redundant and thus may take an even longer time to complete, as the whole process must be performed for each of the two business processes being automated. What is needed is a shorting business process automation system which may result in a shorter business process automation cycle time.
[00051] FIG. 3 depicts an exemplary improved process flow diagram 300 illustrating an exemplary embodiment of an improved exemplary service oriented architecture business process automation process, which may include, e.g., but not limited to, identifying a business process 302, defining a solution 304, building a solution 306, and providing full operational capability 308, according to an exemplary embodiment of the invention. As shown, compared to the business process automation process 100 of FIG. 1, the improved service oriented architecture business method process automation 300 is much more efficient and completes a cycle in record time.
[00052] FIG. 4 depicts an exemplary improved process flow diagram 400 illustrating an exemplary embodiment of applying the improved service oriented architecture to two independent business processes. As illustrated in diagram 400, an improved exemplary service oriented architecture business process automation process is depicted, which may include, e.g., but not limited to, identifying a business process 302a, 302b, defining a solution 304a, 304b, building a solution 306a, 306b, and providing full operational capability 308a, 308b, according to an exemplary embodiment of the invention. As shown, compared to the business process automation process 100 of FIG. 1, the improved service oriented architecture business method process automation 300 is much more efficient and allows the two business processes to be automated in a much shorter time than the automation of the two processes shown in FIG. 2. FIG. 5 depicts an exemplary embodiment of a computer system that may be used in computing devices such as, e.g., but not limited to, client or server devices according to an exemplary embodiment of the present invention. FIG. S depicts an exemplary embodiment of a computer system that may be used as client device 108, or a server device (not shown), etc. The present invention (or any part(s) or function(s) thereof) may be implemented using hardware, software, firmware, or a combination thereof and may be implemented in one or more computer systems or other processing systems. In fact, in one exemplary embodiment, the invention may be directed toward one or more computer systems capable of carrying out the functionality described herein. An example of a computer system 500 is shown in FIG. 5, depicting an exemplary embodiment of a block diagram of an exemplary computer system useful for implementing the present invention. Specifically, FIG. 5 illustrates an example computer 500, which in an exemplary embodiment may be, e.g., (but not limited to) a personal computer (PC) system running an operating system such as, e.g., (but not limited to) WINDOWS MOBlLETM for POCKET PC, or MICROSOFT® WINDOWS® NT/98/2000/XP/GE/,etc. available from MICROSOFT® Corporation of Redmond, WA, U.S.A., SOLARIS® from SUN® Microsystems of Santa Clara, CA, U.S.A., OS/2 from IBM® Corporation of Armonk, NY5 U.S.A., Mac/OS from APPLE® Corporation of Cupertino, CA, U.S.A., etc., or any of various versions of UNIX® (a trademark of the Open Group of San Francisco, CA, USA) including, e.g., LINUX®, HPUX®, IBM AIX®, and SCO/UNIX®, etc. However, the inventioni may not be limited to these platforms. Instead, the invention may be implemented on any appropriate computer system running any appropriate operating system. In one exemplary embodiment, the present invention may be implemented on a computer system operating as discussed herein. An exemplary computer system, computer 500 is shown in FIG. 5. Other components of the invention, such as, e.g., (but not limited to) a computing device, a communications device, a telephone, a personal digital assistant (PDA), a personal computer (PC), a handheld PC, client workstations, thin clients, thick clients, proxy servers, network communication servers, remote access devices, client computers, server computers, routers, web servers, data, media, audio, video, telephony or streaming technology servers, etc., may also be implemented using a computer such as that shown in FIG. 5. [00054] The computer system 500 may include one or more processors, such as, e.g., but not limited to, processor(s) 504. The processor(s) 504 may be connected to a communication infrastructure 506 (e.g., but not limited to, a communications bus, cross-over bar, or network, etc.). Various exemplary software embodiments may be described in terms of this exemplary computer system. After reading this description, it will become apparent to a person skilled in the relevant art(s) how to implement the invention using other computer systems and/or architectures.
[00055] Computer system 500 may include a display interface 502 that may forward, e.g., but not limited to, graphics, text, and other data, etc., from the communication infrastructure 506 (or from a frame buffer, etc., not shown) for display on the display unit 530.
[00056] The computer system 500 may also include, e.g., but may not be limited to, a main memory 508, random access memory (RAM), and a secondary memory 5,10, etc. The secondary memory 510 may include, for example, (but not limited to) a hard disk drive 512 and/or a removable storage drive 514, representing a floppy diskette drive, a magnetic tape drive, an optical disk drive, a compact disk drive CD-ROM, etc. The removable storage drive 514 may, e.g., but not limited to, read from and/or write to a removable storage unit 518 in a well known manner. Removable storage unit 518, also called a program storage( device or a computer program product, may represent, e.g., but not limited to, a floppy disk,1 magnetic tape, optical disk, compact disk, etc. which may be read from and written to by removable storage drive 514. As will be appreciated, the removable storage unit 518 may include a computer usable storage medium having stored therein computer software and/or data.
[00057] In alternative exemplary embodiments, secondary memory 510 may include other similar devices for allowing computer programs or other instructions to be loaded into computer system 500. Such devices may include, for example, a removable storage unit 522 and an interface 520. Examples of such may include a program cartridge and cartridge interface (such as, e.g., but not limited to, those found in video game devices), a removable memory chip (such as, e.g., but not limited to, an erasable programmable read only memory (EPROM), or programmable read only memory (PROM) and associated socket, and other removable storage units 522 and interfaces 520, which may allow software and data to be transferred from the removable storage unit 522 to computer system 500. [00058] Computer 500 may also include an input device such as, e.gi, (but not limited to) a mouse or other pointing device such as a digitizer, and a keyboard or other data entry device (none of which are labeled).
[00059] Computer 500 may also include output devices, such as, e.g., (but not limited to) display 530, and display interface 502. Computer 500 may include inpufoutput (I/O) devices such as, e.g., (but not limited to) communications interface 524, cable 528 and communications path 526, etc. These devices may include, e.g., but not limited to, a network interface card, and modems (neither are labeled). Communications interface 524 may allow software and data to be transferred between computer system 500 and external devices. Examples of communications interface 524 may include, e.g., but may not be limited to, a modem, a network interface (such as, e.g., an Ethernet card), a communications port, a Personal Computer Memory Card International Association (PCMCIA) slot and card, etc. Software and data transferred via communications interface 524 may be in the form of signals 528 which may be electronic, electromagnetic, optical or other signals capable of being received by communications interface 524. These signals 528 may be provided to communications interface 524 via, e.g., but not limited to, a communications path 526(e.g., but not limited to, a channel). This channel 526 may carry signals 528, which may include, e.g., but not limited to, propagated signals, and may be implemented using, e.g., but not limited to, wire or cable, fiber optics, a telephone line, a cellular link, an radio frequency (RF) link and other communications channels, etc.
[00060] In this document, the terms "computer program medium" and "computer readable medium" may be used to generally refer to media such as, e.g., but not limited to removable storage drive 514, a hard disk installed in hard disk drive 512, and signals 528, etc. These computer program products may provide software to computer system 500. The invention may be directed to such computer program products.
[00061] References to "one embodiment," "an embodiment," "example embodiment,"
"various embodiments," etc., may indicate that the embodiment(s) of the invention so described may include a particular feature, structure, or characteristic, but not every embodiment necessarily includes the particular feature, structure, or characteristic. Further, repeated use of the phrase "in one embodiment," or "in an exemplary embodiment," do hot necessarily refer to the same embodiment, although they may.
[00062] In the following description and claims, the terms "coupled" and "connected," along with their derivatives, may be used. It should be understood that these terms are not intended as synonyms for each other. Rather, in particular embodiments, "connected" may be used to indicate that two or more elements are in direct physical or electrical contact with each other. "Coupled" may mean that two or more elements are in direct physical or electrical contact. However, "coupled" may also mean that two or more elements are not in direct contact with each other, but yet still co-operate or interact with each other.
[00063] An algorithm is here, and generally, considered to be a self-consistent sequence of acts or operations leading to a desired result. These include physical manipulations of physical quantities. Usually, though not necessarily, these quantities take the form of electrical or magnetic signals capable of being stored, transferred, combined, compared, and otherwise manipulated. It has proven convenient at times, principally for reasons of common usage, to refer to these signals as bits, values, elements, symbols, characters, terms, numbers or the like. It should be understood, however, that all of these and similar terms are to be associated with the appropriate physical quantities and are merely convenient labels applied to these quantities.
[00064] Unless specifically stated otherwise, as apparent from the following discussions, it is appreciated that throughout the specification discussions utilizing terms such as "processing," "computing," "calculating," "determining," or the like, refer to the action and/or processes of a computer or computing system, or similar electronic computing device, that manipulate and/or transform data represented as physical, such as electronic, quantities within the computing system's registers and/or memories into other data similarly represented as physical quantities within the computing system's memories, registers or other such information storage, transmission or display devices.
[00065] In a similar manner, the term "processor" may refer to any device or portion of a device that processes electronic data from registers and/or memory to transform that electronic data into other electronic data that may be stored in registers and/or memory. A "computing platform" may comprise one or more processors.
[00066] Embodiments of the present invention may include apparatuses for performing the operations herein. An apparatus may be specially constructed for the desired purposes, or it may comprise a general purpose device selectively activated or reconfigured by a program stored in the device.
[00067] Embodiments of the invention may be implemented in one or a combination of hardware, firmware, and software. Embodiments of the invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed by a computing platform to perform the operations described herein. A machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer). For example, a machine-readable medium may include read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
[00068] Computer programs (also called computer control logic), may; include object oriented computer programs, and may be stored in main memory 508 and/or the secondary memory 510 and/or removable storage units 514, also called computer program products. Such computer programs, when executed, may enable the computer system 500 to perform the features of the present invention as discussed herein. In particular, the computer programs, when executed, may enable the processor 504 to provide a method to resolve conflicts during data synchronization according to an exemplary embodiment of the present invention. Accordingly, such computer programs may represent controllers of the computer system 500.
[00069] In another exemplary embodiment, the invention may be directed to a computer program product comprising a computer readable medium having control logic (computer software) stored therein. The control logic, when executed by the processor 504, may cause the processor 504 to perform the functions of the invention as described herein. In another exemplary embodiment where the invention may be implemented using software, the software may be stored in a computer program product and loaded into computer system 500 using, e.g., but not limited to, removable storage drive 514, hard drive 512 or communications interface 524, etc. The control logic (software), when executed by the processor 504, may cause the processor 504 to perform the functions of the invention as described herein. The computer software may run as a standalone software application program running atop an operating system, or may be integrated into the operating system.
[00070] In yet another embodiment, the invention may be implemented primarily in hardware using, for example, but not limited to, hardware components such as application specific integrated circuits (ASICs), or one or more state machines, etc. Implementation of the hardware state machine so as to perform the functions described herein will be apparent to persons skilled in the relevant art(s).
[00071] In another exemplary embodiment, the invention may be implemented primarily in firmware. ' ■ ■ . . . [00072] In yet another exemplary embodiment, the invention may be implemented using a combination of any of, e.g., but not limited to, hardware, firmware, and software, etc.
[00073] Exemplary embodiments of the invention may also be implemented as instructions stored on a machine-readable medium, which may be read and executed by a computing platform to perform the operations described herein. A machine-readable medium may include any mechanism for storing or transmitting information in a form readable by a machine (e.g., a computer). For example, a machine-readable medium may include read only memory (ROM); random access memory (RAM); magnetic disk storage media; optical storage media; flash memory devices; electrical, optical, acoustical or other form of propagated signals (e.g., carrier waves, infrared signals, digital signals, etc.), and others.
[00074] The exemplary embodiment of the present invention makes' reference to wired, or wireless networks. Wired networks include any of a wide variety of well known means for coupling voice and data communications devices together. A brief discussion of various exemplary wireless network technologies that may be used to implement the embodiments of the present invention now are discussed. The examples are non-limited. Exemplary wireless network types may include, e.g., but not limited to, code division multiple access (CDMA), spread spectrum wireless, orthogonal frequency division multiplexing (OFDM), IG, 2G, 3G wireless, Bluetooth, Infrared Data Association (IrDA), shared wireless access protocol (SWAP), "wireless fidelity" (Wi-Fi)5 WlMAX, and other IEEE standard 802.11 -com pliant wireless local area network (LAN), 802.16-compliant wide area network (WAN), and ultrawideband (UWB), etc.
[00075] Bluetooth is an emerging wireless technology promising to unify several wireless technologies for use in low power radio frequency (RJF) networks.
[00076] IrDA is a standard method for devices to communicate using infrared light pulses, as promulgated by the Infrared Data Association from which the standard gets its name. Since IrDA devices use infrared light, they may depend on being in line of sight with each other.
[00077] The exemplary embodiments of the present invention may make reference to
WLANs. Examples of a WLAN may include a shared wireless access protocol (SWAP) developed by Home radio frequency (HomeRF), and wireless fidelity (Wi-Fi), a derivative of IEEE 802.11, advocated by the wireless ethernet compatibility alliance (WECA). The IEEE 802.11 wireless LAN standard refers to various technologies that adhere to one or more of various wireless LAN standards. An IEEE 802.11 compliant wireless LAN may comply with any of one or more of the various IEEE 802.11 wireless LAN standards including, e.g., but not limited to, wireless LANs compliant with IEEE std. 802.1 1a, b, d or g, such as, e.g., but not limited to, IEEE std. 802.11 a, b, d and g,(including, e.g., but not limited to IEEE 802.1 lg-2003, etc.), etc.
[00078] FIG. 6 depicts an exemplary embodiment of a diagram 600 illustrating a legacy backend infrastructure including a user seated at a client 602, via a portal 604 accessing various stove pipe applications 608 by authenticating through exemplary security application 606, to access exemplary business applications 608 including, in an exemplary embodiment, online publications, task tracking, medical(MED), military evaluations (MTL EVA), awards and decorations (AWDS DECS), accessing via integrated infrastructure 609 applications such as, e.g., but not limited to, digital signatures (DIGSIG), reports (REPORT), forms engine, messaging application (MSG), machine to machine and/or person to person workflow (WF), content management (CM), records management (RM), and to access via integration engine 610, external data repositories 612, and external business applications 614.
[00079] FIG. 7 depicts another exemplary embodiment of a diagram 700 illustrating another exemplary legacy backend infrastructure including a user which may be seated at an exemplary client device 602, accessing, via a portal 604, various exemplary stove pipe applications provided via integration framework 702 including by authenticating through exemplary security application 606, to access exemplary business applications 608 including, in an exemplary embodiment, electronic publishing authoring tool for creation, revision of organizational publications (E-PUBS Studio), enlisted/officer evaluation system (EES OES), publication management information system (PMIS), task management tracking including correspondence management and action tracking such as, e.g., but not limited to, how to repair something like an engine, etc., awards and decorations (AWDS DECS), accessing via integrated infrastructure 609 applications such as, e.g., but not limited to, reporting (REPORT)5 Publish, IBM Workplace Forms application, previously (Pure Edge), also known as IBM Lotus Forms, document management (DM), messaging application (MSG), workflow (WF), collaboration and collaborative authoring (CA), records management (RM), and to access via integration engine 610 and the integration framework 702, external data repositories 612 such as, e.g., but not limited to, military personnel database system (MILPDS)5 etc., and external business applications 614 such as, e.g., but not limited to, Oracle database, Peoplesoft, etc.. [00080] FIG. 8 depicts a diagram 800 illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form 802 .having various fields, including, e.g., but not limited to, authentication, approvals, etc. As shown, exemplary button 804 may be provided, in an exemplary embodiment to save the contents of the form, in one exemplary embodiment. As shown, exemplary button 806 may be provided, in an exemplary embodiment to provide a save as function, allowing saving of the contents of the form at a user designated location, in one exemplary embodiment. As shown, exemplary button 808 may be provided, in an exemplary embodiment to print the contents of the form, in one exemplary embodiment. As shown, exemplary button 810 may be provided, in an exemplary embodiment to electronically send the contents of the form, in one exemplary embodiment. As shown, exemplary button 812 may be provided, in an exemplary embodiment to provide a wizard functionality, which may prompt the user through filling out the form and performing an exemplary step of an automated business process, in one exemplary embodiment. As shown, exemplary button 814 may be provided, in an exemplary embodiment to allow the user to move forward to a next step of the business process, in one exemplary embodiment. As shown, exemplary checkbox 816 may be provided, in an exemplary embodiment, to permit a user to edit the component, in one exemplary embodiment. As shown, some fields may be free form text fields, or intelligent fields, which may require entry in a particular format, as well as validation of entries, such as, e.g., but not limited to, administrative data fields, Name, SSN, Rank, Date of Rank, Branch, unit/org/station/zip code or APO/major command, status code, reason for submission, period covered dates, rated months, number of enclosures1, rated officers' AKO email address, UTC, CMD code, PSB code, name of rater, ssn, rank, position, signature field, date, senior rater's organization, branch senior rater telephone number, e-mail address, comments, signature of rated officer, date, duty description fields, principal duty title, position AOC/' BR, significant duties and responsibilities, etc. Other functions may be provided for the form such as, e.g., but not limited to, zoom, spell check, help, information, configure,- open, save, and save as, etc.
[00081] FIG. 9 depicts a diagram 900 illustrating an exemplary self-aware, secure, intelligent object and exemplary graphical user interface of an exemplary electronic form object including, in an exemplary embodiment, an officer evaluation report form 802 having various fields, including, e.g., but not limited to, authentication, approvals, etc. In an exemplary embodiment, a forms wizard feature may include an auto-fill capability to auto-fill fields from other databases such as, e.g., but not limited to, army databases. For example, a rated officer's identifier such as, e.g., but not limited to, a social security number (SSN) may be used, entered, and/or a rated officers' lastname (or subset such as, e.g., but not limited to, the last two letters may be entered). As shown, an exemplary notebook tab paradigm, user interface may be used for an exemplary officer evaluation form. Once a user selects to create an evaluation, according to an exemplary embodiment, a user may then choose to manually enter a rated soldier'si administrative data, or may choose to automatically populate the soldier's administrative data by searching a database to prefill fields. As shown, in an exemplary embodiment, a vertical tab 902 may be associated with a notebook page as shown for user selection of a method of data entry for a rated soldier. Other vertical tabs shown, in an exemplary embodiment, may include1 a tab 906 which may include representing administrative data for a rated soldier such as, e.g., but not limited to, name, rank, date of rank, unit, org., station, zip code, rated officer's AKO email address, etc., a tab 908 providing continued administrative data such as, e.g., but not limited to, demographics and administrative data, a tab 910 which may include providing data entry for a rating chain such as, e.g., but not limited to, life cycle workflow, a tab 912 which may include providing an authorized (auth) rating chain such as, e.g., but not limited to, a, new direct reporting management/reporting officer, etc., a tab 914 which may include providing duty description (DES) such as, e.g., a classification (such as, e.g., but not limited to, reserve, national guard, regular army, deployed, etc.) of a soldier being rated for a rated soldier, in one exemplary embodiment. According to an exemplary embodiment, a person in a rating chain may begin with the person who is being rated, and then every person who rates that person, including those in a reporting structure, and administrative people who may make sure that thfe form is getting to the next person in the chain. A rater may be the first person who rates, such as a lieutenant, the second person is called an inter-rater and might be, e.g., a captain, the third person is called a senior rater, and might be, e.g., a lieutenant colonel, for example. Button 916 may be used, in an exemplary embodiment to view a form. Other buttons may be included such as, e.g., but not limited to, previous, and next (not shown). Other horizontal tabs shown, in an exemplary embodiment, may include a tab 918 which may include rater actions such as, e.g., but not limited to, a lieutenant, providing a performance evaluation, etc., a tab 920 which may include providing inter rater actions such as, e.g., but not limited to, an intermediate level rater such as captain, a tab 922 which may include providing senior rater actions such as, e.g., but not limited to, a senior level rater such as lieutenant colonel, a tab 924 which may include providing rated soldier information such as, e.g., but not limited to, demographics, statistics, health, medical, performance, etc., a tab 926 which may include providing enclosures such as, e.g., but not limited to, related data, files, correspondence, links, correspondence, communications,etc, in one exemplary embodiment. Administrative data may include, e.g., name, rank, date of rank, unit, org, station, zip code, APC, rated officer's AKO email address, drop down lists to populate fields, etc. In rater actions, e.g., regulatory business logic may be implemented such as, e.g.,but not limited to, army physical fitness, height/weight data, such as army fitness pass or fail test (APFT), date of report, height, weight, etc., officer development, tasks recorded, counseling conducted, etc. FlG. 10 depicts a diagram 1000 illustrating an exemplary portal as may be provided according to an exemplary embodiment including an exemplary graphical user interface including an exemplary number of file folder tabs. The portal may provide a view to a given user such as, e.g., a personalized view, depending on security/access rights/ level/position, etc., of a universal workspace. In an exemplary rater's view, various data may be shown, as reflected in the illustration. An exemplary portal may include, e.g., but not limited to, a form finder search, an inbox for incoming forms to be acted on, tracking, drafts, favorites, templates and/or routing, etc. A plurality of file folder tabs may include, e.g., but may not be limited to, an inbox tab 1002, a welcome tab 1004, a drafts tab 1006, a favorites tab 1008, a recycle bin 1010, an admin tab 1012, a help tab 1014. In an exemplary inbox 1002 of the portal, one may search for a give form using a form finder 1016, by, e.g., but not limited to, an exemplary form number search field 1018, a form title field 1020, using search button 1022, search by range button 1024, or via a non-PureEdge forms 1026. Within inbox 1002, in an exemplary embodiment, one or more forms may be listed using forms tab 1030, in one or more folders, which may be viewed using folders tab 1032. In the exemplary embodiment shown, 12 forms and 2 folders are shown. If one of the forms is selected via a checkbox on the left of a listed form, then form action buttons 1034-1048 to the left of the forms list may be activated. The forms action buttons 1034- 1048 may include, in an exemplary embodiment, an addto button 1034, a history button 1036, a rename button 1038, a copy button 1042, a delete button 1044, a route slip 1046, and a special tasks selectable function 1048, which in an exemplary embodiment, may be used to provide, e.g., but not limited to, communication, workflow, security, printing, inputting, outputting, processing, document and forms related tasks, and may include other functionality such as, e.g., but not limited to, Silanis ™ Approve-lt software for digital signatures, etc.. For each given form in forms list 1040, a selection box may be provided, a title 1050 for the form, a form type 1052, a routed user 1054, which may be an email address according to an exemplary embodiment, an action date 1056, which may include the last date upon which a form has been acted upon, a suspend date 1058, which may be a deadline date for a user to act on the form, according to an exemplary embodiment.
[00083] FIG. 1 1 depicts an exemplary embodiment of an exemplary use of a self-aware secure object, according to an exemplary embodiment, including a diagram 1100 illustrating an exemplary self-aware secure object 1102a being interactively accessed by a user by client 602, e.g., but not limited to, via a portal 604. Using the portal, the self-aware secure object 1102a may access various legacy systems, e.g., but not limited to, for accessing data from various legacy stove pipe applications 608 by authenticating through exemplary security application 606. By authenticating via security 606, the client application may access exemplary business applications 608 including, in an exemplary embodiment, online publications, task tracking, medical (MED), military evaluation (MIL EVAL), awards and decorations (AWDS DECS), may access via integrated infrastructure 609 applications such as, e.g., but not limited to, digital signatures (DIGSIG), reporting (REPORT), forms engine, messaging application (MSG), workflow (WF), content manager (CM), record manager (RM), and may access via integration engine 610, external data repositories 612, and external business applications 614. As shown, the user may by using a self-aware secure object 1102(a-c, collectively 1 102), may in a distributed manner access external business applications 614 via self-aware secure object 1102b, as' shown, or external data repositories 612 via self-aware secure object 1102c, as shown, in an exemplary embodiment. According to an exemplary embodiment, self-aware secure object 1 102 can be used in an offline, disconnected mode as a standalone application, for example. Since the application includes 80% of the logic of a traditional form, the object 1102 may be executed with a substantial amount of functionality in disconnected mode. However, once the secure object is connected, the object 1102 may authenticate via security 1,104, and may access resources such as business applications 608, integrated infrastructure 6θ9, external business applications 614, and data repositories 612.
[00084] In an exemplary embodiment, the self-aware secure object 1102 may include about
80% of the business logic of a business process. In order to contain such a substantial portion of a business process, the self-aware secure object 1102 may include, in an exemplary embodiment, compression, security, portability, and intelligent workflow.
[00085] In an exemplary embodiment, the object 1102 may include compression. In an exemplary embodiment, the object may be compressed when transmitted such as, when transmitted from one device to another. In an exemplary embodiment, the viewer also may be compressed. For example, when a user wishes to access or view the object 1102, it may download the viewer to a client device. To be bandwidth efficient, the viewer may be compressed.
[00086] In an exemplary embodiment, the object 1102 may include security. In an exemplary embodiment, the object may include security, which may require security authentication to access the object 1102, for example. In an exemplary embodiment, when the client device containing the object 1102 is introduced into the network, security 1104, may be used to ensure that no viruses are provided to other devices which may access the device 602. According to an exemplary embodiment, the device 602 and object 1102 may be security' aware and as part of a peer to peer network may be capable quarantining itself when malicious code such as a virus is found. An exemplary quarantining process is set forth and described further below with reference to FIGs. 13A and 13B.
[00087] In an exemplary embodiment, the self-aware object 1 102 may be adapted for portability. In an exemplary embodiment, the object 1102 may be designed to be small in storage size for ease of transfer and storage. The object 1 102, may be, for example, adapted for use with a mobile device, such as, e.g., but not limited to a mobile telephony device, a mobile telephone, a cellular phone, etc., a personal digital assistant (PDA), a blackberry. The object 1102 may be adapted, in an exemplary embodiment, for operation in either a connected mode and/or an unconnected mode.
[00088] In an exemplary embodiment, the self-aware object 1102 may be adapted for providing intelligent workflow. In an exemplary embodiment, the self-aware object 1 102 may be adapted to know when the device on which the object is executed, is in a connected mode, or in an unconnected mode. The object 1102, in an exemplary embodiment may behave differently depending on the connected/disconnected status which is self identified. The self-aware object 1 102 may know the steps of the business process workflow and may enforce the business process by prompting the user to perform the next step of the business process. The intelligence of the self-aware object 1102 also tracks the performance of the different steps of the workflow including requiring any authentication or validation as well as requiring any accountability. The self-aware object 1 102 may in a distributed, disconnected manner, and/or in a peer-to-peer communications manner, may allow and/or enforce the steps of the workflow. As estimated, the self-aware object 1 102 may include about 80% of the business logic necessary to perform the process workflow.
[00089] According to an exemplary embodiment, when in a connected mode, for example, and/or when the self-aware object 1102 is being viewed via a portal 604, then the remaining about 20% of the business logic to perform the process workflow may be obtained. In an exemplary embodiment, the portal 604 may include a common user workspace, and may a web- based interface in an exemplary embodiment. The portal 604, in an exemplary embodiment, may include an inbox for communications, a tracking capability for tracking the status of various forms and/or business processes that are being performed. See FlG. 10 for an exemplary portal interface 604. The portal 604 may appear differently depending upon what device the portal 604 is being viewed. Interfaces may be tailored for different devices to improve readability on a given device 602.
[00090] The self-aware object 1102, according to an exemplary embodiment, may be approximately 10MB in size, or less, for portability purposes. The viewer may be embedded in the self-aware object 1102 in one exemplary embodiment. The object, according to an exemplary embodiment, may also be resident on a portable device such as, e.g., but not limited to, a portable and/or mobile device. In an exemplary embodiment, the portable device 602 may be a device that communicates in a low bandwidth environment. For example, steps to be performed in a business process related to, e.g., but not limited to, an immigration form, may be transmitted to a mobile telephone or PDA and thus the size of the object as well as communications transmission bandwidth size may be desired to be small to accommodate available resources. The object 1102 in an connected mode may be adapted to be coupled to a backend system, which may, e.g., but not limited to, provide access to legacy systems, external data sources and repositories, for example.
[00091] FIG. 12 depicts another exemplary embodiment of a diagram 1200 illustrating another exemplary backend infrastructure including a user which may beiseated (or ambulatory) at an exemplary client device 602, accessing, via a portal 604, which may be tailored to device 602, various exemplary applications which may include the self-aware portable intelligent object 1102. In an exemplary embodiment object 1102 may include a PureEdge, or IBM Workplace Forms, or IBM Lotus forms application which are available from IBM Corporation of Armonk, NY USA, which may provide the following exemplary, but non-limiting functionality form technology and communication capabilities. The object 1 102, according to an exemplary embodiment, may include forms, may include data which may be in extensible markup language (XML) format, may include presentation layer (PRES) of the systems network architecture, which may provide the following exemplary functionality, a graphical user interface (GUI), may include business logic such as, e.g., but not limited to, business process logic, workflow, communication, etc., may include data of various exemplary types including, e.g., but not limited to, inputted form data, time stamp data, business logic tracking data, workflow, etc., and/or may include digital signature, or other authentication tools such as biometrics, passwords, security, authentication, hashing, validation, etc.. Diagram 1200 may further include, in an exemplary embodiment, backend infrastructure tools 609 such as, e.g., but not limited to, an IBM Content Manager (CM) Suite such as IBM CM Suite, V. 4.0, available from IBM of Armonk, NY, USA, which may include, e.g., but not limited to, a database application, such as, e.g., but not limited to, DB2, a content manager, such as, e.g., but not limited to, IBM Content Manager (CM), a content management tool, such as, e.g., but not limited to, records manager (RJM), a IBM content manager, such as, e.g., but not limited to, IBM MQ application, an enterprise application , such as, e.g., but not limited to, IBM Websphere portal server (WPS), a web based portal server, such as, e.g., but not limited to, IBM Document Manager (DM) for Air Force (AF), an access and/or network management tool/ manager, such as, e.g., but not limited to, IBM/Tivoli Access Manager (TAM (AF)), Portlets, etc., among others. As shown, in an exemplary embodiment, the backend infrastructure 609 may access legacy applications via a legacy application access application such as, e.g., but not limited to, an integration framework 702 including, e.g., but not limited to, IBM information integrator application (I1CE), available from IBM Corporation of Armonk, NY USA, for accessing exemplary business applications 608, 612, 614, for example. ] FlGs. 13A and 13B set forth an exemplary quarantining process, according to an exemplary embodiment of the present invention. FIG. 13A illustrates an exemplary embodiment of an exemplary network environment, where devices 602a, 602b, etc. may communicate with one another via, e.g., but not limited to, peer-to-peer communications, and with a server 1302, which may be referred to as an enclave server 1302. FIG. 13A depicts exemplary device 602a shown in communication with enclave server 1302, as are all other devices. Device 602a when connecting to the network may register itself with enclave server 1302. Since device 602a includes a secure self-aware object 1102, if the self-aware object 1102 identifies that it has been tampered with in some way, it may notify enclave server 1302 as shown in FIG. 13B.
[00093] In FIG. 13B, device 602a may be quarantined 1304 by enclave server 1302, and may be prevented from communicating with any of the remaining devices 602.
[00094] FIG. 14 depicts another exemplary embodiment of a diagram 1400 illustrating an exemplary Trust component architecture including, in an exemplary embodiment, an exemplary client device 602, accessing, via a portal 604, an enclave application 1402. The client device 602, as shown in an exemplary embodiment, coupled to a realm controller 1302. As shown, the realm controller 1302 may communicate in various ways. Exemplary communications, according to an exemplary embodiment, may include, e.g., but not limited to, email, pager or other notifications, policy compliance reports, composite reports, trouble tickets, discovery and vulnerability scanning, external data feeds, directory services, event management systems, etc. Further the realm controller 1302 may communicate with readiness managers 1404 via connection trust data security, via agent core communications 1420, and/or application firewall 1418, to device trust 1406, restoration/remediation 1408, integrity 1410, active quarantine 1412, intrusion detection 1414, and/or system availability 1416, etc.
[00095] FlG. 15 depicts a diagram 1500, of an exemplary embodiment, illustrating a breakdown of relative embedded program logic between object 1102 and portal 604, according to an exemplary embodiment of the present invention. The object may be XML based with 80% of the logic embedded within and understands workflow. The object may be compressed, and the viewer may be embedded and compressed within the object. The object may be encrypted and may be secure, especially regarding introduction to a network. The object may be adapted for use connected to a network, or unconnected to a network. The object may be adapted for portable devices (such as, but not limited to, e.g. mobile phones, personal digital assistants (PDA), windows-enabled PDAs, RIM Blackberry, etc.). The object may include a intelligent self-aware workflow where the object may know if it is connected to a network, aware if it is comprised by a virus, knows the steps of a workflow, enables accountability, and/or creates timestamps of actions. In an exemplary embodiment, the intelligent self-aware workflow may exist as part of a business process, but not as part of the object. The object may also be communication capable, capable of tieing into legacy databases when connected to a legacy system and capable of peer to peer communication when connected to peer systems. The portal may be a common user workspace including the remaining approximate 20% logic, having an inbox and tracking. Of course more or less logic may be included, however, this illustrates an exemplary system.
[00096] According to an exemplary embodiment a portal may provide 20% of functionality, including, e.g., but not limited to, a common user workspace, an Inbox, and Tracking capabilities. According to an exemplary embodiment an object may provide 80% of functionality, including, e.g., but not limited to, a viewer (embedded) of e.g., but not limited to about 10MB or less, portability, could be used (e.g., for immigration forms), may be used in a low bandwidth environment, may be coupled to backend systems such as, e.g., but not limited to, legacy, and/or systems. According to an exemplary embodiment, the portal may adjust depending upon where the object is being viewed.
[00097] While various embodiments of the present invention have been described above, it should be understood that they have been presented by way of example only, and not limitation. Thus, the breadth and scope of the present invention should not be limited by any of the above- described exemplary embodiments, but should instead be defined only in accordance with the following claims and their equivalents.

Claims

What is claimed is:
1. A method for managing a form-based business process workflow using an electronic form comprising: managing the workflow using the electronic form, wherein the electronic form comprises an intelligent, portable, self-aware, secure object.
2. The method according to claim 1, wherein said intelligent object comprises embedded workflow characteristics.
3. The method according to claim 1, wherein said intelligent object comprises incorporating approximately 80% of an associated business process in said object.
4. The method according to claim 1, wherein said object is self contained.
5. The method according to claim 1, wherein said managing said self-aware object comprises at least one of: managing whether said objected is connected or unconnected; managing network connectivity of said object; managing whether a user of said object is on network or off network; and/or managing communication with a recipient.
6. The method according to claim 1, wherein said managing said secure object comprises at least one of: managing security; detecting tampering; managing access to said secure object; managing peer-to-peer communications between a plurality of said secure objects; providing visibility to another secure object in a peer-to-peer communications manner; encrypting said object; compressing said object; enabling viewing without decompressing; using innerwall/enclave; requiring authentication via biometrics; requiring user security validation and/or authentication; requiring user password authentication; and/or managing visibility of said secure object to peers.
7. The method according to claim 1, wherein said managing said object further comprises: encrypting said object.
8. The method according to claim 1, wherein said managing said secure object comprises at least one of: using innerwal I/enclave to wall off a device.
9. The method according to claim 1, wherein said managing said object further comprises: compressing said object.
10. The method according to claim 1, wherein said managing said object further comprises at least one of: requiring user authentication; and/or requiring user authentication using at least one of a password; and/or a biometrics.
11. The method according to claim 1, wherein said object comprises at least one of: an extensible markup language (XML) object; a software object; an applet; an application; an electronic form; and/or an executable object.
12. The method according to claim 1, wherein said managing said workflow comprises at least one of: a process; a business workflow; a governmental workflow; an agency workflow; an administrative agency workflow; a defense department agency workflow; an armed services workflow; an immigration agency workflow; a defense agency workflow; a department of motor vehicles based workflow; a voting workflow; a federal government agency workflow; a state government agency workflow; a county government agency workflow; a city government agency workflow; a municipal government agency workflow; and/or a forms-based workflow.
13. The method according to claim I, further comprising: managing peer-to-peer communication; managing security of said object; and managing workflow steps.
14. The method according to claim 1, further comprising at least one of: managing upload transfers from said object to legacy systems; managing bandwidth related transactions; and/or managing legacy database relational transactions.
15. The method according to claim 14, wherein said upload transfers comprise a remaining 20% of workflow processing.
16. The method according to claim 1, further comprising: self tracking said object; tracking completion of said workflow; tracking workflow authorizations; seeking any necessary approval; seeking any transfers from and/or to another user; tracking what was performed, who performed it, and when it was performed; and/or tracking timestamps.
17. The method according to claim 1 , further comprising: providing a viewer for access to said object; providing a version tailored for a portable device including at least one of a personal computer, a personal digital assistant, a mobile phone, and/or a mobile device; providing access in a low bandwidth environment; providing coupling to a backend system; and/or providing a portal for access to said object.
18. A system comprising: an intelligent, portable, self-aware, secure object adapted to be placed on a portable device.
19. The system according to claim 18, further comprising: a viewer operative to view contents of said object.
20. The system according to claim 19, wherein said viewer is an embedded viewer, downloadable along with said object.
21. The system according to claim 18, further comprising: a portal operative to provide user interactive access to said object, via a browser.
22. The system according to claim 21, wherein said browser comprises an Internet web browser.
23. The system according to claim 18, wherein said object is adapted to be coupled via a communications link to legacy systems.
24. The system according to claim 18, wherein said object is capable of peer-to-peer distributed communication in at least a low bandwidth environment.
1
25. The system according to claim 18, wherein said object is operative to provide at least one of:
A. compression, comprising at least one of:
-compression of said object, and/or -compression of a viewer;
B. security, comprising at least one of:
-security of said object, and/or
-security functions upon introduction to network;
C. portability comprising at least one of:
-portability for a mobile phone,
-portability for a personal digital assistant (PDA),
-portability for use on a blackberry or similar wireless communication device, and/or
-portability for use in connected and/or unconnected state; and/or
D. intelligent workflow comprising at least one of
-knowing when a user device is connected,
-knowing steps of a process and/or business workflow, and/or
-accountability.
PCT/US2007/018491 2006-08-21 2007-08-21 System, method, and computer program product for providing an intelligent, portable, self-aware, secure object WO2008024351A2 (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US83886406P 2006-08-21 2006-08-21
US60/838,864 2006-08-21

Publications (2)

Publication Number Publication Date
WO2008024351A2 true WO2008024351A2 (en) 2008-02-28
WO2008024351A3 WO2008024351A3 (en) 2008-10-09

Family

ID=39107354

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/US2007/018491 WO2008024351A2 (en) 2006-08-21 2007-08-21 System, method, and computer program product for providing an intelligent, portable, self-aware, secure object

Country Status (1)

Country Link
WO (1) WO2008024351A2 (en)

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8865972B2 (en) 2000-03-09 2014-10-21 E. I. Du Pont De Nemours And Company Sulfonylurea-tolerant sunflower plants

Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5680452A (en) * 1993-10-18 1997-10-21 Tecsec Inc. Distributed cryptographic object method
US20040215599A1 (en) * 2001-07-06 2004-10-28 Eric Apps Method and system for the visual presentation of data mining models

Patent Citations (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US5680452A (en) * 1993-10-18 1997-10-21 Tecsec Inc. Distributed cryptographic object method
US20040215599A1 (en) * 2001-07-06 2004-10-28 Eric Apps Method and system for the visual presentation of data mining models

Cited By (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8865972B2 (en) 2000-03-09 2014-10-21 E. I. Du Pont De Nemours And Company Sulfonylurea-tolerant sunflower plants

Also Published As

Publication number Publication date
WO2008024351A3 (en) 2008-10-09

Similar Documents

Publication Publication Date Title
US11226938B2 (en) Method and system for real-time collaboration and event linking to documents
US9569596B2 (en) Secure workflow and data management facility
US8976008B2 (en) Cross-domain collaborative systems and methods
US7627608B2 (en) Sharing of media using contact data
US8266443B2 (en) Systems and methods for secure and authentic electronic collaboration
US8423374B2 (en) Method and system for processing intelligence information
EP2301209B1 (en) System and method for message filtering
CN105787741A (en) Electronic contract signing system based on mobile phone client, and application method thereof
US20140207821A1 (en) Presenting metadata from multiple perimeters
US20070124374A1 (en) Methods and apparatus providing collaborative access to applications
US20120149339A1 (en) Archiving Text Messages
US20090300706A1 (en) Centrally accessible policy repository
US9350733B2 (en) Emergency server access for offline users
US20220114142A1 (en) Method and System for Real-Time Collaboration and Event Linking to Documents and Video Recordings
US8621648B2 (en) Method and system for secure exchange and use of electronic business cards
US20200126007A1 (en) Core process framework for integrating disparate applications
US20080155263A1 (en) Systems and Methods for Tracking Electronic Files in Computer Networks Using Electronic Signatures
KR100890209B1 (en) Distributed computing services platform
EP1533724A1 (en) Method and computer system for signing electronic contracts
US20070271229A1 (en) System and method for data searching among multiple enterprise applications
WO2008024351A2 (en) System, method, and computer program product for providing an intelligent, portable, self-aware, secure object
US20130018985A1 (en) Methods and Apparatus for Remote Data Transfer
CN111967854A (en) Intelligent mobile office platform
US20100169379A1 (en) System and method for creating user-specific directory
WO2020033976A1 (en) Encrypted messaging system

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 07837148

Country of ref document: EP

Kind code of ref document: A2

NENP Non-entry into the national phase in:

Ref country code: DE

NENP Non-entry into the national phase in:

Ref country code: RU

122 Ep: pct application non-entry in european phase

Ref document number: 07837148

Country of ref document: EP

Kind code of ref document: A2