Patent Issued for Automated Data Store Access Source Code Review (USPTO 10,585,663)
2020 MAR 24 (NewsRx) -- By a
The patent’s inventors are Anderson, Matthew (
This patent was filed on
From the background information supplied by the inventors, news correspondents obtained the following quote: “Field of the Invention
“Embodiments of the current invention relate to methods and devices for automatically reviewing data store or database access source code.
“Description of the Related Art
“Large-scale data stores, or databases, such as those maintained by an insurance provider or a financial institution, not only include a great volume of data, but are also accessed at a high frequency. An exemplary insurance provider may have anywhere from hundreds of thousands to tens of millions of customers or clients. Associated with each customer may be personal information, such as a name, a birthdate, an address, etc., and policy information, such as a homeowner’s policy with coverage terms and details about the house or property being covered, or an automobile policy with coverage terms and details about the vehicle being covered. Also associated with each customer may be account information, such as payment history and the like. All of this information is stored in one or more data stores. An exemplary insurance provider may further have thousands of employees, such as agents, representatives, adjusters, accountants, and so forth. Each employee may wish to access the data stores to create new policies, update existing policies, retrieve information about policies, delete accounts, retrieve account information, or the like. In addition, some requests for access may involve hundreds of accounts, such as preparing billing information on any given day. If the insurance provider also offers online or web service for customers to directly access policy or account information, then the traffic to the data stores could increase significantly.
“Access to the data stores is controlled by data store access software. The software may include deployables, which are built from source code files. Each task or type of task may require one or more deployables. For example, creating new policies may require a first one or more deployables, while updating policy data may require a second one or more deployables, and so forth. Given the volume of data to be handled and the frequency of access, each deployable must be as efficient in adding, retrieving, or modifying data as possible. Typically, data store managers, database administrators (DBAs), data access developers, or other information technology (IT) personnel review the source code used to build the deployables to ensure proper operation and performance. Since new deployables, or modifications to existing deployables, may be built or updated every day, it is difficult for data store managers and IT personnel to adequately review the source code and ensure proper performance. This leads to either inefficient code being deployed or long delays in implementing properly operating deployables.
“Furthermore, the deployables may be created from at least three types of source code files. A first type of source code may provide modification to the data store contents, by adding, deleting, or changing data. A second type of source code may provide an interface between the first type of source code and applications, typically business applications, that seek to access the data store. A third type of source code may provide configuration of the software components of the first and second types of source code. It is possible that each type of source code may be written by a different group of coders or programmers. Each group may specialize in the type of source code that they write, but may have little knowledge of the requirements of the other types of source code. The fact that different groups with different concerns write the data store access source code may further contribute to inconsistencies and inefficiencies in the deployables.”
Supplementing the background information on this patent, NewsRx reporters also obtained the inventors’ summary information for this patent: “Embodiments of the current invention solve the above-mentioned problems and provide a distinct advance in the art of automated source code review. Specifically, embodiments of the current invention provide computer-implemented methods that may automatically review data store access source code files by checking for compliance with guidelines on a plurality of levels. The methods may check the three types of source code, including data store modification source code files, application interface source code files, and configuration source code files, among others. If any of the source code files do not comply with the guidelines, then deployment of the source code may be halted until issues can be examined.
“In one embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with transaction-related guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“In another embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines, the guidelines including determining whether a type of data to be written to the data store matches a type of data in the data store; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code, the guidelines including checking that a type of data passed to the SQL components matches a type of data expected by the SQL components; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines, the guidelines including checking that a bean definition for a database points to the data store; setting the issue flag if the guidelines are not followed; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines, the guidelines including checking for the presence of a transaction manager definition; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines, the guidelines including checking for a definition of a datasource; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“In yet another embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; determining service operations in each source code file; determining an execution frequency and an execution time of each service operation based on business volumetrics; setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold; setting the issue flag if the execution time of any service operation is less than an execution time threshold; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with transaction-related guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Other aspects and advantages of the current invention will be apparent from the following detailed description of the embodiments and the accompanying drawing figures.”
The claims supplied by the inventors are:
“Having thus described various embodiments of the invention, what is claimed as new and desired to be protected by Letters Patent includes the following:
“1. A computer-implemented automated review method for source code files seeking to access a data store, the method comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; examining configuration source code files and determining compliance with data store connection and object definition guidelines; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if any of the guidelines are not followed; reviewing the status of the issue flag; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“2. The computer-implemented automated review method of claim 1, further comprising the steps of: determining service operations in each source code file; determining an execution frequency of each service operation based on business volumetrics; and setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold for each service operation.
“3. The computer-implemented automated review method of claim 1, further comprising the steps of: determining service operations in each source code file; determining an execution time of each service operation based on business volumetrics; and setting the issue flag if the execution time of any service operation is less than an execution time threshold.
“4. The computer-implemented automated review method of claim 1, wherein the non-syntax-related guidelines for SQL source code files include determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute.
“5. The computer-implemented automated review method of claim 1, wherein the non-syntax-related guidelines for SQL source code files include determining whether a type of data to be written to the data store matches a type of data in the data store.
“6. The computer-implemented automated review method of claim 1, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework.
“7. The computer-implemented automated review method of claim 1, wherein the guidelines for invoking SQL components within Java source code include checking that a type of data passed to the SQL components matches a type of data expected by the SQL components.
“8. The computer-implemented automated review method of claim 1, wherein the guidelines for data store connection and object definitions include checking that a bean definition for a database points to the data store.
“9. The computer-implemented automated review method of claim 1, wherein the guidelines for data store connection and object definitions include checking that pointers to open source framework software are correct.
“10. The computer-implemented automated review method of claim 1, wherein the transaction-related guidelines include checking for the presence of a transaction manager definition.
“11. The computer-implemented automated review method of claim 1, wherein the datasource configuration guidelines include checking for a definition of a datasource.
“12. A computer-implemented automated review method for source code files seeking to access a data store, the method comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines, the guidelines including determining whether a type of data to be written to the data store matches a type of data in the data store; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code, the guidelines including checking that a type of data passed to the SQL components matches a type of data expected by the SQL components; examining configuration source code files and determining compliance with data store connection and object definition guidelines, the guidelines including checking that a bean definition for a database points to the data store; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines, the guidelines including checking for the presence of a transaction manager definition; examining configuration source code files and determining compliance with datasource configuration guidelines, the guidelines including checking for a definition of a datasource; setting the issue flag if any of the guidelines are not followed; reviewing the status of the issue flag; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“13. The computer-implemented automated review method of claim 12, further comprising the steps of: determining service operations in each source code file; determining an execution frequency of each service operation based on business volumetrics; and setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold.
“14. The computer-implemented automated review method of claim 12, further comprising the steps of: determining service operations in each source code file; determining an execution time of each service operation based on business volumetrics; and setting the issue flag if the execution time of any service operation is less than an execution time threshold.
“15. The computer-implemented automated review method of claim 12, wherein the non-syntax-related guidelines for SQL source code files include determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute.
“16. The computer-implemented automated review method of claim 12, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework.
“17. The computer-implemented automated review method of claim 12, wherein the guidelines for data store connection and object definitions include checking that pointers to open source framework software are correct.
“18. A computer-implemented automated review method for data store access source code files, the method comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; determining service operations in each source code file; determining an execution frequency and an execution time of each service operation based on business volumetrics; setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold; setting the issue flag if the execution time of any service operation is less than an execution time threshold; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL source code within Java source code; examining configuration source code files and determining compliance with data store connection and object definition guidelines; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if any of the guidelines are not followed; reviewing the status of the issue flag; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“19. The computer-implemented automated review method of claim 18, wherein the non-syntax-related guidelines for SQL source code files includes determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute, and determining whether a type of data to be written to the data store matches a type of data in the data store.
“20. The computer-implemented automated review method of claim 18, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework, and checking that a type of data passed to the SQL components matches a type of data expected by the SQL components.”
For the URL and additional information on this patent, see: Anderson, Matthew; Snyder, Richard T.; Galvin,
(Our reports deliver fact-based news of research and discoveries from around the world.)
SBA Disaster Declaration Approved – Loans Now Available
Technical Mapping Advisory Council
Advisor News
- Advisors must lead the policy risk conversation
- Gen X more anxious than baby boomers about retirement
- Taxing trend: How the OBBBA is breaking the standard deduction reliance
- 6 in 10 Americans struggle with financial decisions
- New Trump administration rule seeks to bail out private equity, credit with workers’ 401(k) savings
More Advisor NewsAnnuity News
- ‘I get confused:’ Regulators ponder increasing illustration complexities
- Three ways the Corebridge/Equitable merger could shake up the annuity market
- Corebridge, Equitable merge to create potential new annuity sales king
- LIMRA: Final retail annuity sales total $464.1 billion in 2025
- How annuities can enhance retirement income for post-pension clients
More Annuity NewsHealth/Employee Benefits News
- Findings from Tufts Medical Center Has Provided New Information about Cancer (“Nothing Is as Great a Learning Experience as Getting a $15,000 Bill”A Mixed-Methods Study of Young Adult Cancer Survivors’ Experience With Insurance Coverage): Cancer
- Layin' It on the Line: The long-term care crisis in Utah: Why national plans fail here and how to shield your assets (Part 1)
- Guardian Completes Integration With FINEOS to Expand Digital Capabilities and Deliver a Simplified Leave Experience
- Your health plan may cover more during pregnancy than you think
- Wyoming's BearCare health plan for emergencies dies, for now
More Health/Employee Benefits NewsLife Insurance News
- AM Best Affirms Credit Ratings of MetLife, Inc. and Its Life/Health Subsidiaries
- Guardian Completes Integration With FINEOS to Expand Digital Capabilities and Deliver a Simplified Leave Experience
- From marathons to mountaineering: Ranking which sports and hobbies affect life insurance the most
- AMERICA'S CREDIT UNIONS HIRES VETERAN WASHINGTON ADVOCATE TO LEAD POLICY STRATEGY
- Society of Actuaries announces Clar Rosso as next CEO
More Life Insurance News