Patent Issued for Data classification and modelling based application compliance analysis (USPTO 11416524): Accenture Global Solutions Limited
2022 SEP 02 (NewsRx) -- By a
The patent’s assignee for patent number 11416524 is
News editors obtained the following quote from the background information supplied by the inventors: “A software application may be used by various users that are dispersed across multiple geographies. The application may be deployed and/or hosted within private, public, hybrid cloud, or entirely in an organization’s data center. Such applications may need to comply with various rules and regulations.”
As a supplement to the background information on this patent, NewsRx correspondents also obtained the inventors’ summary information for this patent: “For simplicity and illustrative purposes, the present disclosure is described by referring mainly to examples. In the following description, numerous specific details are set forth in order to provide a thorough understanding of the present disclosure. It will be readily apparent however, that the present disclosure may be practiced without limitation to these specific details. In other instances, some methods and structures have not been described in detail so as not to unnecessarily obscure the present disclosure.
“Throughout the present disclosure, the terms “a” and “an” are intended to denote at least one of a particular element. As used herein, the term “includes” means includes but not limited to, the term “including” means including but not limited to. The term “based on” means based at least in part on.
“Data classification and modelling based application compliance analysis apparatuses, methods for data classification and modelling based application compliance analysis, and non-transitory computer readable media having stored thereon machine readable instructions to provide data classification and modelling based application compliance analysis are disclosed herein. The apparatuses, methods, and non-transitory computer readable media disclosed herein provide for data classification and modelling based application compliance analysis by generating a knowledge graph (e.g., a knowledge model) based on the aspects of data classification rules, regional sovereignty laws, and cloud service provider information. In this regard, the apparatuses, methods, and non-transitory computer readable media disclosed herein provide for generation of a knowledge graph based data sovereignty governance framework to classify data and identify relevant applicable laws. The apparatuses, methods, and non-transitory computer readable media disclosed herein provide for the analysis of an application’s relational database to classify the data based on data classification aspects. In this regard, regional and locational information about application users, as well as applicable sovereignty laws including data localization laws based on a user’s regional information may be identified and analyzed. The various applicable regulations and rules within the laws may be identified by determining priorities using a regional sovereignty approach as disclosed herein. An application deployment strategy or migration to the cloud based on a cloud service provider’s information that includes various cloud service provide offerings may also be recommended and applied for storage of application data for an application.
“With respect to application compliance, a software application may be generally used by various users dispersed across multiple geographies. The software application may be deployed and/or hosted within private, public, hybrid cloud, or entirely in an organization’s data centers (e.g., on-premise). The application hosted in a particular country may need to adhere to the laws of the hosted country or state (e.g., data sovereignty compliance). In contrast, data localization laws may represent regulations enforcing how data can be processed in a certain territory. Each country or region may have many laws pertaining to domains such as finance, medical, etc. (e.g., Health Insurance Portability and Accountability Act (HIPAA)) or privacy and protection laws for individual citizens of a country (such as General Data Protection Regulation (GDPR)) which becomes part of data localization and sovereignty laws (e.g., data laws as disclosed herein). Further, such laws may be evolving as governments and regulatory bodies keep enhancing these laws as and when they discover new issues and loopholes. With ever evolving regulations, it is technically challenging for an organization to keep track of regulations and accordingly adopt their application to be compliant.
“Yet further, data has emerged as a central commodity in most modern applications. Unregulated and rampant collection of user and usage data by applications has led to concerns on privacy, trust, and ethics. This has resulted in several governments and organizations across geographies to frame laws on data that govern and define boundaries for the storage, processing and transitioning of data, and thereby safeguard the interests of its citizens. Data sovereignty and data localization are two important aspects, which deal with the adherence to the laws and governance structures, that define where and how data is collected and processed. The applicability of different data laws depends upon several attributes such as the nature, type, and purpose of data. Non-compliance to data laws and regulations can lead to serious repercussions for enterprises, ranging from penalties to loss of brand value. In this regard, it is technically challenging for enterprises to ensuring that all of their applications are complaint to various data laws. Enterprises have to account with a plethora of data laws (that are constantly evolving) and are often unclear even in correctly identifying all the applicable data laws for their context let alone ensuring compliance to regulations.”
The claims supplied by the inventors are:
“1. A data classification and modelling based application compliance analysis apparatus comprising: at least one hardware processor; a knowledge graph schema generator, executed by the at least one hardware processor, to generate, for application data for an application, and based on data laws, a knowledge graph schema; a knowledge graph instantiator, executed by the at least one hardware processor, to generate, based on the data laws and the knowledge graph schema, an instantiated knowledge graph; a data classifier, executed by the at least one hardware processor, to generate, based on a plurality of data sources, domain knowledge and patterns, and the instantiated knowledge graph, classified data; a knowledge graph annotator, executed by the at least one hardware processor, to generate, based on the classified data and the instantiated knowledge graph, an annotated knowledge graph; a governance and compliance advisor, executed by the at least one hardware processor, to generate, based on the annotated knowledge graph, an indication of applicable sovereign laws and compliance related to the application data for the application; a sovereign cloud strategy generator, executed by the at least one hardware processor, to generate, based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, a sovereign cloud strategy related to the application data for the application; a sovereign cloud strategy implementer, executed by the at least one hardware processor, to apply, based on the sovereign cloud strategy related to the application data for the application, the sovereign cloud strategy to the application data for the application; and store, based on application of the sovereign cloud strategy to the application data for the application, the application data for the application.
“2. The data classification and modelling based application compliance analysis apparatus according to claim 1, wherein the sovereign cloud strategy generator is executed by the at least one hardware processor to: generate, based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, the sovereign cloud strategy that includes a ranking of cloud service providers for storage of the application data for the application.
“3. The data classification and modelling based application compliance analysis apparatus according to claim 2, wherein the sovereign cloud strategy generator is executed by the at least one hardware processor to generate, based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, the sovereign cloud strategy that includes the ranking of cloud service providers for storage of the application data for the application by: determining, for each cloud service provider of the cloud service providers, and for each factor of a plurality of factors associated with the applicable sovereign laws and compliance, a score.
“4. The data classification and modelling based application compliance analysis apparatus according to claim 3, wherein the sovereign cloud strategy generator is executed by the at least one hardware processor to determine, for each cloud service provider of the cloud service providers, and for each factor of the plurality of factors associated with the applicable sovereign laws and compliance, the score by: modifying, based on a weight associated with each factor of the plurality of factors, the score to generate, for each cloud service provider of the cloud service providers, and for each factor of the plurality of factors, a weighted score.
“5. The data classification and modelling based application compliance analysis apparatus according to claim 4, wherein the sovereign cloud strategy generator is executed by the at least one hardware processor to: determine, for each cloud service provider of the cloud service providers and based on the weighted score corresponding to each factor of the plurality of factors, an overall weighted factor score; and rank, based on the overall weighted factor score for each cloud service provider of the cloud service providers, the cloud service providers.
“6. The data classification and modelling based application compliance analysis apparatus according to claim 2, wherein the sovereign cloud strategy generator is executed by the at least one hardware processor to: generate, for a highest ranked cloud service provider of the ranked cloud service providers, a ranking of cloud service provider offerings for storage of the application data for the application, and the sovereign cloud strategy implementer is executed by the at least one hardware processor to: apply, based on the sovereign cloud strategy related to the application data for the application, a highest ranked cloud service provider offering of the ranked cloud service provider offerings to store the application data for the application.
“7. The data classification and modelling based application compliance analysis apparatus according to claim 2, wherein the sovereign cloud strategy generator is executed by the at least one hardware processor to: generate, for each ranked cloud service provider of the ranked cloud service providers, a ranking of cloud service provider offerings for storage of the application data for the application; and determine, based on analysis of a plurality of ranked cloud service provider and ranked cloud service provider offering combinations, a best fit cloud service provider and cloud service provider offering combination, and the sovereign cloud strategy implementer is executed by the at least one hardware processor to: apply, based on the sovereign cloud strategy related to the application data for the application, the best fit cloud service provider and cloud service provider offering combination to store the application data for the application.
“8. The data classification and modelling based application compliance analysis apparatus according to claim 1, wherein the knowledge graph schema includes: a data classification model to classify the application data according to the data laws; a regional model to encapsulate geographies with respect to larger geographical entities; a data regulations model to encapsulate the data laws for regions associated with storage of the application data for the application; a cloud service provider model to encapsulate properties associated with cloud service providers for the storage of the application data for the application; and a cloud service provider offering model to encapsulate cloud service offerings associated with the cloud service providers.
“9. A method for data classification and modelling based application compliance analysis, the method comprising: generating, by at least one hardware processor, for application data for an application, and based on data laws, a knowledge graph schema; generating, by the at least one hardware processor, based on the data laws and the knowledge graph schema, an instantiated knowledge graph; generating, by the at least one hardware processor, based on a plurality of data sources, domain knowledge and patterns, and the instantiated knowledge graph, an annotated knowledge graph; generating, by the at least one hardware processor, based on the annotated knowledge graph, an indication of applicable sovereign laws and compliance related to the application data for the application; generating, by the at least one hardware processor, based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, a sovereign cloud strategy related to the application data for the application; applying, by the at least one hardware processor, based on the sovereign cloud strategy related to the application data for the application, the sovereign cloud strategy to the application data for the application; and storing, by the at least one hardware processor, based on application of the sovereign cloud strategy to the application data for the application, the application data for the application.
“10. The method for data classification and modelling based application compliance analysis according to claim 9, further comprising: generating, by the at least one hardware processor, based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, the sovereign cloud strategy that includes a ranking of cloud service providers for storage of the application data for the application.
“11. The method for data classification and modelling based application compliance analysis according to claim 10, wherein generating, by the at least one hardware processor, based on the annotated knowledge graph and the applicable sovereign laws and compliance related to the application data for the application, the sovereign cloud strategy that includes the ranking of cloud service providers for storage of the application data for the application, further comprises: determining, by the at least one hardware processor, for each cloud service provider of the cloud service providers, and for each factor of a plurality of factors associated with the applicable sovereign laws and compliance, a score.”
There are additional claims. Please visit full patent to read further.
For additional information on this patent, see: Burden,
(Our reports deliver fact-based news of research and discoveries from around the world.)
Deakin University Reports Findings in HIV/AIDS (Social determinants of health on human immunodeficiency virus care quality in Indonesia): Immune System Diseases and Conditions – HIV/AIDS
Patent Issued for Using a distributed ledger to determine fault in subrogation (USPTO 11416942): State Farm Mutual Automobile Insurance Company
Advisor News
- Trump pick for Treasury: extending tax cuts the ‘most important’ issue
- Treasury Secretary nominee Scott Bessent says Trump tax cuts should not expire
- Five retirement-industry trends to watch in 2025
- U.S. military veteran workers report higher levels of financial well-being
- US inflation picked up in December, though underlying price pressures ease
More Advisor NewsAnnuity News
- Midland Advisory Focused on Growing Registered Investment Advisor Channel Presence
- Delaware Life Announces Suite of Innovative Fixed Index Annuities
- Allianz Life moves to strengthen annuity operations with own reinsurer
- Global Atlantic Announces New Registered Index-Linked Annuity
- AM Best Affirms Credit Ratings of Reinsurance Group of America, Incorporated and Subsidiaries
More Annuity NewsHealth/Employee Benefits News
- Insurers question need for prosthetics, limit coverage
- Social Security: Submit your continuing disability review report online
- Is a 'people before profit' model the solution in the United States?
- Missouri proposal could block health insurers from limiting anesthesia coverage
- WA doulas now eligible for highest Medicaid reimbursement in U.S.
More Health/Employee Benefits NewsLife Insurance News
- AM Best Affirms Credit Ratings of Prudential Financial, Inc. and Its Life/Health Subsidiaries
- Symetra reaches $32.5 million settlement over cost-of-insurance charges
- Registration Statement – Specified Transactions (Form S-3)
- Symetra Names Christine Carlson Vice President, Stop Loss Claims
- Best’s Market Segment Report: AM Best Maintains Stable Outlook on India’s Non-Life Insurance Segment
More Life Insurance News