+

US20220083875A1 - System and method for specifying rules for operational systems - Google Patents

System and method for specifying rules for operational systems Download PDF

Info

Publication number
US20220083875A1
US20220083875A1 US17/456,804 US202117456804A US2022083875A1 US 20220083875 A1 US20220083875 A1 US 20220083875A1 US 202117456804 A US202117456804 A US 202117456804A US 2022083875 A1 US2022083875 A1 US 2022083875A1
Authority
US
United States
Prior art keywords
rules
high level
rule
processor
level rules
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Abandoned
Application number
US17/456,804
Inventor
Muhammad Yaseen Ali
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Mastercard International Inc
Original Assignee
Mastercard International Inc
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Mastercard International Inc filed Critical Mastercard International Inc
Priority to US17/456,804 priority Critical patent/US20220083875A1/en
Assigned to MASTERCARD INTERNATIONAL INCORPORATED reassignment MASTERCARD INTERNATIONAL INCORPORATED ASSIGNMENT OF ASSIGNORS INTEREST (SEE DOCUMENT FOR DETAILS). Assignors: ALI, MUHAMMAD YASEEN
Publication of US20220083875A1 publication Critical patent/US20220083875A1/en
Abandoned legal-status Critical Current

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06NCOMPUTING ARRANGEMENTS BASED ON SPECIFIC COMPUTATIONAL MODELS
    • G06N5/00Computing arrangements using knowledge-based models
    • G06N5/02Knowledge representation; Symbolic representation
    • G06N5/022Knowledge engineering; Knowledge acquisition
    • G06N5/025Extracting rules from data
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B15/00Systems controlled by a computer
    • G05B15/02Systems controlled by a computer electric
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/901Indexing; Data structures therefor; Storage structures
    • G06F16/9017Indexing; Data structures therefor; Storage structures using directory or table look-up
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F16/00Information retrieval; Database structures therefor; File system structures therefor
    • G06F16/90Details of database functions independent of the retrieved data types
    • G06F16/903Querying
    • G06F16/90335Query processing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F40/00Handling natural language data
    • G06F40/20Natural language analysis
    • G06F40/205Parsing
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0207Discounts or incentives, e.g. coupons or rebates
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06QINFORMATION AND COMMUNICATION TECHNOLOGY [ICT] SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL OR SUPERVISORY PURPOSES, NOT OTHERWISE PROVIDED FOR
    • G06Q30/00Commerce
    • G06Q30/02Marketing; Price estimation or determination; Fundraising
    • G06Q30/0241Advertisements
    • GPHYSICS
    • G05CONTROLLING; REGULATING
    • G05BCONTROL OR REGULATING SYSTEMS IN GENERAL; FUNCTIONAL ELEMENTS OF SUCH SYSTEMS; MONITORING OR TESTING ARRANGEMENTS FOR SUCH SYSTEMS OR ELEMENTS
    • G05B2219/00Program-control systems
    • G05B2219/20Pc systems
    • G05B2219/25Pc structure of the system
    • G05B2219/25011Domotique, I-O bus, home automation, building automation

Definitions

  • the present invention relates to the management and execution of rules for operational systems. In specific aspects, it relates to methods and systems for modifying the outcome of multiple rules.
  • a rule management system is a platform used to define, deploy, execute, monitor and maintain a variable and complex decision logic used by operational systems.
  • the rule management system allows the logic (also referred to as rules) to be extracted and managed separately from other parts of the operational system, allowing a user of the rule management system to specify new rules without the need to modify each part of the system on which the new rule may have an effect.
  • Rule management systems may be used in a variety of contexts and are particularly advantageous where the requirements of an operational system are subject to a high degree or frequency of change, where the decision used by the system is very complex, for example because it involves a large number of complex and interrelated requirements, or where consistency and traceability of actions or decisions made need to be guaranteed across the operational system.
  • rules and rules management system may be used in an access control system in an office facility, to manage multiple requirements of the system including who can open which door, when is each door/category of door locked, which identification is required before opening a door, etc.
  • rules to define, modify and execute such requirements means that a facilities manager can easily define very granular requirements (e.g., where different areas of the facility are occupied by different tenants, have different operational requirements, etc.) as well as concurrently manage general requirements, without having to alter the core applications present e.g., at each door or in each office suite.
  • the invention provides a method of controlling an operational system by a rules management system comprising a processor programmed to execute rules from a rules repository stored on a memory.
  • the method comprises providing one or more high level rules comprising a condition part and an effect part, wherein each high level rule, when executed, modifies the effect of one or more rules R m in the rules repository; identifying the rules R m that match the condition part of the high rule; and receiving a request relating to one or more rules and checking whether the one or more high level rules apply to the request; executing each rule R m and/or each high level rule that applies to the request.
  • the effect part of the high level rule is qualified as an “add” effect, and the high level rule modifies the effect of one or more rules R m by combining the effect of the rule with that of the high rule.
  • executing the rules that apply to the request comprises executing each R m and each high level rule.
  • the effect part of the high level rule is qualified as a “replace” effect, and a high level rule modifies the effect of one or more rules R m by replacing the effect of each rule R m with that of the high rule.
  • executing the rules that apply to the request comprises executing the high level rule only for each R m identified.
  • Providing one or more high level rules may comprise a user defining high level rules at a rule management interface.
  • defining high level rules comprises defining whether the action of the high level rule is to replace or be combined with the actions of the rules R m .
  • defining the high level rules comprises defining one or more criteria to identify the rules R m to modify.
  • the method may further comprise verifying the one or more high level rules provides do not overlap or conflict with existing high level rules.
  • the method further comprises recording a pointer to each rule R m that matches the condition part of each high rule, and recording whether the effect part of the high level rule is qualified as an “add” effect or a “replace” effect.
  • the invention provides a computing apparatus comprising a processor and a memory, wherein the processor is programmed to execute rules from a rules repository stored on a memory in response to a request.
  • the computing apparatus further comprises a high rules repository storing one or more high level rules, wherein each high level rule, when executed by the processor, modifies the effect of execution of one or more rules R m in the rules repository; and a high rules conditions module that when executed by the processor identifies and executes the high level rules that apply to the request.
  • the computing apparatus further comprises a rule management interface configured to allow a user to specify new high rules.
  • the computing apparatus comprises a high rules parser that when executed by the processor: separates a high rule into an action part and a condition part; and sends the action part to the high rules repository and the condition part together with a pointer to the action part to the high rules condition module.
  • the computing apparatus may further comprise a sanity check module that when executed by the processor determines whether a new high rule satisfies one or more defined criteria by comparing the new high rule to existing high rules and rules in the rules repository.
  • the sanity check module when executed by the processor prevents deployment of a new high rule that does not satisfy one or more of the defined criteria.
  • FIG. 1 illustrates schematically a rule management system according to the prior art
  • FIG. 2 illustrates a method of specifying high level rules according to an embodiment of the invention, as a flow diagram
  • FIG. 3 illustrates schematically a rule management system according to an embodiment of the invention
  • FIG. 4 illustrates a method of deploying high level rules according to an embodiment of the invention, as a flow diagram
  • FIG. 5 is a flowchart showing a method of executing rules according to an embodiment of the invention.
  • FIG. 6 illustrates an exemplary implementation of an embodiment of the invention applied to an access control system
  • FIG. 7 is a flowchart showing a method of executing rules for an access control system according to an embodiment of the invention.
  • a rule (also referred to as ‘business rule’ because they are frequently used to formalise aspects of the functioning of a business) is a statement that defines or constraints some aspect of the operational system to which it relates. Rules are atomic in the sense that they cannot be broken down or decomposed further into more detailed rules. Rules are expressed in one or more formal rule statements. Formal rule statements are simply expressions of rules in the convention of a particular formal grammar (also referred to as ‘formal expression type’). Formal expression types include structured English, IDEF1X, Oracle's CASE*Method, Object Role Modelling, Ross's notation, etc.
  • rule statements are also referred to herein as ‘rules’ for readability, and the skilled person would be able to interpret the term according to the context. Note, however, that in essence rules are sections of software which, when run on a suitable software platform, such as a rules engine, are responsive to an event or condition, determine a decision, and action or execute an outcome. This will become apparent in the discussion that now follows.
  • a rule for an access control system may specify the requirement that the system does not allow a door to be opened even with appropriate identification on Sundays because security must be contacted before the door can be opened.
  • a structured English example of a formal rule statement corresponding to this rule is:
  • a rule for an online ordering portal for a food vendor may specify the requirement that the system does not allow a user of the online ordering portal to order food via the portal on Sunday because the shop is closed.
  • a structured English example of a formal rule statement corresponding to this rule is:
  • Structural assertions are terms (defined concepts) or statements of fact that express some aspect of the structure of an operational system, including facts assembled from terms.
  • Action assertions are statement of a constraint or condition that limits or controls the actions of an operational system (e.g., IF this THEN do that).
  • Derivations are statements of knowledge derived from other knowledge in the operational system. This disclosure is primarily concerned with rules that are action assertions, i.e., rules as exemplified above, that define what the behaviour of the operational system (or parts thereof) should be in a given context, in response to a given challenge, etc.
  • a user of the rules management system can simply specify rules to represent constraints that should be applied to an operational system, via a rule management system.
  • the rule management system can then deploy the rule dynamically, without needing to take any of the systems that it responds to offline/out of service, because no change to the structure of any of the core applications of the operational system is required.
  • the user of the rules management system can simply use the system to set opening hours and behaviours dynamically and define the required behaviour of any external applications (for example the online ordering portal, the security system of the physical shop, the answering machine of the phone line of the shop, etc.) without having to modify the code of the core applications controlling each of these functions.
  • FIG. 1 illustrates schematically a simple rule management system 100 .
  • the system comprises a rules engine 102 , a rule management interface 104 , and a data storage 106 .
  • the rule management interface 104 is used by a user of the system 108 to write, modify and manage rules.
  • the rule management interface 104 is a programme that, when executed by a processor on a computing device, allows a user to write, modify and manage rules.
  • the computing device hosting the rule management interface 104 typically comprises in addition to a processor, a memory storing the programme, and an input/output system to allow interaction with the user.
  • the computing device hosting the rule management interface 104 may be a user computing device or may be provided by a server and accessed by the user 108 via a user computing device.
  • the data storage 106 comprises a rules repository 106 a and optionally one of more additional data stores 106 b .
  • the optional data stores 106 b may be provided outside of the rule management system, or may be omitted entirely.
  • the optional data stores 106 b may comprise databases that store information regarding requests that have been submitted, rules that have been executed, results that have been obtained, information that may be used to interpret a request, etc.
  • the rules engine 102 executes requests from an end user 108 or an external application 110 , using data from the data storage 106 , and returns the result of execution of rules to one or more external applications 110 and/or end users 108 (for example, when external application 110 comprises a user interface).
  • the end user 108 may be the same person as the user of the system (as illustrated on FIG. 1 ), or may be a different person, submitting requests to the rule management system that has been previously set up by the user of the rule management system.
  • requests may be submitted by a (physical) user and/or may be generated by other applications, devices, etc., that communicate with the rule management system in order to obtain a decision, for example on which action should be performed in a given situation.
  • the rules engine 102 comprises a processor 112 and a memory 114 , storing algorithms that, when run by the processor, allow the rules engine 102 to identify the rules stored in the rules repository 106 a that are applicable to a request, define an order in which the rules should be executed, and execute the rules.
  • the rule management interface may be executed by the same processor 112 and may optionally be stored on the same memory 114 as the rules engine 102 .
  • High rules allow a user to change the output of multiple rules at a global level, without having to modify, deploy and test each rule that may be impacted by the change. This results in a significant time saving, and reduces the number of operations needed to implement a change, thereby reducing the potential for errors.
  • FIG. 2 is a flowchart illustrating a method of specifying high level rules according to an embodiment of the invention.
  • a user of the rules management system can specify one or more criteria that indicate which rules should have a different output following the change.
  • the user may specify criteria that indirectly indicate which rules should have a different output following the change, for example by specifying one or more criteria on the content of a request, wherein requests satisfying the criteria may satisfy the condition statement of multiple rules.
  • a user may be able to specify the criteria that the request mentions an open door request. This may correspond to indicating a series of rules where the condition statement contains “IF open-door-request”.
  • a user of the rules management system may want to modify the output of rules where the condition matches or contains a given element.
  • the user specifies 202 which command(s) (action(s)) should be executed when rules that satisfy the one or more criteria are executed.
  • the user may then specify 204 whether the command should replace the existing action part of the rules concerned, or be executed in addition, i.e., whether the high rule is a “replace” or an “add” rule.
  • the system may have a default option for this setting (e.g., “replace” or “add”) and the user may omit step 204 .
  • the rule is then deployed in the rule management system (see below).
  • the high level rule can be considered to comprise a ‘condition’ part which serves to identify or ‘match’ which lower level rules will be affected by the execution of the high level rule, and an ‘effect’ or ‘action’ part which defines the change in the rule action that the high level rule is to carry out.
  • a user of the rule management system for an access control system may want to change the behaviour of the access control system on Saturdays, to specify that security should also be called on Saturday.
  • the user may instead or in addition want to change the “Call Security” behaviour, regardless of the day and which condition triggered this action, because they no longer have security and instead have installed a keypad with a code on each door.
  • the user can therefore specify at step 200 that rules including “Call Security” in the action part should be modified, at step 202 that the action to include is “Request access-code”, and at step 204 that the action is to replace “Call Security”.
  • FIG. 3 illustrates schematically a rule management system 300 according to an embodiment of the invention.
  • the system described is a convenient embodiment implementing the high rules of the invention with a low level of modification required from a conventional rules management system.
  • the skilled person would understand that different implementations are possible, and in particular that functions indicated as performed by some entities may in fact be performed by other entities, such as existing entities of a rules management system.
  • the system comprises a rules engine 302 , a rule management interface 304 , and a data storage 306 .
  • the rule management interface 304 is an algorithm executed by a processor and that enables a user 308 of the rules management system to write, modify, and manage rules.
  • the rule management interface 304 comprises a rules module 304 a and a high rules module 304 b , allowing the user to write, modify and manage rules and high rules, respectively.
  • the rules engine 302 is similar to the rules engine 102 above and performs a similar function.
  • the rules engine also comprises a processor 312 and a memory 314 , storing algorithms that, when run by the processor, allow the rules engine to identify the rules that are applicable to a request, define an order in which the rules should be executed, and execute the rules.
  • the processor 312 and memory 314 may also execute and store the rule management interface 204 algorithm, or these may be functions may be provided by a separate processor and/or memory of a server or user computing device.
  • the data storage 306 comprises a rules repository 306 a , a high rules repository 306 c and optionally one of more additional data stores 306 b .
  • the rules repository 306 a and optional data stores 306 b are similar in structure and function to those above.
  • the system additionally comprises a high rules parser 316 .
  • the high rule parser 316 is an algorithm stored on a memory and executed by a processor.
  • the memory and/or processor may be the same as processor 312 and memory 314 , or may be provided separately.
  • the high rules parser 316 receives 400 a high rule from the rule management interface 304 and separates 402 it into its condition and its action part.
  • the high rules parser 316 sends 404 the action part to be stored in the data storage 306 , in particular in the high rules repository 306 c .
  • the rules and high rules repository need not be separate storages and may instead be a single data repository.
  • the action part of high rules may be stored in a similar way as normal rules but without requiring a condition part.
  • the high rules parser 316 then sends 406 the condition part to the high rules condition module 318 , which queries 408 the rules repository 306 a to identify the rules in the rules repository 306 a that match the criteria specified by the user for the high rule (see step 200 above).
  • the high rules conditions module 318 then records 410 a pointer to each of the matching rules together with the condition part of the high rule.
  • the high rules conditions module 318 records a pointer to the corresponding action part in the high rules repository 306 b , and the information as to whether the high rule is an “add” or a “replace” rule, received from the high rules parser 316 at step 406 .
  • the high rule condition module 318 comprises an algorithm that is stored on a memory and executed by a processor, and a data storage 320 that stores the high rules conditions and pointers.
  • the memory and/or processor may be the same as processor 312 and memory 314 , or may be provided separately.
  • the data storage 320 may instead be part of the data storage 306 .
  • the functionality of the high rule condition module 318 is further explained below.
  • the process of matching the conditions of a high rule to existing rules in the rules repository 306 a , and recording pointers to matched rules, is performed whenever a new high rule is specified. In embodiments, this process is also performed whenever a normal rule in the rules repository 306 a is expired or changed.
  • a rule validation module 318 a may be provided which checks that the matching of the condition part of the high rules to the content of the rules repository 306 a satisfies some criteria. While the rule validation module 318 a is shown here as part of the high rules condition module 318 , the skilled person would understand that this can also be a separate module that communicates with the high rules condition module 318 and optionally the rule management interface 304 . In embodiment, the rule validation module 318 a verifies that the high rule specified satisfies at least the condition that one or more matching rules were identified by the high rules condition module 318 . In embodiments, the rule validation module 318 a checks whether overlapping or contradicting high rules have been created.
  • the rule validation module 318 a may identify whether multiple high rules apply to the same or overlapping conditional statements but at least one of these high rules is a “replace” rule.
  • the rule validation module 318 a may verify that the condition part of the high rule satisfies a specified maximum level of granularity, i.e., that the condition part specifies criteria that contain a specified minimum level or information. This may help to keep the number of matching rules to a level that is considered appropriate.
  • a high rule condition such as “contains open-door-request” may be considered to be at too high level of granularity whereas a condition such as “contains open-door-request.dayX” where dayX is a specified day of the week may be considered to be of sufficiently low granularity.
  • the rule validation module 318 a may send an error or a warning message to the rules management interface 304 directly or via the high rules condition module 318 if one or more of the specified criteria are not satisfied. Instead, or in addition to sending an error message, the rule validation module 318 a may prevent a high rule from being deployed if one or more of the specified criteria are not satisfied.
  • the rule validation module 318 a may produce an error message and/or prevent a high rule from being deployed if its condition part fully overlaps with an existing high rule. In embodiments, the rule validation module 318 a may produce a different output when the condition part of a high rule partially overlaps with one or more existing high rules, depending on the logical construction of the partially overlapping high rules. For example, the rule validation module 318 a may prevent deployment of a high rule that defines multiple conditions combined with a logical “OR” (i.e., defining alternative conditions) if a high rule with a condition matching any of the multiple alternative conditions of the new rule already exists.
  • a logical “OR” i.e., defining alternative conditions
  • the rule validation module 318 a may not prevent deployment of a high rule that defines multiple conditions combined with a logical “AND” (i.e., defining at least two required conditions) provided that no high rule already exists that has the same combination of required conditions. In such cases, the rule validation module 318 a may send a warning/error message to inform the user of the potential conflict.
  • a logical “AND” i.e., defining at least two required conditions
  • FIG. 5 is a flowchart showing a method of executing rules according to an embodiment of the invention.
  • an end user or external application submits a request.
  • requests are not sent directly to the rules engine 302 , but are instead sent 502 to the high rule conditions module 316 (HRCM), optionally via a high rule front end (not shown).
  • HRCM 316 checks 504 whether any high rules can be executed on the request (i.e., whether the data in the request falls under any of the conditions (IF parts) associated with high rules). If there are no high rules applicable to the request, the high rules conditions module sends 506 the request to the rules engine 302 , which processes 508 the request in a conventional way.
  • the high rule conditions module 318 checks 510 whether the high rule is an ‘add’ or a ‘replace’ high rule. If the high rule is an ‘add’ rule, the HRCM sends 512 the request to the rules engine. However, instead of executing all of the rules that apply to the request, the rules engine executes 514 each rule R m that matches the condition to be modified by the high rule (using the pointers recorded by the high rules conditions module 318 at step 410 ), then sends 516 the result to the HRCM, which executes 518 the action part of the high rule.
  • the HRCM When all of the rules that apply to the request have been executed by the rules engine and the high rule action part added, the HRCM outputs 520 the result of the rule execution process. If the high rule is a ‘replace’ rule, the HRCM also sends 512 ′ the request to the rules engine. However, the rules engine then identifies 514 ′ each rule R m that applies (using the pointers recorded by the high rules conditions module 318 at step 410 ), but does not execute it the action part of each of these rules. Instead, after each of these rules it contacts 516 ′ the HRCM where the action part of the high rule is executed 518 ′. When all rules that apply have been identified and the high rules actions executed, the HRCM outputs 520 the result of the rule execution process.
  • the high rules conditions module 318 may define an order in which high rules are executed when step 504 above identifies that multiple high rules apply to the request.
  • the high rules condition module 318 may execute rules that are logically simple before rules that are logically more complex.
  • step 510 may be omitted and the request sent 512 to the rules engine regardless of whether the high rule is an ‘add’ or a ‘replace’ rule.
  • the rules engine may execute 514 each rule R m and send the result to the HRCM.
  • the HRCM can check whether the high rule is an “add” or a “replace” and execute 518 the action part accordingly.
  • FIG. 6 shows an access control system comprising a rule management system according to an embodiment of the invention.
  • An access control system may be installed in a facility with multiple zones and multiple access points.
  • the access control system may comprise one or more locking systems, and each locking system may comprise one or more identification modules. Identification modules may comprise systems using codes, physical keys, identification card, biometrics, human intervention (e.g., intercom), etc., or combinations thereof.
  • a facility 600 with multiple zones 602 - 612 and access points 614 - 628 is equipped with locking systems (not shown) at some or all access points.
  • the access control system comprises an access rule management system, which communicates with the locking systems (where the locking systems are external applications 110 , 310 ).
  • the access rule management system 630 interfaces with the locking systems to execute a decision logic comprising the following rules:
  • a locking system may receive data in the form of an “open door request”, for example following a person at the door pressing an “open” button associated with the locking system, or a sensor detecting the presence of a person at the door.
  • the locking system may then communicate this data to the access rules management system 630 in order to obtain the appropriate action to be performed.
  • the access rule management system 630 evaluates the data against the rules stored in its database, and decides which rule(s) need to be executed.
  • the access rule management system 630 then outputs the result of the rule execution to the locking system (i.e., in this case the locking system is also the output application), and the locking system may perform the appropriate action (e.g., request identification, or request access code).
  • FIG. 7 is a flowchart showing a method of executing rules for an access control system according to an embodiment of the invention.
  • an external application in this case a locking system, sends 700 input data (also referred to as “request”) to the rule management system 630 indicating one or more variables, in this case “open door request, door 616 , facility y, 5 pm”, the data is passed 702 to the high level rule module.
  • the high level rule conditions module of the high level rule module checks 704 whether any high level rule conditions apply to the input data. In this case the high level rule parser would have identified that the conditional statements of rules A, B and C satisfy the required criteria, and there are therefore rules R m whose behaviour should be modified by HR1.
  • the request is communicated 706 to the rules execution engine which executes 708 the normal rules and produces 720 the output to the output application, in this case the locking system.
  • HR1 is identified as applicable to the input data, and any rule R m that is executed should be modified by HR1.
  • the high level rule conditions module checks 710 whether HR1 is tagged as an “add” or a “replace” rule. In this case HR1 is tagged as an “add” high rule. Therefore, the high rules conditions module passes 712 the control (i.e.
  • rule execution engine which identifies a first rule R m 1 (using the pointers recorded by the high rules conditions module 318 at step 410 ) that is applicable and executes 714 it (e.g. in this case rule A is applicable, if the time had been between 8 pm and 8 am then rule B would also have been applicable), then passes 716 the control back to the high rule conditions module.
  • the high rule condition module then executes 718 the action part of HR1, and passes the control back to the rules execution engine to execute the next identified rule R m 2 that applies to the input data.
  • the action part of HR1 is then executed, and this cycle continues until all rules that are applicable (i.e., all rules where the condition part matches the input data) have been executed.
  • the high rule conditions module then sends 720 the output (i.e., the actions) to the output application, i.e., the locking system.
  • the locking system will then be able to implement the desired action, i.e.: request card identification, request biometric measurement (i.e., Rules A and HR1).
  • the high level rule conditions module of the high level rule module will identify 704 that the conditions of HR2 apply to the input data, and that HR2 is a “replace” rule 710 .
  • the high rule conditions module will pass 712 ′ the control (i.e. send the request) to the rule execution engine but upon each rule match 714 ′ (i.e. for each rule i that the rule engine identifies as applicable using the pointers recorded by the high rules conditions module 318 at step 410 ), instead of executing the rule, the rule execution engine will pass 716 ′ the control back to the high rule conditions module which will execute 718 ′ the action part of HR2.
  • the cycle continues until all of the rules with a condition that matches the input data have been executed, following which the high rule conditions module communicates 720 the output (i.e., actions) to the output application.
  • the locking system will then be able to implement the desired action, i.e.: request biometric measurement (i.e., Rule A and HR2).

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Business, Economics & Management (AREA)
  • Physics & Mathematics (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Finance (AREA)
  • Accounting & Taxation (AREA)
  • Strategic Management (AREA)
  • Development Economics (AREA)
  • Databases & Information Systems (AREA)
  • General Business, Economics & Management (AREA)
  • Marketing (AREA)
  • Entrepreneurship & Innovation (AREA)
  • Game Theory and Decision Science (AREA)
  • Economics (AREA)
  • Data Mining & Analysis (AREA)
  • Computational Linguistics (AREA)
  • Software Systems (AREA)
  • Artificial Intelligence (AREA)
  • Automation & Control Theory (AREA)
  • Evolutionary Computation (AREA)
  • Computing Systems (AREA)
  • Mathematical Physics (AREA)
  • Audiology, Speech & Language Pathology (AREA)
  • General Health & Medical Sciences (AREA)
  • Health & Medical Sciences (AREA)
  • Management, Administration, Business Operations System, And Electronic Commerce (AREA)
  • Storage Device Security (AREA)

Abstract

A method of controlling an operational system by a rules management system comprising a processor and a memory, and a computing apparatus comprising a processor and a memory are provided. The processor is programmed to execute rules from a rules repository stored on a memory in response to a request. The computing apparatus further comprises a high rules repository storing one or more high level rules, wherein each high level rule, when executed by the processor, modifies the effect of execution of one or more rules Rm in the rules repository; and a high rules conditions module that when executed by the processor identifies and executes the high level rules that apply to the request.

Description

    CROSS REFERENCE TO RELATED APPLICATIONS
  • This application is a continuation of U.S. patent application Ser. No. 16/156,488 filed Oct. 10, 2018, and claims priority to European Patent Application No. 17197864.6, filed Oct. 23, 2017, all entitled “SYSTEM AND METHOD FOR SPECIFYING RULES FOR OPERATIONAL SYSTEMS”, the entireties of which is incorporated herein by reference.
    • FIELD OF INVENTION
  • The present invention relates to the management and execution of rules for operational systems. In specific aspects, it relates to methods and systems for modifying the outcome of multiple rules.
    • BACKGROUND
  • A rule management system is a platform used to define, deploy, execute, monitor and maintain a variable and complex decision logic used by operational systems. The rule management system allows the logic (also referred to as rules) to be extracted and managed separately from other parts of the operational system, allowing a user of the rule management system to specify new rules without the need to modify each part of the system on which the new rule may have an effect.
  • Rule management systems may be used in a variety of contexts and are particularly advantageous where the requirements of an operational system are subject to a high degree or frequency of change, where the decision used by the system is very complex, for example because it involves a large number of complex and interrelated requirements, or where consistency and traceability of actions or decisions made need to be guaranteed across the operational system.
  • For example, rules and rules management system may be used in an access control system in an office facility, to manage multiple requirements of the system including who can open which door, when is each door/category of door locked, which identification is required before opening a door, etc. Using rules to define, modify and execute such requirements means that a facilities manager can easily define very granular requirements (e.g., where different areas of the facility are occupied by different tenants, have different operational requirements, etc.) as well as concurrently manage general requirements, without having to alter the core applications present e.g., at each door or in each office suite.
  • However, when a user of the rules management system wishes to implement a change that relates to multiple existing rules, there is a significant overhead involved in identifying, modifying and testing each of the relevant existing rules to implement the change.
    • SUMMARY
  • In accordance with a first aspect, the invention provides a method of controlling an operational system by a rules management system comprising a processor programmed to execute rules from a rules repository stored on a memory. The method comprises providing one or more high level rules comprising a condition part and an effect part, wherein each high level rule, when executed, modifies the effect of one or more rules Rm in the rules repository; identifying the rules Rm that match the condition part of the high rule; and receiving a request relating to one or more rules and checking whether the one or more high level rules apply to the request; executing each rule Rm and/or each high level rule that applies to the request.
  • In embodiments, the effect part of the high level rule is qualified as an “add” effect, and the high level rule modifies the effect of one or more rules Rm by combining the effect of the rule with that of the high rule. In some embodiments, executing the rules that apply to the request comprises executing each Rm and each high level rule.
  • In embodiments, the effect part of the high level rule is qualified as a “replace” effect, and a high level rule modifies the effect of one or more rules Rm by replacing the effect of each rule Rm with that of the high rule. In some embodiments, executing the rules that apply to the request comprises executing the high level rule only for each Rm identified.
  • Providing one or more high level rules may comprise a user defining high level rules at a rule management interface. In embodiments, defining high level rules comprises defining whether the action of the high level rule is to replace or be combined with the actions of the rules Rm. In embodiments, defining the high level rules comprises defining one or more criteria to identify the rules Rm to modify.
  • The method may further comprise verifying the one or more high level rules provides do not overlap or conflict with existing high level rules.
  • In embodiments, the method further comprises recording a pointer to each rule Rm that matches the condition part of each high rule, and recording whether the effect part of the high level rule is qualified as an “add” effect or a “replace” effect.
  • In accordance with a second aspect, the invention provides a computing apparatus comprising a processor and a memory, wherein the processor is programmed to execute rules from a rules repository stored on a memory in response to a request. The computing apparatus further comprises a high rules repository storing one or more high level rules, wherein each high level rule, when executed by the processor, modifies the effect of execution of one or more rules Rm in the rules repository; and a high rules conditions module that when executed by the processor identifies and executes the high level rules that apply to the request.
  • In embodiments, the computing apparatus further comprises a rule management interface configured to allow a user to specify new high rules.
  • In embodiments, the computing apparatus comprises a high rules parser that when executed by the processor: separates a high rule into an action part and a condition part; and sends the action part to the high rules repository and the condition part together with a pointer to the action part to the high rules condition module.
  • The computing apparatus may further comprise a sanity check module that when executed by the processor determines whether a new high rule satisfies one or more defined criteria by comparing the new high rule to existing high rules and rules in the rules repository. In embodiments, the sanity check module when executed by the processor prevents deployment of a new high rule that does not satisfy one or more of the defined criteria.
  • Using the invention, it is possible to simply and efficiently modify the effect of multiple rules in an operational system with a minimum overhead in identifying, modifying and testing each of the relevant existing rules to implement the change.
    • BRIEF DESCRIPTION OF DRAWINGS
  • Embodiments of the invention will now be described, by way of example only, with reference to the accompanying drawings, in which:
  • FIG. 1 illustrates schematically a rule management system according to the prior art;
  • FIG. 2 illustrates a method of specifying high level rules according to an embodiment of the invention, as a flow diagram;
  • FIG. 3 illustrates schematically a rule management system according to an embodiment of the invention;
  • FIG. 4 illustrates a method of deploying high level rules according to an embodiment of the invention, as a flow diagram;
  • FIG. 5 is a flowchart showing a method of executing rules according to an embodiment of the invention;
  • FIG. 6 illustrates an exemplary implementation of an embodiment of the invention applied to an access control system; and
  • FIG. 7 is a flowchart showing a method of executing rules for an access control system according to an embodiment of the invention.
    •  DETAILED DESCRIPTION
  • A rule (also referred to as ‘business rule’ because they are frequently used to formalise aspects of the functioning of a business) is a statement that defines or constraints some aspect of the operational system to which it relates. Rules are atomic in the sense that they cannot be broken down or decomposed further into more detailed rules. Rules are expressed in one or more formal rule statements. Formal rule statements are simply expressions of rules in the convention of a particular formal grammar (also referred to as ‘formal expression type’). Formal expression types include structured English, IDEF1X, Oracle's CASE*Method, Object Role Modelling, Ross's notation, etc. Formal rule statements are also referred to herein as ‘rules’ for readability, and the skilled person would be able to interpret the term according to the context. Note, however, that in essence rules are sections of software which, when run on a suitable software platform, such as a rules engine, are responsive to an event or condition, determine a decision, and action or execute an outcome. This will become apparent in the discussion that now follows.
  • For example, a rule for an access control system may specify the requirement that the system does not allow a door to be opened even with appropriate identification on Sundays because security must be contacted before the door can be opened. A structured English example of a formal rule statement corresponding to this rule is:
  •
    IF open-door-request.day = Sunday THEN
    a. Halt ID-authorisation
    b. Call Security
    ENDIF
  • As another example, a rule for an online ordering portal for a food vendor may specify the requirement that the system does not allow a user of the online ordering portal to order food via the portal on Sunday because the shop is closed. A structured English example of a formal rule statement corresponding to this rule is:
  •
    IF order.day = Sunday THEN
    a. Halt order
    b. Display message(“The shop is closed on Sundays”)
    ENDIF
  • There are three main types of rules: structural assertions, action assertions, and derivations. Structural assertions are terms (defined concepts) or statements of fact that express some aspect of the structure of an operational system, including facts assembled from terms. Action assertions are statement of a constraint or condition that limits or controls the actions of an operational system (e.g., IF this THEN do that). Derivations are statements of knowledge derived from other knowledge in the operational system. This disclosure is primarily concerned with rules that are action assertions, i.e., rules as exemplified above, that define what the behaviour of the operational system (or parts thereof) should be in a given context, in response to a given challenge, etc.
  • A user of the rules management system can simply specify rules to represent constraints that should be applied to an operational system, via a rule management system. The rule management system can then deploy the rule dynamically, without needing to take any of the systems that it responds to offline/out of service, because no change to the structure of any of the core applications of the operational system is required. In the example of the food vendor above, the user of the rules management system can simply use the system to set opening hours and behaviours dynamically and define the required behaviour of any external applications (for example the online ordering portal, the security system of the physical shop, the answering machine of the phone line of the shop, etc.) without having to modify the code of the core applications controlling each of these functions.
  • FIG. 1 illustrates schematically a simple rule management system 100. The system comprises a rules engine 102, a rule management interface 104, and a data storage 106. The rule management interface 104 is used by a user of the system 108 to write, modify and manage rules. The rule management interface 104 is a programme that, when executed by a processor on a computing device, allows a user to write, modify and manage rules. The computing device hosting the rule management interface 104 typically comprises in addition to a processor, a memory storing the programme, and an input/output system to allow interaction with the user. As the skilled person would understand, the computing device hosting the rule management interface 104 may be a user computing device or may be provided by a server and accessed by the user 108 via a user computing device. The data storage 106 comprises a rules repository 106 a and optionally one of more additional data stores 106 b. The optional data stores 106 b may be provided outside of the rule management system, or may be omitted entirely. The optional data stores 106 b may comprise databases that store information regarding requests that have been submitted, rules that have been executed, results that have been obtained, information that may be used to interpret a request, etc. The rules engine 102 executes requests from an end user 108 or an external application 110, using data from the data storage 106, and returns the result of execution of rules to one or more external applications 110 and/or end users 108 (for example, when external application 110 comprises a user interface). The end user 108 may be the same person as the user of the system (as illustrated on FIG. 1), or may be a different person, submitting requests to the rule management system that has been previously set up by the user of the rule management system. As the person skilled in the art would understand, requests may be submitted by a (physical) user and/or may be generated by other applications, devices, etc., that communicate with the rule management system in order to obtain a decision, for example on which action should be performed in a given situation. In particular, the rules engine 102 comprises a processor 112 and a memory 114, storing algorithms that, when run by the processor, allow the rules engine 102 to identify the rules stored in the rules repository 106 a that are applicable to a request, define an order in which the rules should be executed, and execute the rules. In embodiments, the rule management interface may be executed by the same processor 112 and may optionally be stored on the same memory 114 as the rules engine 102.
  • According to the invention, there is provided a new type of rules, referred to herein as ‘high level rules’ or ‘high rules’ (HR), and an associated language and architecture. High rules allow a user to change the output of multiple rules at a global level, without having to modify, deploy and test each rule that may be impacted by the change. This results in a significant time saving, and reduces the number of operations needed to implement a change, thereby reducing the potential for errors.
  • FIG. 2 is a flowchart illustrating a method of specifying high level rules according to an embodiment of the invention. At step 200 a user of the rules management system can specify one or more criteria that indicate which rules should have a different output following the change. In embodiments, the user may specify criteria that indirectly indicate which rules should have a different output following the change, for example by specifying one or more criteria on the content of a request, wherein requests satisfying the criteria may satisfy the condition statement of multiple rules. For example, a user may be able to specify the criteria that the request mentions an open door request. This may correspond to indicating a series of rules where the condition statement contains “IF open-door-request”. In embodiments, a user of the rules management system may want to modify the output of rules where the condition matches or contains a given element. The user then specifies 202 which command(s) (action(s)) should be executed when rules that satisfy the one or more criteria are executed. The user may then specify 204 whether the command should replace the existing action part of the rules concerned, or be executed in addition, i.e., whether the high rule is a “replace” or an “add” rule. In embodiments, the system may have a default option for this setting (e.g., “replace” or “add”) and the user may omit step 204. At step 206 the rule is then deployed in the rule management system (see below). Therefore, the high level rule can be considered to comprise a ‘condition’ part which serves to identify or ‘match’ which lower level rules will be affected by the execution of the high level rule, and an ‘effect’ or ‘action’ part which defines the change in the rule action that the high level rule is to carry out.
  • In the example above, a user of the rule management system for an access control system may want to change the behaviour of the access control system on Saturdays, to specify that security should also be called on Saturday. The user will therefore specify at step 200 that rules including “day=Saturday” in the condition part should be modified, at step 202 that the action to include is “Call Security”, and at step 204 that this action is to be executed in addition to what is normally done on Saturday. The user may instead or in addition want to change the “Call Security” behaviour, regardless of the day and which condition triggered this action, because they no longer have security and instead have installed a keypad with a code on each door. The user can therefore specify at step 200 that rules including “Call Security” in the action part should be modified, at step 202 that the action to include is “Request access-code”, and at step 204 that the action is to replace “Call Security”.
  • The deployment and execution phases in a rule management system including high rules will now be explained in more detail. FIG. 3 illustrates schematically a rule management system 300 according to an embodiment of the invention. The system described is a convenient embodiment implementing the high rules of the invention with a low level of modification required from a conventional rules management system. However, the skilled person would understand that different implementations are possible, and in particular that functions indicated as performed by some entities may in fact be performed by other entities, such as existing entities of a rules management system.
  • The system comprises a rules engine 302, a rule management interface 304, and a data storage 306. As is the case in the embodiment of FIG. 1, the rule management interface 304 is an algorithm executed by a processor and that enables a user 308 of the rules management system to write, modify, and manage rules. However, the rule management interface 304 comprises a rules module 304 a and a high rules module 304 b, allowing the user to write, modify and manage rules and high rules, respectively. The rules engine 302 is similar to the rules engine 102 above and performs a similar function. In particular, the rules engine also comprises a processor 312 and a memory 314, storing algorithms that, when run by the processor, allow the rules engine to identify the rules that are applicable to a request, define an order in which the rules should be executed, and execute the rules. The processor 312 and memory 314 may also execute and store the rule management interface 204 algorithm, or these may be functions may be provided by a separate processor and/or memory of a server or user computing device. The data storage 306 comprises a rules repository 306 a, a high rules repository 306 c and optionally one of more additional data stores 306 b. The rules repository 306 a and optional data stores 306 b are similar in structure and function to those above.
  • The system additionally comprises a high rules parser 316. The high rule parser 316 is an algorithm stored on a memory and executed by a processor. The memory and/or processor may be the same as processor 312 and memory 314, or may be provided separately. In the deployment phase illustrated in the flowchart of FIG. 4 (i.e. after a user of the rules management system has specified one or more new high rules, for example as explained in relation to FIG. 2, using the high rule module 304 b of the rule management interface 304), the high rules parser 316 receives 400 a high rule from the rule management interface 304 and separates 402 it into its condition and its action part. The high rules parser 316 sends 404 the action part to be stored in the data storage 306, in particular in the high rules repository 306 c. As the skilled person would understand, the rules and high rules repository need not be separate storages and may instead be a single data repository. In these embodiments, the action part of high rules may be stored in a similar way as normal rules but without requiring a condition part. The high rules parser 316 then sends 406 the condition part to the high rules condition module 318, which queries 408 the rules repository 306 a to identify the rules in the rules repository 306 a that match the criteria specified by the user for the high rule (see step 200 above). The high rules conditions module 318 then records 410 a pointer to each of the matching rules together with the condition part of the high rule. The high rules conditions module 318 records a pointer to the corresponding action part in the high rules repository 306 b, and the information as to whether the high rule is an “add” or a “replace” rule, received from the high rules parser 316 at step 406. The high rule condition module 318 comprises an algorithm that is stored on a memory and executed by a processor, and a data storage 320 that stores the high rules conditions and pointers. The memory and/or processor may be the same as processor 312 and memory 314, or may be provided separately. The data storage 320 may instead be part of the data storage 306. The functionality of the high rule condition module 318 is further explained below.
  • The process of matching the conditions of a high rule to existing rules in the rules repository 306 a, and recording pointers to matched rules, is performed whenever a new high rule is specified. In embodiments, this process is also performed whenever a normal rule in the rules repository 306 a is expired or changed.
  • In embodiments, a rule validation module 318 a may be provided which checks that the matching of the condition part of the high rules to the content of the rules repository 306 a satisfies some criteria. While the rule validation module 318 a is shown here as part of the high rules condition module 318, the skilled person would understand that this can also be a separate module that communicates with the high rules condition module 318 and optionally the rule management interface 304. In embodiment, the rule validation module 318 a verifies that the high rule specified satisfies at least the condition that one or more matching rules were identified by the high rules condition module 318. In embodiments, the rule validation module 318 a checks whether overlapping or contradicting high rules have been created. For example, the rule validation module 318 a may identify whether multiple high rules apply to the same or overlapping conditional statements but at least one of these high rules is a “replace” rule. In embodiments, the rule validation module 318 a may verify that the condition part of the high rule satisfies a specified maximum level of granularity, i.e., that the condition part specifies criteria that contain a specified minimum level or information. This may help to keep the number of matching rules to a level that is considered appropriate. For example, a high rule condition such as “contains open-door-request” may be considered to be at too high level of granularity whereas a condition such as “contains open-door-request.dayX” where dayX is a specified day of the week may be considered to be of sufficiently low granularity. The rule validation module 318 a may send an error or a warning message to the rules management interface 304 directly or via the high rules condition module 318 if one or more of the specified criteria are not satisfied. Instead, or in addition to sending an error message, the rule validation module 318 a may prevent a high rule from being deployed if one or more of the specified criteria are not satisfied. In embodiments, the rule validation module 318 a may produce an error message and/or prevent a high rule from being deployed if its condition part fully overlaps with an existing high rule. In embodiments, the rule validation module 318 a may produce a different output when the condition part of a high rule partially overlaps with one or more existing high rules, depending on the logical construction of the partially overlapping high rules. For example, the rule validation module 318 a may prevent deployment of a high rule that defines multiple conditions combined with a logical “OR” (i.e., defining alternative conditions) if a high rule with a condition matching any of the multiple alternative conditions of the new rule already exists. However, the rule validation module 318 a may not prevent deployment of a high rule that defines multiple conditions combined with a logical “AND” (i.e., defining at least two required conditions) provided that no high rule already exists that has the same combination of required conditions. In such cases, the rule validation module 318 a may send a warning/error message to inform the user of the potential conflict.
  • FIG. 5 is a flowchart showing a method of executing rules according to an embodiment of the invention. At step 500 an end user or external application submits a request. In this case, requests are not sent directly to the rules engine 302, but are instead sent 502 to the high rule conditions module 316 (HRCM), optionally via a high rule front end (not shown). The HRCM 316 then checks 504 whether any high rules can be executed on the request (i.e., whether the data in the request falls under any of the conditions (IF parts) associated with high rules). If there are no high rules applicable to the request, the high rules conditions module sends 506 the request to the rules engine 302, which processes 508 the request in a conventional way.
  • However, if there is a high rule that can act on the request, the high rule conditions module 318 checks 510 whether the high rule is an ‘add’ or a ‘replace’ high rule. If the high rule is an ‘add’ rule, the HRCM sends 512 the request to the rules engine. However, instead of executing all of the rules that apply to the request, the rules engine executes 514 each rule Rm that matches the condition to be modified by the high rule (using the pointers recorded by the high rules conditions module 318 at step 410), then sends 516 the result to the HRCM, which executes 518 the action part of the high rule. When all of the rules that apply to the request have been executed by the rules engine and the high rule action part added, the HRCM outputs 520 the result of the rule execution process. If the high rule is a ‘replace’ rule, the HRCM also sends 512′ the request to the rules engine. However, the rules engine then identifies 514′ each rule Rm that applies (using the pointers recorded by the high rules conditions module 318 at step 410), but does not execute it the action part of each of these rules. Instead, after each of these rules it contacts 516′ the HRCM where the action part of the high rule is executed 518′. When all rules that apply have been identified and the high rules actions executed, the HRCM outputs 520 the result of the rule execution process.
  • In embodiments, the high rules conditions module 318 may define an order in which high rules are executed when step 504 above identifies that multiple high rules apply to the request. For example, the high rules condition module 318 may execute rules that are logically simple before rules that are logically more complex. In this context, a rule may be considered to be logically simpler (i.e., less complex) when it comprises fewer elements in the conditional statement. For example, a rule such as “contains open-door-request” is logically simpler than a rule such as “contains open-door-request AND contains location=safe”.
  • In embodiments (not shown), step 510 may be omitted and the request sent 512 to the rules engine regardless of whether the high rule is an ‘add’ or a ‘replace’ rule. In such embodiments, the rules engine may execute 514 each rule Rm and send the result to the HRCM. At this stage, the HRCM can check whether the high rule is an “add” or a “replace” and execute 518 the action part accordingly.
  • The present invention will now be illustrated by reference to an access control system, for example a system to control physical access of authorised personnel to a facility. However, the person skilled in the art would understand that the teaching of the invention is applicable to a variety of industries, including, amongst others:
  • health care and life sciences: clinical decision support, drug interaction assessment, clinical trials data validation, etc.;
  • banking: fraud prevention, credit risk decisions, payment fee calculations, cross-sell offer management, etc.;
  • insurance: policy underwriting claims processing, risk rating, commission calculations, etc.;
  • manufacturing: order configuration validation, order prioritisation, etc.;
  • public sector: services entitlement and benefits calculations, tax fraud assessment, border control and security screening, etc.;
  • retail: online recommendations, pricing and tax calculations, loyalty program offer management, etc.
  • FIG. 6 shows an access control system comprising a rule management system according to an embodiment of the invention. An access control system may be installed in a facility with multiple zones and multiple access points. The access control system may comprise one or more locking systems, and each locking system may comprise one or more identification modules. Identification modules may comprise systems using codes, physical keys, identification card, biometrics, human intervention (e.g., intercom), etc., or combinations thereof. In the example on FIG. 6, a facility 600 with multiple zones 602-612 and access points 614-628, is equipped with locking systems (not shown) at some or all access points. The access control system comprises an access rule management system, which communicates with the locking systems (where the locking systems are external applications 110, 310). The access rule management system 630 interfaces with the locking systems to execute a decision logic comprising the following rules:
    • Rule A:
  • If open door request and door is internal
    then
    request card identification
    • Rule B:
  • If open door request and time is between 8 pm and 8 am
    then
    request card identification
    • Rule C:
  • If open door request and door is external
    then
    request access code
    • Rule D:
  • If all identification verified
    then
    open door
  • In particular, a locking system (i.e., external application) may receive data in the form of an “open door request”, for example following a person at the door pressing an “open” button associated with the locking system, or a sensor detecting the presence of a person at the door. The locking system may then communicate this data to the access rules management system 630 in order to obtain the appropriate action to be performed. The access rule management system 630 evaluates the data against the rules stored in its database, and decides which rule(s) need to be executed. The access rule management system 630 then outputs the result of the rule execution to the locking system (i.e., in this case the locking system is also the output application), and the locking system may perform the appropriate action (e.g., request identification, or request access code).
  • Suppose a user of the rules management system associated with the access control system needs to implement a new requirement of the access control system, for example that a biometric measurement must be taken before opening any door. Then using the system of the invention, instead of separately changing each of rules A, B and C, the user will be able to write a single rule:
    • HR1:
  • In facility y
    where mentioned “If open door request”
    add
    request biometric measurement
  • FIG. 7 is a flowchart showing a method of executing rules for an access control system according to an embodiment of the invention. Whenever an external application, in this case a locking system, sends 700 input data (also referred to as “request”) to the rule management system 630 indicating one or more variables, in this case “open door request, door 616, facility y, 5 pm”, the data is passed 702 to the high level rule module. The high level rule conditions module of the high level rule module checks 704 whether any high level rule conditions apply to the input data. In this case the high level rule parser would have identified that the conditional statements of rules A, B and C satisfy the required criteria, and there are therefore rules Rm whose behaviour should be modified by HR1. If none of the high level rule conditions apply to the input data, the request is communicated 706 to the rules execution engine which executes 708 the normal rules and produces 720 the output to the output application, in this case the locking system. In this case, HR1 is identified as applicable to the input data, and any rule Rm that is executed should be modified by HR1. The high level rule conditions module checks 710 whether HR1 is tagged as an “add” or a “replace” rule. In this case HR1 is tagged as an “add” high rule. Therefore, the high rules conditions module passes 712 the control (i.e. send the request) to the rule execution engine which identifies a first rule Rm 1 (using the pointers recorded by the high rules conditions module 318 at step 410) that is applicable and executes 714 it (e.g. in this case rule A is applicable, if the time had been between 8 pm and 8 am then rule B would also have been applicable), then passes 716 the control back to the high rule conditions module. The high rule condition module then executes 718 the action part of HR1, and passes the control back to the rules execution engine to execute the next identified rule Rm 2 that applies to the input data. The action part of HR1 is then executed, and this cycle continues until all rules that are applicable (i.e., all rules where the condition part matches the input data) have been executed. The high rule conditions module then sends 720 the output (i.e., the actions) to the output application, i.e., the locking system. The locking system will then be able to implement the desired action, i.e.: request card identification, request biometric measurement (i.e., Rules A and HR1).
  • Suppose now that the user of the rules management system associated with the access control system needs to implement a new requirement of the access control system, for example that the biometric measurement be taken before opening any door, and that the biometric measurement is sufficient identification. Then using the system of the invention, instead of separately changing each of rules A, B and C, the user will be able to write a single rule:
    • HR2:
  • In facility y
    where mentioned “If open door request”
    replace
    request biometric measurement
  • In this case, the high level rule conditions module of the high level rule module will identify 704 that the conditions of HR2 apply to the input data, and that HR2 is a “replace” rule 710. In this case, the high rule conditions module will pass 712′ the control (i.e. send the request) to the rule execution engine but upon each rule match 714′ (i.e. for each rule i that the rule engine identifies as applicable using the pointers recorded by the high rules conditions module 318 at step 410), instead of executing the rule, the rule execution engine will pass 716′ the control back to the high rule conditions module which will execute 718′ the action part of HR2. The cycle continues until all of the rules with a condition that matches the input data have been executed, following which the high rule conditions module communicates 720 the output (i.e., actions) to the output application. The locking system will then be able to implement the desired action, i.e.: request biometric measurement (i.e., Rule A and HR2).
  • Although the invention has been described with reference to a number of specific embodiments, the skilled person will appreciate that the invention may be embodied in many other forms.

Claims (20)

What is claimed is:
1. A method of controlling a fraud prevention system by a rules management system comprising a memory storing instructions executed by a processor, the method comprising:
providing, by the processor, one or more high level rules comprising a condition part and an effect part, wherein each of the high level rules, when executed, modifies the effect part of one or more rules in a rules repository stored in the memory;
validating, by a rule validation module implemented on the processor, that the one or more rules match the condition part of the one or more high level rules;
receiving, by a high rule conditions module implemented on the processor, a request to execute the one or more rules;
determining, by the high rule conditions module, the one or more high level rules apply to the request;
in response to determining the one or more high level rules apply to the request, identifying, by the rule validation module, one or more criteria indicating the one or more high level rules are not satisfied; and
in response to identifying the one or more criteria are not satisfied, preventing fraud at least by preventing the one or more high level rules from being deployed.
2. The method of claim 1, further comprising:
transmitting, by the rule validation module, a warning message to a rules management interface.
3. The method of claim 2, wherein the preventing the one or more high level rules from being deployed and the transmitting the warning message collectively comprise a fraud prevention operation.
4. The method of claim 1, wherein:
the identified one or more criteria indicate the condition part, to be satisfied, of the one or more high level rules, and
identifying the one or more criteria are not satisfied comprises determining the condition part of the one or more high level rules is not satisfied.
5. The method of claim 1, wherein preventing the one or more high level rules from being deployed comprises declining to execute the effect part of the one or more high level rules.
6. The method of claim 1, further comprising verifying the provided one or more high level rules do not overlap or conflict with existing high level rules based on one high level rule of the one or more high level rules defining at least two required conditions,
wherein no other high level rule of the one or more high level rules includes the defined at least two required conditions.
7. The method of claim 1, further comprising:
separating, by a rules parser, a high level rule of the one or more high level rules into the condition part and the effect part, and
sending, by the rules parser, the effect part to the rules repository and the condition part to the high rules condition module.
8. A computing apparatus for controlling a fraud prevention system by a rules management system, the computing apparatus comprising:
a processor;
a memory storing a rules repository, wherein the rules repository stores one or more high level rules comprising a condition part and an effect part, wherein each high level rule, when executed, modifies the effect part of one or more rules in the rules repository;
a rule validation module, implemented on the processor, configured to validate the one or more rules match the condition part of the one or more high level rules; and
a high rule conditions module, implemented on the processor, configured to:
receive a request to execute the one or more rules, and
determine the one or more high level rules apply to the request,
wherein the rule validation module is further configured to:
in response to the determination the one or more high level rules apply to the request, identify one or more criteria indicating the one or more high level rules are not satisfied; and
in response to the identification the one or more criteria are not satisfied, prevent fraud at least by preventing the one or more high level rules from being deployed.
9. The computing apparatus of claim 8, wherein the rule validation module is further configured to:
transmit a warning message to a rules management interface.
10. The computing apparatus of claim 9, wherein the preventing the one or more high level rules from being deployed and the transmitting the warning message collectively comprise a fraud prevention operation.
11. The computing apparatus of claim 8, wherein:
the identified one or more criteria indicate the condition part, to be satisfied, of the one or more high level rules, and
to identify the one or more criteria are not satisfied, the rule validation module is further configured to determine the condition part of the one or more high level rules are not satisfied.
12. The computing apparatus of claim 8, wherein, to prevent the one or more high level rules from being deployed, the rule validation module is further configured to decline to execute the effect part of the one or more high level rules.
13. The computing apparatus of claim 8, wherein:
the rule validation module is further configured to verify the provided one or more high level rules do not overlap or conflict with existing high level rules based on one high level rule of the one or more high level rules defining at least two required conditions, and
no other high level rule of the one or more high level rules includes the defined at least two required conditions.
14. The computing apparatus of claim 8, further comprising a rules parser configured to:
separate a high level rule of the one or more high level rules into the condition part and the effect part, and
send the effect part to the rules repository and the condition part to the high rules condition module.
15. A rules management system for controlling a fraud prevention system by a rules management system, the system comprising:
a processor; and
a memory comprising a rules repository, wherein the rules repository stores one or more high level rules comprising a condition part and an effect part, wherein each high level rule, when executed, modifies the effect part of one or more rules in the rules repository,
wherein the memory further comprises instructions that, when executed by the processor, cause the processor to:
validate the one or more rules match the condition part of the one or more high level rules,
receive a request to execute the one or more rules,
determine the one or more high level rules apply to the request,
in response to the determination the one or more high level rules apply to the request, identify one or more criteria indicating the one or more high level rules are not satisfied, and
in response to the identification the one or more criteria are not satisfied, prevent fraud at least by preventing the one or more high level rules from being deployed.
16. The rules management system of claim 15, wherein the processor is further configured to:
transmit a warning message to a rules management interface,
wherein the preventing the one or more high level rules from being deployed and the transmitting the warning message collectively comprise a fraud prevention operation.
17. The rules management system of claim 15, wherein:
the identified one or more criteria indicate the condition part, to be satisfied, of the one or more high level rules, and
to identify the one or more criteria are not satisfied, the processor is further configured to determine the condition part of the one or more high level rules is not satisfied.
18. The rules management system of claim 15, wherein, to prevent the one or more high level rules from being deployed, the processor is further configured to decline to execute the effect part of the one or more high level rules.
19. The rules management system of claim 15, wherein:
the processor is further configured to verify the provided one or more high level rules do not overlap or conflict with existing high level rules based on one high level rule of the one or more high level rules defining at least two required conditions, and
no other high level rule of the one or more high level rules includes the defined at least two required conditions.
20. The rules management system of claim 15, wherein the processor is further configured to:
separate a high level rule of the one or more high level rules into the condition part and the effect part.
US17/456,804 2017-10-23 2021-11-29 System and method for specifying rules for operational systems Abandoned US20220083875A1 (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
US17/456,804 US20220083875A1 (en) 2017-10-23 2021-11-29 System and method for specifying rules for operational systems

Applications Claiming Priority (4)

Application Number Priority Date Filing Date Title
EP17197864.6A EP3474095A1 (en) 2017-10-23 2017-10-23 System and method for specifying rules for operational systems
EP17197864.6 2017-10-23
US16/156,488 US11651241B2 (en) 2017-10-23 2018-10-10 System and method for specifying rules for operational systems
US17/456,804 US20220083875A1 (en) 2017-10-23 2021-11-29 System and method for specifying rules for operational systems

Related Parent Applications (1)

Application Number Title Priority Date Filing Date
US16/156,488 Continuation US11651241B2 (en) 2017-10-23 2018-10-10 System and method for specifying rules for operational systems

Publications (1)

Publication Number Publication Date
US20220083875A1 true US20220083875A1 (en) 2022-03-17

Family

ID=60190593

Family Applications (2)

Application Number Title Priority Date Filing Date
US16/156,488 Active 2041-03-24 US11651241B2 (en) 2017-10-23 2018-10-10 System and method for specifying rules for operational systems
US17/456,804 Abandoned US20220083875A1 (en) 2017-10-23 2021-11-29 System and method for specifying rules for operational systems

Family Applications Before (1)

Application Number Title Priority Date Filing Date
US16/156,488 Active 2041-03-24 US11651241B2 (en) 2017-10-23 2018-10-10 System and method for specifying rules for operational systems

Country Status (3)

Country Link
US (2) US11651241B2 (en)
EP (1) EP3474095A1 (en)
WO (1) WO2019083680A1 (en)

Families Citing this family (2)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN111767462B (en) * 2020-06-29 2024-04-19 北京百度网讯科技有限公司 Method, device, equipment and storage medium for customizing personalized rules for individual
US20240126541A1 (en) * 2022-10-12 2024-04-18 Sap Se Inversion process for rules framework

Citations (63)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6427146B1 (en) * 2000-03-31 2002-07-30 Wesley W. Chu Database event detection and notification system using type abstraction hierarchy (TAH)
US20020149467A1 (en) * 2000-12-28 2002-10-17 Calvesio Raymond V. High security identification system for entry to multiple zones
US6606616B1 (en) * 1998-12-01 2003-08-12 Lucent Technologies Inc. Modified action rules
US20040117765A1 (en) * 2002-12-16 2004-06-17 Ming Chan System and method for evaluating and executing hierarchies of rules
US20060089923A1 (en) * 2003-12-31 2006-04-27 Jean-Marc Kerisit Editing process for an explanatory model
US20060282878A1 (en) * 2005-06-14 2006-12-14 Stanley James C Expression of packet processing policies using file processing rules
US20070100859A1 (en) * 2005-11-03 2007-05-03 International Business Machines Corporation System and method for managing changes to business rules
US20070174223A1 (en) * 2006-01-26 2007-07-26 International Business Machines Corporation Method, system and program product for automated testing of changes to externalized rules
US20080021732A1 (en) * 2006-07-20 2008-01-24 Athenahealth, Inc. Automated Configuration of Medical Practice Management Systems
US20080147584A1 (en) * 2006-12-13 2008-06-19 Novell, Inc. Rule Location, Ordering, and Combining in a Polyhierarchical Environment
US20080228688A1 (en) * 2007-03-16 2008-09-18 Tao Liu Production rule system and method
US20080250411A1 (en) * 2001-06-26 2008-10-09 Lucio Agostini Rule based engine for validating financial transactions
US20090080708A1 (en) * 2007-09-24 2009-03-26 Accenture Smart identity system
US20090144219A1 (en) * 2007-11-30 2009-06-04 The Boeing Company Rules collector system and method
US20090144217A1 (en) * 2007-11-30 2009-06-04 Stratus Technologies Bermuda Ltd. System and methods for managing rules
US20090228421A1 (en) * 2006-12-07 2009-09-10 Hugues Citeau Method and system for sequential compilation and execution of rules
US20100042572A1 (en) * 2008-08-12 2010-02-18 Haitham Mahmoud Al-Beik Method for Dynamically Determining a Predetermined Previous Condition of a Rule-based System
US20100100468A1 (en) * 2008-10-20 2010-04-22 Spector Omri System and method for multi layer rule processing background
US20100241604A1 (en) * 2009-03-23 2010-09-23 Microsoft Corporation Notification-based forward chaining
US7925605B1 (en) * 2007-09-13 2011-04-12 The United States Of America As Represented By The Secretary Of The Navy Evolutionary expert systems and methods using meta-rules matching
US20110153538A1 (en) * 2009-12-21 2011-06-23 Sap Ag Rule-based Processing in Different Layers
US20110270752A1 (en) * 2010-05-03 2011-11-03 Neto Joao Eduardo Ferreira Fraud and events integrated management method and system
US8200603B1 (en) * 2006-12-22 2012-06-12 Curen Software Enterprises, L.L.C. Construction of an agent that utilizes as-needed canonical rules
US20130006848A1 (en) * 2010-11-12 2013-01-03 Kuttuva Avinash Method of virtual transaction using mobile electronic devices or fixed electronic devices or a combination of both, for global commercial or noncommercial purposes
US20130073511A1 (en) * 2011-09-19 2013-03-21 International Business Machines Corporation Contextual feedback of rules proximity based upon co-occurence history in a collaborative rule editing system
US20140002236A1 (en) * 2010-12-02 2014-01-02 Viscount Security Systems Inc. Door Lock, System and Method for Remotely Controlled Access
US20140067747A1 (en) * 2012-09-04 2014-03-06 International Business Machines Corporation Object based method to evaluate rules
US20140082501A1 (en) * 2012-09-20 2014-03-20 Samsung Electronics Co. Ltd. Context aware service provision method and apparatus of user device
US20140162598A1 (en) * 2010-11-17 2014-06-12 Antony-Euclid C. Villa-Real Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true- personal identity verification), method and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without NFC component and system, with cellular/satellite phone/internet/multi-media functions
US20150046181A1 (en) * 2014-02-14 2015-02-12 Brighterion, Inc. Healthcare fraud protection and management
US8965827B2 (en) * 2011-03-30 2015-02-24 Computer Sciences Corporation Rules execution platform system and method
US20150106265A1 (en) * 2013-10-11 2015-04-16 Telesign Corporation System and methods for processing a communication number for fraud prevention
US20150120472A1 (en) * 2013-10-29 2015-04-30 Christian Aabye Digital wallet system and method
US20150199679A1 (en) * 2014-01-13 2015-07-16 Karthikeyan Palanisamy Multiple token provisioning
US20150355609A1 (en) * 2014-06-06 2015-12-10 Vivint, Inc. Crowdsourcing automation rules
US20160006768A1 (en) * 2013-03-15 2016-01-07 Airwatch Llc Controlling Physical Access to Secure Areas Via Client Devices in a Network Environment
US20160055695A1 (en) * 2014-08-20 2016-02-25 Gate Labs Inc. Access management and resource sharing platform based on biometric identity
US20160092872A1 (en) * 2014-09-29 2016-03-31 Gyan Prakash Transaction Risk Based Token
US9420002B1 (en) * 2013-03-14 2016-08-16 Mark McGovern Authorization server access system
US20160308859A1 (en) * 2015-04-14 2016-10-20 Blub0X Technology Holdings, Inc. Multi-factor and multi-mode biometric physical access control device
US9514584B1 (en) * 2010-10-28 2016-12-06 Alarm.Com Incorporated Access management and reporting technology
US20170083837A1 (en) * 2015-09-17 2017-03-23 International Business Machines Corporation Hierarchical business rule model
US20170116613A1 (en) * 2013-01-17 2017-04-27 International Business Machines Corporation Fraud detection employing personalized fraud detection rules
US20170279795A1 (en) * 2016-03-25 2017-09-28 Fortinet, Inc. Secure, automatic second factor user authentication using push services
US9813285B1 (en) * 2013-03-14 2017-11-07 Ca, Inc. Enterprise server access system
US9824316B2 (en) * 2013-12-18 2017-11-21 International Business Machines Corporation Transforming rules into generalized rules in a rule management system
US20170374074A1 (en) * 2016-06-23 2017-12-28 Airwatch Llc Continuous sensitive content authentication
US20180041518A1 (en) * 2016-08-02 2018-02-08 Capital One Services, Llc Systems and methods for proximity identity verification
US20180089916A1 (en) * 2015-06-05 2018-03-29 Dean Drako Analytic Identity Measures for Physical Access Control Methods
US9990598B2 (en) * 2013-02-15 2018-06-05 Allscripts Software, Llc Apparatuses, systems, and methods for providing a rules engine system
US9996684B2 (en) * 2013-05-13 2018-06-12 Veridium Ip Limited System and method for authorizing access to access-controlled environments
US20180285745A1 (en) * 2017-04-03 2018-10-04 DataVisor Inc. Automated rule recommendation engine
US10126725B2 (en) * 2016-03-08 2018-11-13 Samsung Electronics Co., Ltd. Elastic rule engine for a smart home
US20190130081A1 (en) * 2011-04-11 2019-05-02 NSS Lab Works LLC Methods and systems for generating history data of system use and replay mode for identifying security events showing data and user bindings
US10318975B2 (en) * 2015-11-11 2019-06-11 International Business Machines Corporation Identifying a case with a missing decision from a set of decision rules in violation of a decision requirement
US20190220583A1 (en) * 2016-10-03 2019-07-18 Bioconnect Inc. Biometric identification platform
US20200051349A1 (en) * 2017-03-30 2020-02-13 Assa Abloy Ab Physical zone pace authentication
US20200082413A1 (en) * 2018-09-11 2020-03-12 Mastercard Technologies Canada ULC Optimized execution of fraud detection rules
US20200349786A1 (en) * 2017-09-28 2020-11-05 Gate Labs Inc. Access management system
US20210044583A1 (en) * 2018-05-03 2021-02-11 SoftWarfare, LLC Biometric cybersecurity and workflow management
US20210044976A1 (en) * 2018-08-21 2021-02-11 HYPR Corp. Secure mobile initiated authentications to web-services
US11418348B1 (en) * 2017-06-05 2022-08-16 United Services Automobile Association (Usaa) Distributed ledger system for identity data storage and access control
US20220368705A1 (en) * 2017-12-29 2022-11-17 Block, Inc. Logical Validation of Devices Against Fraud and Tampering

Family Cites Families (26)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US7249177B1 (en) * 2002-11-27 2007-07-24 Sprint Communications Company L.P. Biometric authentication of a client network connection
US20040193399A1 (en) * 2003-03-31 2004-09-30 Microsoft Corporation System and method for word analysis
US7797261B2 (en) * 2005-04-13 2010-09-14 Yang George L Consultative system
US8141075B1 (en) * 2006-05-08 2012-03-20 Vmware, Inc. Rule engine for virtualized desktop allocation system
US8607300B2 (en) * 2006-07-18 2013-12-10 Genband Us Llc Network security policy mediation
US8001607B2 (en) * 2006-09-27 2011-08-16 Direct Computer Resources, Inc. System and method for obfuscation of data across an enterprise
US7953670B2 (en) * 2006-12-27 2011-05-31 Colella Brian A Biometrically secured identification authentication and card reader device
US20110163843A1 (en) * 2007-02-28 2011-07-07 Anthony Vallone Medication chamber lock for medication reminder device
US8056119B2 (en) * 2008-04-25 2011-11-08 Oracle America, Inc. Method and system for controlling inter-zone communication
US20100030604A1 (en) * 2008-08-01 2010-02-04 Cummins Fred A Executing Business Rules in a Business Process
US20120102543A1 (en) * 2010-10-26 2012-04-26 360 GRC, Inc. Audit Management System
US9135319B2 (en) * 2010-12-28 2015-09-15 Sap Se System and method for executing transformation rules
US20120239680A1 (en) * 2011-03-18 2012-09-20 Rahul Gudla Generating database scripts for executing business rules related to enterprise software in a database runtime environment
US8666919B2 (en) * 2011-07-29 2014-03-04 Accenture Global Services Limited Data quality management for profiling, linking, cleansing and migrating data
US9721259B2 (en) * 2012-10-08 2017-08-01 Accenture Global Services Limited Rules-based selection of counterfeit detection techniques
US9582948B2 (en) * 2012-11-16 2017-02-28 Koninklijke Philips N.V. Biometric system with body coupled communication interface
US20140143782A1 (en) * 2012-11-19 2014-05-22 Syntel, Inc. Computerized infrastructure management system and method
WO2014092754A1 (en) * 2012-12-12 2014-06-19 Life Technologies Corporation Self -locking door and product dispensing enclosure having a self -locking door
WO2015039117A1 (en) * 2013-09-16 2015-03-19 Sonavation, Inc. System for verifying an identity of a card holder
US9432375B2 (en) * 2013-10-10 2016-08-30 International Business Machines Corporation Trust/value/risk-based access control policy
US20160300050A1 (en) * 2014-05-28 2016-10-13 GM Global Technology Operations LLC Verifying a user with biometric data
US20160283703A1 (en) * 2015-03-27 2016-09-29 Mark Allyn Technologies for verifying biometrics during fingerprint authentication
KR20170008601A (en) * 2015-07-14 2017-01-24 삼성전자주식회사 Application Operating Method and electronic device using the same
US20170069003A1 (en) * 2015-09-08 2017-03-09 Mastercard International Incorporated Systems and Methods for Permitting Merchants to Manage Fraud Prevention Rules
US10062233B1 (en) * 2016-07-20 2018-08-28 Alarm.Com Incorporated Automatic emergency door unlock system
US10902328B2 (en) * 2017-01-10 2021-01-26 Sap Se Provision of rules-based system as cloud service

Patent Citations (66)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US6606616B1 (en) * 1998-12-01 2003-08-12 Lucent Technologies Inc. Modified action rules
US6427146B1 (en) * 2000-03-31 2002-07-30 Wesley W. Chu Database event detection and notification system using type abstraction hierarchy (TAH)
US20020149467A1 (en) * 2000-12-28 2002-10-17 Calvesio Raymond V. High security identification system for entry to multiple zones
US20080250411A1 (en) * 2001-06-26 2008-10-09 Lucio Agostini Rule based engine for validating financial transactions
US20040117765A1 (en) * 2002-12-16 2004-06-17 Ming Chan System and method for evaluating and executing hierarchies of rules
US20060089923A1 (en) * 2003-12-31 2006-04-27 Jean-Marc Kerisit Editing process for an explanatory model
US20060282878A1 (en) * 2005-06-14 2006-12-14 Stanley James C Expression of packet processing policies using file processing rules
US20070100859A1 (en) * 2005-11-03 2007-05-03 International Business Machines Corporation System and method for managing changes to business rules
US20070174223A1 (en) * 2006-01-26 2007-07-26 International Business Machines Corporation Method, system and program product for automated testing of changes to externalized rules
US20090177920A1 (en) * 2006-07-20 2009-07-09 Athenahealth, Inc. Automated Configuration of Medical Practice Management Systems
US20090281831A1 (en) * 2006-07-20 2009-11-12 Athenahealth, Inc. Automated Configuration of Medical Practice Management Systems
US20080021732A1 (en) * 2006-07-20 2008-01-24 Athenahealth, Inc. Automated Configuration of Medical Practice Management Systems
US20090228421A1 (en) * 2006-12-07 2009-09-10 Hugues Citeau Method and system for sequential compilation and execution of rules
US20080147584A1 (en) * 2006-12-13 2008-06-19 Novell, Inc. Rule Location, Ordering, and Combining in a Polyhierarchical Environment
US8200603B1 (en) * 2006-12-22 2012-06-12 Curen Software Enterprises, L.L.C. Construction of an agent that utilizes as-needed canonical rules
US20080228688A1 (en) * 2007-03-16 2008-09-18 Tao Liu Production rule system and method
US7925605B1 (en) * 2007-09-13 2011-04-12 The United States Of America As Represented By The Secretary Of The Navy Evolutionary expert systems and methods using meta-rules matching
US20090080708A1 (en) * 2007-09-24 2009-03-26 Accenture Smart identity system
US20090144219A1 (en) * 2007-11-30 2009-06-04 The Boeing Company Rules collector system and method
US20090144217A1 (en) * 2007-11-30 2009-06-04 Stratus Technologies Bermuda Ltd. System and methods for managing rules
US20100042572A1 (en) * 2008-08-12 2010-02-18 Haitham Mahmoud Al-Beik Method for Dynamically Determining a Predetermined Previous Condition of a Rule-based System
US20100100468A1 (en) * 2008-10-20 2010-04-22 Spector Omri System and method for multi layer rule processing background
US20100241604A1 (en) * 2009-03-23 2010-09-23 Microsoft Corporation Notification-based forward chaining
US20110153538A1 (en) * 2009-12-21 2011-06-23 Sap Ag Rule-based Processing in Different Layers
US20110270752A1 (en) * 2010-05-03 2011-11-03 Neto Joao Eduardo Ferreira Fraud and events integrated management method and system
US9514584B1 (en) * 2010-10-28 2016-12-06 Alarm.Com Incorporated Access management and reporting technology
US20130006848A1 (en) * 2010-11-12 2013-01-03 Kuttuva Avinash Method of virtual transaction using mobile electronic devices or fixed electronic devices or a combination of both, for global commercial or noncommercial purposes
US20140162598A1 (en) * 2010-11-17 2014-06-12 Antony-Euclid C. Villa-Real Customer-controlled instant-response anti-fraud/anti-identity theft devices (with true- personal identity verification), method and systems for secured global applications in personal/business e-banking, e-commerce, e-medical/health insurance checker, e-education/research/invention, e-disaster advisor, e-immigration, e-airport/aircraft security, e-military/e-law enforcement, with or without NFC component and system, with cellular/satellite phone/internet/multi-media functions
US20140002236A1 (en) * 2010-12-02 2014-01-02 Viscount Security Systems Inc. Door Lock, System and Method for Remotely Controlled Access
US8965827B2 (en) * 2011-03-30 2015-02-24 Computer Sciences Corporation Rules execution platform system and method
US20190130081A1 (en) * 2011-04-11 2019-05-02 NSS Lab Works LLC Methods and systems for generating history data of system use and replay mode for identifying security events showing data and user bindings
US20130073511A1 (en) * 2011-09-19 2013-03-21 International Business Machines Corporation Contextual feedback of rules proximity based upon co-occurence history in a collaborative rule editing system
US20140067747A1 (en) * 2012-09-04 2014-03-06 International Business Machines Corporation Object based method to evaluate rules
US20140082501A1 (en) * 2012-09-20 2014-03-20 Samsung Electronics Co. Ltd. Context aware service provision method and apparatus of user device
US20170116613A1 (en) * 2013-01-17 2017-04-27 International Business Machines Corporation Fraud detection employing personalized fraud detection rules
US9990598B2 (en) * 2013-02-15 2018-06-05 Allscripts Software, Llc Apparatuses, systems, and methods for providing a rules engine system
US20160352739A1 (en) * 2013-03-14 2016-12-01 Ca, Inc. Authorization server access system
US9813285B1 (en) * 2013-03-14 2017-11-07 Ca, Inc. Enterprise server access system
US9420002B1 (en) * 2013-03-14 2016-08-16 Mark McGovern Authorization server access system
US20160006768A1 (en) * 2013-03-15 2016-01-07 Airwatch Llc Controlling Physical Access to Secure Areas Via Client Devices in a Network Environment
US9996684B2 (en) * 2013-05-13 2018-06-12 Veridium Ip Limited System and method for authorizing access to access-controlled environments
US20150106265A1 (en) * 2013-10-11 2015-04-16 Telesign Corporation System and methods for processing a communication number for fraud prevention
US20150120472A1 (en) * 2013-10-29 2015-04-30 Christian Aabye Digital wallet system and method
US9824316B2 (en) * 2013-12-18 2017-11-21 International Business Machines Corporation Transforming rules into generalized rules in a rule management system
US20150199679A1 (en) * 2014-01-13 2015-07-16 Karthikeyan Palanisamy Multiple token provisioning
US20150046181A1 (en) * 2014-02-14 2015-02-12 Brighterion, Inc. Healthcare fraud protection and management
US20150355609A1 (en) * 2014-06-06 2015-12-10 Vivint, Inc. Crowdsourcing automation rules
US20160055695A1 (en) * 2014-08-20 2016-02-25 Gate Labs Inc. Access management and resource sharing platform based on biometric identity
US20160092872A1 (en) * 2014-09-29 2016-03-31 Gyan Prakash Transaction Risk Based Token
US20160308859A1 (en) * 2015-04-14 2016-10-20 Blub0X Technology Holdings, Inc. Multi-factor and multi-mode biometric physical access control device
US20180089916A1 (en) * 2015-06-05 2018-03-29 Dean Drako Analytic Identity Measures for Physical Access Control Methods
US20170083837A1 (en) * 2015-09-17 2017-03-23 International Business Machines Corporation Hierarchical business rule model
US10318975B2 (en) * 2015-11-11 2019-06-11 International Business Machines Corporation Identifying a case with a missing decision from a set of decision rules in violation of a decision requirement
US10126725B2 (en) * 2016-03-08 2018-11-13 Samsung Electronics Co., Ltd. Elastic rule engine for a smart home
US20170279795A1 (en) * 2016-03-25 2017-09-28 Fortinet, Inc. Secure, automatic second factor user authentication using push services
US20170374074A1 (en) * 2016-06-23 2017-12-28 Airwatch Llc Continuous sensitive content authentication
US20180041518A1 (en) * 2016-08-02 2018-02-08 Capital One Services, Llc Systems and methods for proximity identity verification
US20190220583A1 (en) * 2016-10-03 2019-07-18 Bioconnect Inc. Biometric identification platform
US20200051349A1 (en) * 2017-03-30 2020-02-13 Assa Abloy Ab Physical zone pace authentication
US20180285745A1 (en) * 2017-04-03 2018-10-04 DataVisor Inc. Automated rule recommendation engine
US11418348B1 (en) * 2017-06-05 2022-08-16 United Services Automobile Association (Usaa) Distributed ledger system for identity data storage and access control
US20200349786A1 (en) * 2017-09-28 2020-11-05 Gate Labs Inc. Access management system
US20220368705A1 (en) * 2017-12-29 2022-11-17 Block, Inc. Logical Validation of Devices Against Fraud and Tampering
US20210044583A1 (en) * 2018-05-03 2021-02-11 SoftWarfare, LLC Biometric cybersecurity and workflow management
US20210044976A1 (en) * 2018-08-21 2021-02-11 HYPR Corp. Secure mobile initiated authentications to web-services
US20200082413A1 (en) * 2018-09-11 2020-03-12 Mastercard Technologies Canada ULC Optimized execution of fraud detection rules

Also Published As

Publication number Publication date
EP3474095A1 (en) 2019-04-24
WO2019083680A1 (en) 2019-05-02
US11651241B2 (en) 2023-05-16
US20190122127A1 (en) 2019-04-25

Similar Documents

Publication Publication Date Title
US7721259B2 (en) Configurable and customizable software application system and metadata
US10572236B2 (en) System and method for updating or modifying an application without manual coding
US11948190B2 (en) Smart learning systems for integrating and linking multiple data accounts across a network
BR112019015066A2 (en) BCHAIN UNIVERSAL CONNECTIONS SYSTEM ALL / EVERYTHING / EVERY PART
US20220083875A1 (en) System and method for specifying rules for operational systems
US20150242255A1 (en) Computer architecture and process for application processing engine
CN111985703B (en) User identity state prediction method, device and equipment
CN101375288A (en) Extensible role based authorization for manageable resources
US20150020147A1 (en) Authorization policy for group-centric secure information sharing
CN104463418A (en) A bank settlement account review management system
US20220358509A1 (en) Methods and System for Authorizing a Transaction Related to a Selected Person
Acharya Automobile management system project report
US20240420137A1 (en) Framework free integration
CN112597762B (en) Blockchain system with intelligent contract data supervision function and supervision method
Abdullah et al. Performance evaluation of rule‐based expert systems: An example from medical billing domain
US20060010155A1 (en) System that facilitates maintaining business calendars
US20090187440A1 (en) Method and system for facilitating security management in an electronic network
KR102000221B1 (en) System and method for supporting medical care benefits review based on natural language processing
US20240112791A1 (en) Token misalignment detection and remediation device
Al Hadad et al. A Comprehensive Review of COBIT and ISO 27001: Approaches to Auditing Credit Bureau Automation System (CBAS) at PT XYZ
US20050132228A1 (en) Data processing system and method
US9305316B2 (en) Behavior sets method and system
US10346392B2 (en) Methods and systems for transaction processing
US12277245B1 (en) Dynamic enforcement of management rules associated with artificial intelligence pipeline object providers
US12242651B1 (en) Dynamic enforcement of management rules associated with artificial intelligence pipeline object selections

Legal Events

Date Code Title Description
AS Assignment

Owner name: MASTERCARD INTERNATIONAL INCORPORATED, NEW YORK

Free format text: ASSIGNMENT OF ASSIGNORS INTEREST;ASSIGNOR:ALI, MUHAMMAD YASEEN;REEL/FRAME:058230/0737

Effective date: 20171103

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE AFTER FINAL ACTION FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: ADVISORY ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: DOCKETED NEW CASE - READY FOR EXAMINATION

STPP Information on status: patent application and granting procedure in general

Free format text: NON FINAL ACTION MAILED

STPP Information on status: patent application and granting procedure in general

Free format text: RESPONSE TO NON-FINAL OFFICE ACTION ENTERED AND FORWARDED TO EXAMINER

STPP Information on status: patent application and granting procedure in general

Free format text: FINAL REJECTION MAILED

STCB Information on status: application discontinuation

Free format text: ABANDONED -- FAILURE TO RESPOND TO AN OFFICE ACTION

点击 这是indexloc提供的php浏览器服务,不要输入任何密码和下载