Patent Issued for Automated data store access source code review (USPTO 11474812): State Farm Mutual Automobile Insurance Company
2022 NOV 08 (NewsRx) -- By a
The patent’s assignee for patent number 11474812 is
News editors obtained the following quote from the background information supplied by the inventors:
“Field of the Invention
“Embodiments of the current invention relate to methods and devices for automatically reviewing data store or database access source code.
“Description of the Related Art
“Large-scale data stores, or databases, such as those maintained by an insurance provider or a financial institution, not only include a great volume of data, but are also accessed at a high frequency. An exemplary insurance provider may have anywhere from hundreds of thousands to tens of millions of customers or clients. Associated with each customer may be personal information, such as a name, a birthdate, an address, etc., and policy information, such as a homeowner’s policy with coverage terms and details about the house or property being covered, or an automobile policy with coverage terms and details about the vehicle being covered. Also associated with each customer may be account information, such as payment history and the like. All of this information is stored in one or more data stores. An exemplary insurance provider may further have thousands of employees, such as agents, representatives, adjusters, accountants, and so forth. Each employee may wish to access the data stores to create new policies, update existing policies, retrieve information about policies, delete accounts, retrieve account information, or the like. In addition, some requests for access may involve hundreds of accounts, such as preparing billing information on any given day. If the insurance provider also offers online or web service for customers to directly access policy or account information, then the traffic to the data stores could increase significantly.
“Access to the data stores is controlled by data store access software. The software may include deployables, which are built from source code files. Each task or type of task may require one or more deployables. For example, creating new policies may require a first one or more deployables, while updating policy data may require a second one or more deployables, and so forth. Given the volume of data to be handled and the frequency of access, each deployable must be as efficient in adding, retrieving, or modifying data as possible. Typically, data store managers, database administrators (DBAs), data access developers, or other information technology (IT) personnel review the source code used to build the deployables to ensure proper operation and performance. Since new deployables, or modifications to existing deployables, may be built or updated every day, it is difficult for data store managers and IT personnel to adequately review the source code and ensure proper performance. This leads to either inefficient code being deployed or long delays in implementing properly operating deployables.
“Furthermore, the deployables may be created from at least three types of source code files. A first type of source code may provide modification to the data store contents, by adding, deleting, or changing data. A second type of source code may provide an interface between the first type of source code and applications, typically business applications, that seek to access the data store. A third type of source code may provide configuration of the software components of the first and second types of source code. It is possible that each type of source code may be written by a different group of coders or programmers. Each group may specialize in the type of source code that they write, but may have little knowledge of the requirements of the other types of source code. The fact that different groups with different concerns write the data store access source code may further contribute to inconsistencies and inefficiencies in the deployables.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “Embodiments of the current invention solve the above-mentioned problems and provide a distinct advance in the art of automated source code review. Specifically, embodiments of the current invention provide computer-implemented methods that may automatically review data store access source code files by checking for compliance with guidelines on a plurality of levels. The methods may check the three types of source code, including data store modification source code files, application interface source code files, and configuration source code files, among others. If any of the source code files do not comply with the guidelines, then deployment of the source code may be halted until issues can be examined.
“In one embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with transaction-related guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“In another embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines, the guidelines including determining whether a type of data to be written to the data store matches a type of data in the data store; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code, the guidelines including checking that a type of data passed to the SQL components matches a type of data expected by the SQL components; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines, the guidelines including checking that a bean definition for a database points to the data store; setting the issue flag if the guidelines are not followed; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines, the guidelines including checking for the presence of a transaction manager definition; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines, the guidelines including checking for a definition of a datasource; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“In yet another embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; determining service operations in each source code file; determining an execution frequency and an execution time of each service operation based on business volumetrics; setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold; setting the issue flag if the execution time of any service operation is less than an execution time threshold; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with transaction-related guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Other aspects and advantages of the current invention will be apparent from the following detailed description of the embodiments and the accompanying drawing figures.”
The claims supplied by the inventors are:
“1. A computer-implemented automated review method for source code files seeking to access a data store, the method comprising, via a processor: examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; examining configuration source code files and determining compliance with data store connection and object definition guidelines; examining configuration source code files and DAO source code files, and determining compliance with transaction-related guidelines; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if any of the guidelines are not followed; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“2. The computer-implemented automated review method of claim 1, further comprising, via the processor: determining service operations in each source code file; determining an execution frequency of each service operation based on business volumetrics; and setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold for each service operation.
“3. The computer-implemented automated review method of claim 1, further comprising, via the processor: determining service operations in each source code file; determining an execution time of each service operation based on business volumetrics; and setting the issue flag if the execution time of any service operation is less than an execution time threshold.
“4. The computer-implemented automated review method of claim 1, wherein the non-syntax-related guidelines for SQL source code files include determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute.
“5. The computer-implemented automated review method of claim 1, wherein the non-syntax-related guidelines for SQL source code files include determining whether a type of data to be written to the data store matches a type of data in the data store.
“6. The computer-implemented automated review method of claim 1, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework.
“7. The computer-implemented automated review method of claim 1, wherein the guidelines for invoking SQL components within Java source code include checking that a type of data passed to the SQL components matches a type of data expected by the SQL components.
“8. The computer-implemented automated review method of claim 1, wherein the guidelines for data store connection and object definitions include checking that a bean definition for a database points to the data store.
“9. The computer-implemented automated review method of claim 1, wherein the guidelines for data store connection and object definitions include checking that pointers to open source framework software are correct.
“10. The computer-implemented automated review method of claim 1, wherein the transaction-related guidelines include checking for the presence of a transaction manager definition.
“11. The computer-implemented automated review method of claim 1, wherein the datasource configuration guidelines include checking for a definition of a datasource.
“12. A computer-implemented automated review method for source code files seeking to access a data store, the method comprising, via a processor: examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines, the guidelines including determining whether a type of data to be written to the data store matches a type of data in the data store; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code, the guidelines including checking that a type of data passed to the SQL components matches a type of data expected by the SQL components; examining configuration source code files and determining compliance with data store connection and object definition guidelines, the guidelines including checking that a bean definition for a database points to the data store; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines, the guidelines including checking for the presence of a transaction manager definition; examining configuration source code files and determining compliance with datasource configuration guidelines, the guidelines including checking for a definition of a datasource; setting the issue flag if any of the guidelines are not followed; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“13. The computer-implemented automated review method of claim 12, further comprising, via the processor: determining service operations in each source code file; determining an execution frequency of each service operation based on business volumetrics; and setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold.
“14. The computer-implemented automated review method of claim 12, further comprising, via the processor: determining service operations in each source code file; determining an execution time of each service operation based on business volumetrics; and setting the issue flag if the execution time of any service operation is less than an execution time threshold.
“15. The computer-implemented automated review method of claim 12, wherein the non-syntax-related guidelines for SQL source code files include determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute.
“16. The computer-implemented automated review method of claim 12, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework.
“17. The computer-implemented automated review method of claim 12, wherein the guidelines for data store connection and object definitions include checking that pointers to open source framework software are correct.
“18. A computer-implemented automated review method for data store access source code files, the method comprising, via a processor: determining computer files which include a data access source code; determining service operations in each source code file; determining an execution frequency and an execution time of each service operation based on business volumetrics; setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold; setting the issue flag if the execution time of any service operation is less than an execution time threshold; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL source code within Java source code; examining configuration source code files and determining compliance with data store connection and object definition guidelines; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if any of the guidelines are not followed; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“19. The computer-implemented automated review method of claim 18, wherein the non-syntax-related guidelines for SQL source code files includes determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute, and determining whether a type of data to be written to the data store matches a type of data in the data store.
“20. The computer-implemented automated review method of claim 18, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework, and checking that a type of data passed to the SQL components matches a type of data expected by the SQL components.”
For additional information on this patent, see: Anderson, Matthew. Automated data store access source code review.
(Our reports deliver fact-based news of research and discoveries from around the world.)
It's peak season for deer/vehicle collisions [The Ironton Tribune, Ohio]
Hankuk University of Foreign Studies (HUFS) Researchers Describe New Findings in Machine Learning (Improving insurers’ loss reserve error prediction: Adopting combined unsupervised-supervised machine learning techniques in risk management): Machine Learning
Advisor News
- 2025 Top 5 Advisor Stories: From the ‘Age Wave’ to Gen Z angst
- Flexibility is the future of employee financial wellness benefits
- Bill aims to boost access to work retirement plans for millions of Americans
- A new era of advisor support for caregiving
- Millennial Dilemma: Home ownership or retirement security?
More Advisor NewsAnnuity News
- Great-West Life & Annuity Insurance Company Trademark Application for “EMPOWER BENEFIT CONSULTING SERVICES” Filed: Great-West Life & Annuity Insurance Company
- 2025 Top 5 Annuity Stories: Lawsuits, layoffs and Brighthouse sale rumors
- An Application for the Trademark “DYNAMIC RETIREMENT MANAGER” Has Been Filed by Great-West Life & Annuity Insurance Company: Great-West Life & Annuity Insurance Company
- Product understanding will drive the future of insurance
- Prudential launches FlexGuard 2.0 RILA
More Annuity NewsHealth/Employee Benefits News
Life Insurance News
- Baby On Board
- 2025 Top 5 Life Insurance Stories: IUL takes center stage as lawsuits pile up
- Private placement securities continue to be attractive to insurers
- Inszone Insurance Services Expands Benefits Department in Michigan with Acquisition of Voyage Benefits, LLC
- Affordability pressures are reshaping pricing, products and strategy for 2026
More Life Insurance News