Patent Issued for Automated data store access source code review (USPTO 11474812): State Farm Mutual Automobile Insurance Company
2022 NOV 08 (NewsRx) -- By a
The patent’s assignee for patent number 11474812 is
News editors obtained the following quote from the background information supplied by the inventors:
“Field of the Invention
“Embodiments of the current invention relate to methods and devices for automatically reviewing data store or database access source code.
“Description of the Related Art
“Large-scale data stores, or databases, such as those maintained by an insurance provider or a financial institution, not only include a great volume of data, but are also accessed at a high frequency. An exemplary insurance provider may have anywhere from hundreds of thousands to tens of millions of customers or clients. Associated with each customer may be personal information, such as a name, a birthdate, an address, etc., and policy information, such as a homeowner’s policy with coverage terms and details about the house or property being covered, or an automobile policy with coverage terms and details about the vehicle being covered. Also associated with each customer may be account information, such as payment history and the like. All of this information is stored in one or more data stores. An exemplary insurance provider may further have thousands of employees, such as agents, representatives, adjusters, accountants, and so forth. Each employee may wish to access the data stores to create new policies, update existing policies, retrieve information about policies, delete accounts, retrieve account information, or the like. In addition, some requests for access may involve hundreds of accounts, such as preparing billing information on any given day. If the insurance provider also offers online or web service for customers to directly access policy or account information, then the traffic to the data stores could increase significantly.
“Access to the data stores is controlled by data store access software. The software may include deployables, which are built from source code files. Each task or type of task may require one or more deployables. For example, creating new policies may require a first one or more deployables, while updating policy data may require a second one or more deployables, and so forth. Given the volume of data to be handled and the frequency of access, each deployable must be as efficient in adding, retrieving, or modifying data as possible. Typically, data store managers, database administrators (DBAs), data access developers, or other information technology (IT) personnel review the source code used to build the deployables to ensure proper operation and performance. Since new deployables, or modifications to existing deployables, may be built or updated every day, it is difficult for data store managers and IT personnel to adequately review the source code and ensure proper performance. This leads to either inefficient code being deployed or long delays in implementing properly operating deployables.
“Furthermore, the deployables may be created from at least three types of source code files. A first type of source code may provide modification to the data store contents, by adding, deleting, or changing data. A second type of source code may provide an interface between the first type of source code and applications, typically business applications, that seek to access the data store. A third type of source code may provide configuration of the software components of the first and second types of source code. It is possible that each type of source code may be written by a different group of coders or programmers. Each group may specialize in the type of source code that they write, but may have little knowledge of the requirements of the other types of source code. The fact that different groups with different concerns write the data store access source code may further contribute to inconsistencies and inefficiencies in the deployables.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “Embodiments of the current invention solve the above-mentioned problems and provide a distinct advance in the art of automated source code review. Specifically, embodiments of the current invention provide computer-implemented methods that may automatically review data store access source code files by checking for compliance with guidelines on a plurality of levels. The methods may check the three types of source code, including data store modification source code files, application interface source code files, and configuration source code files, among others. If any of the source code files do not comply with the guidelines, then deployment of the source code may be halted until issues can be examined.
“In one embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with transaction-related guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“In another embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines, the guidelines including determining whether a type of data to be written to the data store matches a type of data in the data store; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code, the guidelines including checking that a type of data passed to the SQL components matches a type of data expected by the SQL components; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines, the guidelines including checking that a bean definition for a database points to the data store; setting the issue flag if the guidelines are not followed; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines, the guidelines including checking for the presence of a transaction manager definition; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines, the guidelines including checking for a definition of a datasource; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“In yet another embodiment, the current invention provides a computer-implemented automated review method for source code files seeking to access a data store broadly comprising the steps of: receiving a request to review data store access source code; determining computer files which include the data access source code; determining service operations in each source code file; determining an execution frequency and an execution time of each service operation based on business volumetrics; setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold; setting the issue flag if the execution time of any service operation is less than an execution time threshold; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; setting the issue flag if the guidelines are not followed; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with data store connection and object definition guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with transaction-related guidelines; setting the issue flag if the guidelines are not followed; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if the guidelines are not followed; reviewing the status of the issue flag; issuing a halt signal if the issue flag is set; and issuing a proceed signal if the issue flag is not set.
“This summary is provided to introduce a selection of concepts in a simplified form that are further described below in the detailed description. This summary is not intended to identify key features or essential features of the claimed subject matter, nor is it intended to be used to limit the scope of the claimed subject matter. Other aspects and advantages of the current invention will be apparent from the following detailed description of the embodiments and the accompanying drawing figures.”
The claims supplied by the inventors are:
“1. A computer-implemented automated review method for source code files seeking to access a data store, the method comprising, via a processor: examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code; examining configuration source code files and determining compliance with data store connection and object definition guidelines; examining configuration source code files and DAO source code files, and determining compliance with transaction-related guidelines; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if any of the guidelines are not followed; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“2. The computer-implemented automated review method of claim 1, further comprising, via the processor: determining service operations in each source code file; determining an execution frequency of each service operation based on business volumetrics; and setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold for each service operation.
“3. The computer-implemented automated review method of claim 1, further comprising, via the processor: determining service operations in each source code file; determining an execution time of each service operation based on business volumetrics; and setting the issue flag if the execution time of any service operation is less than an execution time threshold.
“4. The computer-implemented automated review method of claim 1, wherein the non-syntax-related guidelines for SQL source code files include determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute.
“5. The computer-implemented automated review method of claim 1, wherein the non-syntax-related guidelines for SQL source code files include determining whether a type of data to be written to the data store matches a type of data in the data store.
“6. The computer-implemented automated review method of claim 1, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework.
“7. The computer-implemented automated review method of claim 1, wherein the guidelines for invoking SQL components within Java source code include checking that a type of data passed to the SQL components matches a type of data expected by the SQL components.
“8. The computer-implemented automated review method of claim 1, wherein the guidelines for data store connection and object definitions include checking that a bean definition for a database points to the data store.
“9. The computer-implemented automated review method of claim 1, wherein the guidelines for data store connection and object definitions include checking that pointers to open source framework software are correct.
“10. The computer-implemented automated review method of claim 1, wherein the transaction-related guidelines include checking for the presence of a transaction manager definition.
“11. The computer-implemented automated review method of claim 1, wherein the datasource configuration guidelines include checking for a definition of a datasource.
“12. A computer-implemented automated review method for source code files seeking to access a data store, the method comprising, via a processor: examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines, the guidelines including determining whether a type of data to be written to the data store matches a type of data in the data store; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL components within Java source code, the guidelines including checking that a type of data passed to the SQL components matches a type of data expected by the SQL components; examining configuration source code files and determining compliance with data store connection and object definition guidelines, the guidelines including checking that a bean definition for a database points to the data store; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines, the guidelines including checking for the presence of a transaction manager definition; examining configuration source code files and determining compliance with datasource configuration guidelines, the guidelines including checking for a definition of a datasource; setting the issue flag if any of the guidelines are not followed; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“13. The computer-implemented automated review method of claim 12, further comprising, via the processor: determining service operations in each source code file; determining an execution frequency of each service operation based on business volumetrics; and setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold.
“14. The computer-implemented automated review method of claim 12, further comprising, via the processor: determining service operations in each source code file; determining an execution time of each service operation based on business volumetrics; and setting the issue flag if the execution time of any service operation is less than an execution time threshold.
“15. The computer-implemented automated review method of claim 12, wherein the non-syntax-related guidelines for SQL source code files include determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute.
“16. The computer-implemented automated review method of claim 12, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework.
“17. The computer-implemented automated review method of claim 12, wherein the guidelines for data store connection and object definitions include checking that pointers to open source framework software are correct.
“18. A computer-implemented automated review method for data store access source code files, the method comprising, via a processor: determining computer files which include a data access source code; determining service operations in each source code file; determining an execution frequency and an execution time of each service operation based on business volumetrics; setting an issue flag if the execution frequency of any service operation is greater than an execution frequency threshold; setting the issue flag if the execution time of any service operation is less than an execution time threshold; examining structured query language (SQL) source code files and determining compliance with non-syntax-related guidelines; executing an explain command on SQL statements in the SQL source code files and producing an explain output including information about a sequence of operations for executing the SQL statements; examining data access object (DAO) source code files and determining compliance with guidelines for invoking SQL source code within Java source code; examining configuration source code files and determining compliance with data store connection and object definition guidelines; examining configuration source code files and DAO source code files and determining compliance with transaction-related guidelines; examining configuration source code files and determining compliance with datasource configuration guidelines; setting the issue flag if any of the guidelines are not followed; issuing a first signal to information technology personnel to halt deployment of the source code files if the issue flag is set; and issuing a second signal to information technology personnel to proceed with deployment of the source code files if the issue flag is not set.
“19. The computer-implemented automated review method of claim 18, wherein the non-syntax-related guidelines for SQL source code files includes determining the occurrence of specific SQL commands which are known to be time-consuming or resource-intensive to execute, and determining whether a type of data to be written to the data store matches a type of data in the data store.
“20. The computer-implemented automated review method of claim 18, wherein the guidelines for invoking SQL source code within Java source code include checking for usage of spring Java database connectivity (JDBC) framework, and checking that a type of data passed to the SQL components matches a type of data expected by the SQL components.”
For additional information on this patent, see: Anderson, Matthew. Automated data store access source code review.
(Our reports deliver fact-based news of research and discoveries from around the world.)
It's peak season for deer/vehicle collisions [The Ironton Tribune, Ohio]
Hankuk University of Foreign Studies (HUFS) Researchers Describe New Findings in Machine Learning (Improving insurers’ loss reserve error prediction: Adopting combined unsupervised-supervised machine learning techniques in risk management): Machine Learning
Advisor News
- LTC: A critical component of retirement planning
- Middle-class households face worsening cost pressures
- Metlife study finds less than half of US workforce holistically healthy
- Invigorating client relationships with AI coaching
- SEC: Get-rich-quick influencer Tai Lopez was running a Ponzi scam
More Advisor NewsAnnuity News
- Trademark Application for “EMPOWER MY WEALTH” Filed by Great-West Life & Annuity Insurance Company: Great-West Life & Annuity Insurance Company
- Conning says insurers’ success in 2026 will depend on ‘strategic adaptation’
- The structural rise of structured products
- How next-gen pricing tech can help insurers offer better annuity products
- Continental General Acquires Block of Life Insurance, Annuity and Health Policies from State Guaranty Associations
More Annuity NewsHealth/Employee Benefits News
- New Managed Care Study Findings Have Been Reported by G. Martin Reinhart and Co-Researchers (Psychiatric Medication Prescribing by Nurse Practitioners and Physician Associates for Medicare Beneficiaries): Managed Care
- Data on Managed Care Reported by Researchers at American Dental Association (Early association of expanded Medicare dental benefits to dentist billing in Medicare): Managed Care
- Researchers to study universal health care, as Coloradans face $1 billion in medical debt
- Veteran speaks out on veterans mail-order drug bill
- National Life Group Selects FINEOS AdminSuite to Transform Living Benefit and Life Insurance Claims Operations
More Health/Employee Benefits NewsLife Insurance News