Data is usually stored on disparate computer systems. Users operating one software program from time to time need to extract data from another software program to complete a required task. In most instances, the software application operated by the user contains at least some of the data required by the user for their purpose. However, it is a common requirement for the user operating a software application to obtain data from another software application in order to obtain all the data necessary for a task to be completed. For example, a user may be preparing a report by use of one software application that requires data to be imported from another software application to complete the report.
Usually, the operator of a software application seeks to obtain data from another system and extracts the data required from the other system for incorporation into the application operated by the user. Implementing this particular model requires the other system to be able to allow access by external users or external applications for the purpose of obtaining data from that system. To control such access, the software application that contains or controls access to data required by external users usually provides a secure interface wherein the external user or external application provides credentials that must be successfully authenticated to allow the first software application to gain access to the data controlled by the second application. However, by providing such a user interface, the software application incurs the usual risk associated with unauthorised users gaining access to the software application. Irrespective of the method implemented, the provision of an external secure access interface necessarily incurs the risk of eventual unauthorised access to the application.
Further, this model for sharing data necessarily requires the second application to understand the security model/structures of the first application to operate effectively. Where it is intended that authentication of a user's credentials by a first software application should also provide access to a second application, there is usually a replication of the security model by the second application. When replication of a security model occurs, there is an inherent risk that the separately stored models will not be maintained consistently for each software application. One particular example of the type of problem that can occur is where a user's security status is downgraded on a first system with the reduced security status not being correctly recorded in a second system. In this instance, although the user's ability to access data from a first software application executing on first system may be reduced, when accessing a second software application on a second system, the user may still be afforded access to data from that second software application that should not occur. Further, the restricted data may then be transferred to the first software application thus enabling the user to effectively circumvent their reduced security status on the first system. Of course, this type of security breach may be inadvertent on the part of the user but in any event, instances of this type continue to represent a significant problem.
The sharing of data between software programs and/or applications is implemented for a range of purposes, including sharing between applications in order to effect functions that are not available in one or other of the software applications. For example, one software application may contain the necessary data for a user to complete a task however, that software application may not be able to present the data in a format desired by the user. In these instances, another application may be used that is able to effect the layout format required and from within that software application access to the application containing the data is required in order to complete the task of obtaining and present the necessary data in a format required by the user. As it is unlikely that any software application will be able to effect all present and future format and presentation requirements of a user, sharing data between software applications remains a necessary requirement albeit a requirement that incurs the security risks mentioned previously.
Accordingly, it is an objective of the present invention to provide a system, method and computer instruction code for effecting data transfer between software programs that ameliorates the associated security risk.
Any discussion of documents, devices, acts or knowledge in the specification is included to explain the context of the invention. It should not be taken as an admission that any of the material formed part of the prior art base or the common general knowledge in the relevant field of technology on or before the priority date of the claims herein.