Electronic information exchange methods are a standard means for the transfer of information. Electronic transfer methods, such as Electronic Data Interchange (EDI), computer readable media, e-mail, World Wide Web (www.address), File Transfer Protocol (FTP), Internet Relay Chat (IRC), and the like, may be accessed in a variety of methods and means, including wired as well as wireless access. The transfer of information electronically creates the potential for unauthorized eavesdropping or unauthorized access on the exchange. To protect information and prevent unauthorized access and use of information, most providers employ security procedures for authentication and/or authorization. Security procedures may be in the form of a sign-on protocol that requires a user name and password or other digital security object prior to the exchange of information. Information protected by authentication and authorization protocols may further include encryption to deter unauthorized access and use and provide for the secure communication of information.
The present invention relates to an enterprise business integration engine having secure access adapted to uses in relationship management, merger and acquisition integration, operational risk management and performance management. The invention overcomes problems in the prior art associated with market change, competition, consumer preferences, regulatory changes and disjointed information architecture in legacy systems.
Industry offers a broad range of electronic applications for services over a broad range of networks, channels and devices. Entities use electronic transfer mechanisms for multiple accounts; personal users perform electronic inquiries and reports. The need for security in the transfer of information is paramount. No prior system offers users a comprehensive solution to access and exchange secure information to and from disparate and/or unrelated sources. Security in the exchange of information also impedes interaction between legacy and new systems. In order to insure the secure delivery of services, providers of information and exchange services require users to complete new identification information so that a user must use separate access protocols in order to use a new version of a given existing application. The multitude of incompatible authentication and authorization protocols mandates that consumers of electronic services perform numerous sign-on procedures. Each authentication and/or authorization procedure service requires the retention of separate passwords or other digital security objects. As a result, the electronic exchange of information requires authorization and/or authentication to multiple security systems producing incompatibilities and delays in exchanges between and among users. Security protocols also include varying levels of access and authorization for a user of electronic information and exchanges. Existing systems are not integrated, and actually work to prevent integration of access and authorization across systems by employing credentialing or identification mechanisms that are specific only to that system. The specific mechanisms require protocols that reflect various system-specific policy rules and activities that may not be compatible with other systems or technologies.
In the prior art, a lack of enterprise application architecture scatters data and business logic. For example, data files relating to relationship, demographics, accounts, transactions, behavior, history, and analysis are often scattered and inaccessible from one legacy system to another. Complicated and expensive connectivity systems have been proposed to resolve these issues; however, prior solutions have a negative impact on key business initiatives such as relationship management, merger and acquisition integration, performance management, and operational risk management. Prior art deployment stratagems for an information integration hub have been elusive. To build is expensive and risky, involving projected costs of $50 Million to $75 Million and a projected timeframe of from 24 to 36 months before value is achieved. High risk and high cost are associated with lack of experience and resource constraints and existing channel software or middleware may present a high risk to stretch a product past design. Namely there are too many pieces to try to put together. Hence, the scope and risk of an integration project has hindered attempts at solving the data integration problem in the financial industry and there are numerous universal adapters for core systems and delivery channels which have proven unsatisfactory.
Channels perform authentication either at the channel (using a trusted connection to other systems) or use an external or host-based (untrusted connection to the device or system that is providing authentication, and/or authorization) security. The disparity of trusted or untrusted systems among channels, devices, and services severely limits a uniform system for secure transactions. As an example, a trusted security pathway compares a user's credentials to information stored on the master system. If systems are to be integrated, trusted and untrusted channels have a need to proxy security to another entity. This may be required when credentials are presented and must be checked prior to allowing a user to access information across disparate systems. Channels may also provide a reference to a session or activity context that can be tied to the credential(s) presented by a device, system, person or channel. In order for a channel to perform exchanges between individual services, such as an application that includes remote terminal access and a smart card, the individual authorization and authentication protocols for each of those services require a user to submit multiple user IDs and passwords in order to perform inquiries and communications among and between services and/or systems.
A need exists for a system that integrates authentication and/or authorization protocols and various encryption schemes required for independent services that determines a device, person, channel or system's relationship to a given service, the objects among the channels and exchange options allowed, and the level of access allowed for each device, person, channel, system, service, and exchange. An integrated security solution provides a flexible service and is desirable to save time and resources. No existing system in the prior art adapts easily for use with all services, devices, and delivery channels with multiple credential storage systems or encryption schemes.