WO2007110545A2 - Method and system for controlling access to the data in a database - Google Patents

Abstract

The system comprises a program intended to execute a predefined processing operation, the program (WO) being able to trigger, when said operation is executed, the retransmission of at least one request to activate at least one processing module (WS1 - WS6) designed to execute at least one processing operation on at least one part of said data. The system also comprises control means intended to determine whether the program (WO) originating the activation request is authorized to activate said processing module (WS1 - WS6) and intended to provoke, in case of authorization, the execution of said at least one processing operation.

Description

 Method and system for controlling access to data of a database

The invention relates to a method and a system for processing data of a database, enabling access control to the data of the database.

In the field of databases, it is known to use data processing servers which are capable of executing a processing process on all or part of the data of the database after interrogation of this database.

In current database management systems, the rules defining the access rights to the data of an information system give rights to read and / or write to given entities (companies, users, etc.). based on permission levels and profiles associated with these levels. This results in a strong limitation of the access possibilities to the data of the information system, an entity having access only to the part of the data for which it has a right to read or write.

For example, when an entity is not interested in obtaining the confidential data as stored in the database, but by more global information in relation to these data, such as the average or the standard deviation of a list of values stored in the database, which information is not necessarily confidential, it may be useful to have a system that is able to control the access rights to the data according to the processing operations performed on these data.

Current database management systems are not capable of implementing such control. It is therefore necessary to complete the database management system by developing a specific application that is able to implement such a control. Such a specific application must, on the one hand, adapt to the needs and the IT means of the entities interrogating the database, and on the other hand, be able to interface with the database management system. existing data. Such development may also prove costly. In addition, it is not easy to verify that this specific application does, and only, perform a particular authorized process. Indeed such a verification must be done on the source code of the application, and by a manual process of comparison between the source code and the functional specifications of the application.

There is therefore a need for a data processing device of one or more databases, making it possible to guarantee simply and inexpensively that access to the data of the information system is made in the context of a data processing process. predefined treatment. The invention responds to this need.

The subject of the invention is a data processing system comprising a mediation server between a first entity called a client entity and a second entity called a provider entity. said server comprising program execution means for executing, on request from the client entity, a program implementing a predefined process of processing, said program being able to trigger, during the execution of said process, a transmission through a communication link of at least one activation request of at least one processing module of a server of the provider entity in order to execute at least one processing operation on at least a part of the data at least one database accessible via the server of the supplier entity, the system comprising control means designed for, in case of authentication of said program, determining whether said program is authorized to activate said processing module and for , in the absence of authorization, inhibit the execution of said at least one processing operation.

The device according to the invention makes it possible to authorize access to data from a database in a context limited to a predefined processing process, which is that implemented by the authorized processing program, and to control the execution of the process when activating the processing modules.

The device thus makes it possible to offer an entity selective visibility of the data of a database. Authorization to access data in the database is granted for a given use, that is, for the execution of a given processing process. Only this process is considered for determining access authorization and not just the nature of the data. In this way, only the use of the data is important, not the data used.

According to a particular embodiment, the system according to the invention comprises means of authentication of said program, said control means being intended to be activated only in case of authentication.

The security of the system is enhanced by the fact that only a previously authenticated program is likely to be allowed to invoke a processing module.

According to a particular embodiment, the mediation server comprises software generation means capable of generating said program from a description in formal language of said process, said description being defined by reference to at least one module selected from a plurality of processor modules of the provider entity server that can be activated independently of one another.

The formal description allows, by reference to the processing modules, to define the processing operations on the entities, as well as the data on which these operations will be performed and the data resulting therefrom. It determines how two entities will be able to exchange data resulting from processing or access to data in their databases.

Thus the usage context in which an entity is authorized to access data, is entirely determined by the description of a data processing process, description using a formal process description language.

The device is thus easily adaptable to changing needs of the entities interrogating the information system, by changing the description of the process and automatic generation of the software module implementing the described process.

According to a particular embodiment, the system according to the invention comprises means for detecting an occurrence of at least one predefined event, an occurrence to which the execution of said process is subordinated.

It is thus possible to precisely program the timing of the execution of the process. This allows to fully automate a process of cooperation between two entities, especially when it is an iterative process, or to run periodically. In this case, the program is preferably reset after each execution, in order to enter the detection phase determining the next execution.

The processing module implementing the processing operation is chosen from among a plurality of processing modules that can be activated independently of one another. By the presence of autonomous software modules, which can be activated independently of one another, it is thus possible to define, operation by operation or group of operations by group of operations, the access conditions to the data of the database.

Preferably, the mediation server comprises means for verifying whether an entity is authorized to invoke the execution of said program. In this way, the mediation server plays the role of trusted third party between the client entity and the provider entity.

The entire process of cooperation between these two entities is controlled at the level of the mediation server, in particular through the use of an authenticatable program, resulting from a description validated by the cooperating entities. The mediation server acts as a mediator in that the execution of the cooperation process requires the intervention of the mediation server, and in that, on the one hand, it receives the requests from the client entity, on the other hand activates, by request sent to the server of the provider entity, the different processing modules allowing access to the data of a base of the supplier entity.

The invention also relates to a mediation server between a client entity and a provider entity, said mediation server comprising program execution means for executing, on request from the client entity, a program implementing a predefined process of processing, said program being able to trigger, during the execution of said process, a transmission through a communication link of at least one activation request of at least one processing module of the server of the provider entity to perform at least one processing operation on at least a portion of the data of at least one database of data accessible via the server of the supplier entity, said mediation server including control means designed for, in case of authentication of said program, determining whether said program is authorized to activate said processing module and for, in case of absence of authorization, inhibiting the execution of said at least one processing operation.

The invention also relates to a data processing server accessing at least one database, said processing server being able to communicate through a communication link with a mediation server between a client entity and a provider entity, said processing server comprising at least one processing module, designed to execute at least one processing operation on at least a part of said data of said database and activatable by request from the mediation server by means of a program setting implementing a predefined processing process, said processing server comprising control means for, following the transmission by said program of a request for activation of a processing module, checking whether said program is authorized to activate said processing module and for, in the absence of authorization, inhibit the execution of said at least one processing operation.

Correlatively to the system according to the invention, the invention relates to a data processing method included in at least one database, said method comprising at least,

a step of execution by a mediation server of a program implementing a predefined process of processing, said execution step being intended to be executed following the reception by the mediation server of a request coming from a 'a client entity,

a step of triggering by said program, during the execution of said process, of remission through a communication link of at least one activation request of at least one processing module of the processing server in order to execute at least one processing operation on at least a part of said data,

a control step for determining whether the program causing the activation request is authorized to activate said processing module,

a step of triggering the execution of said at least one processing operation, said triggering step being executed only in the case of authorization.

This method preferably comprises a step of authenticating the program at the origin of the activation request, said checking step being executed only in case of authentication. Other objects, features and advantages of the invention will become apparent from the description which follows, given solely by way of nonlimiting example, and with reference to the appended drawings in which:

FIG. 1 is a schematic representation of a system incorporating the device according to the invention,

FIG. 2 is an exemplary process description implemented by the device according to the invention,

FIG. 3 is a simplified flowchart of the method according to the invention.

The operation of the device according to the invention is described in an industrial context where two entities E1 and E2 (two companies) are brought to cooperate.

E1 is a supplier of basic components for the manufacture of manufactured products. Entity E2 is a client of the entity E1 and obtains components from the entity E1. The E2 entity manufactures manufactured products and distributes the manufactured products it produces.

The system represented in FIG. 1 comprises:

a database 5,

a server 10, representing the information system 10 of the entity E 1, accessing the database 5,

a database 25,

a server 20, representing the information system 20 of the entity E2, accessing the database 25,

a server 15 implementing the device according to the invention and able to communicate with the server 10 via a communication network R1 and with the server 20 via a communication network R2, the two networks R1 and R2 can be merged.

The server 10 comprises a software module 12 for managing the database 5 as well as a software module 11 dedicated to an activity of the entity E1, for example a production control software.

Symmetrically, the server 20 includes a software module 22 for managing the database 25 and a software module 21 dedicated to an activity of the entity E2, for example product ordering software.

In the database 5 are stored in particular information on the quantities of components available in the stocks of the entity E1. In the database 25 are stored in particular information on the quantities of components and manufactured products available in its inventory and information on the quantities of products ordered from the entity E2.

The server 15 shown in FIG. 1 comprises program execution means as well as a set of software modules WA1 to WA6, WL1 to WL3, and WO. The information system 10 implements the software modules WS1 to WS3, and symmetrically, the information system 20 implements the software modules WS4 to WS6. These different software modules cooperate and communicate with each other by means of MW, MW1, MW2 middleware which is implemented in a distributed manner between the server 15 (part MW of the middleware), the information system 10 (part MW1 of the middleware) and information system 20 (part MW2 of the middleware).

The software modules WA1, WA2, WA3 are data access modules of the information system 10, implementing an interface enabling the server 15 to interrogate the information system 10 and its database 5. Each of the modules WA1, WA2, WA3 is in fact an interface of the API (Application Program Interface) type with respect to the respective software modules WS1, WS2, WS3 implemented in the information system 10. The modules WS1, WS2, WS3 access the database 5 via the database management module 12. In addition, they implement one or more processing functions on the data to which they access.

Symmetrically, the software modules WA4, WA5, WA6 are data access modules of the information system 20, implementing an interface enabling the server 15 to interrogate the information system 20 and its database. 25. Each of the modules WA4, WA5, WA6 is in fact an interface of the API (Application Program Interface) type with respect to the respective software modules WS4, WS5, WS6 implemented in the information system 20. The modules WS4, WS5, WS6 access the database 25 via the database management module 22. In addition, they implement one or more processing functions on the data to which they access.

The software module WO is a control module implementing an automated data processing process, a process corresponding in a manner for the entities E1 and E2 to cooperate through their information systems. The server 15 is capable of simultaneously executing several such software modules WO ', WO ", etc. However, for the sake of clarity, a single software module WO has been represented in FIG.

The software modules WL1, WL2, WL3 are basic data processing modules that can be invoked by the WO module, available for example via a library of processing software components.

The various aforementioned software modules WO, WA1 to WA6, WS1 to WS6, WLO to WL3, are autonomous software components that can be activated independently of one another. They are preferably made in the form of components that can be invoked via a communication network such as the Internet, for example Web services (or "Web Service" according to the Anglo-Saxon name). A description and detailed specification of such components can be found on the website http://www.w3.org. These components can be invoked by Hypertext Transfer Protocol (HTTP) -compliant requests.

The middleware MW, MW1, MW2 is implemented using a communication protocol suitable for communication between such components, for example the Simple Object Access Protocol (SOAP). Such a protocol allows the sending of SOAP messages between the components. The middleware preferably includes security functions, allowing the implementation of authentication and access control procedures during communications between the components, in particular during the invocation of a component.

The SOAP messages that can be transported by the HTTP protocol, the various aforementioned software modules WO, WA1 to WA6, WS1 to WS6, WLO to WL3 that are executed by the server 15 or by one of the information systems 10 or 20, are susceptible be invoked by SOAP message from any terminal or system having software having a web access interface (eg a web browser) and accessing via the network R1 or R2 to the server 15 or one of the information systems 10 or 20.

The information system 20 of the entity E2 transmits to the server 15 requests or messages for the execution of predefined operations on the data of the information system 10 of the entity E1. These operations can be mathematical, logic or simple queries of the data of the information system 10 of the entity E1. Conversely, the information system 10 of the entity E1 can transmit to the server 15 requests or messages for the execution of predefined operations on the data of the information system 20 of the entity E2.

FIG. 1 shows that the system is bidirectional insofar as the server 15 can be used simultaneously, on the one hand for the execution of a process when the entity E1 sends the server a request to the server 15 to access data from the information system of the entity E2, and secondly, for the execution of a process when the entity E2 sends the server a request to the server 15 to access data from the information system of the entity. the entity E1.

The conditions according to which the entity E2 is authorized to access the data of the information system 10 of the entity E1 (or vice versa) are formalized by means of a description of a processing process.

Such a process describes the cooperation arrangements between the information systems of the entities E1 and E2, that is to say the way in which the server automatically processes the requests it receives from one of the communication systems. 'information.

Such a process includes:

one or more processing operations on the data of one of the information systems 10 or 20,

- if necessary, one or more control operations necessary to control the execution of the process, including condition verification operations or operations waiting for a particular event such as: receiving an email, a document, an SMS, a phone call, etc. The conditions to check during the process are for example:

conditions relating to data extracted from one of the information systems 10 or 20,

conditions relating to data resulting from a previous processing operation,

conditions relating to other data, for example the current date or time, the identity of the sender of the request, or any other data accessible by the server 15,

- More generally, conditions relating to an algorithm defining the sequence of operations and the conditions in which they are linked.

For example, condition checking operations are performed before or after execution of a processing operation. The same is true for other waiting operations. In addition, a waiting operation of a predefined event can be executed at the beginning of the process, in order to condition the start of the execution of the process by the occurrence of this event.

The process includes for example:

a first operation 01 for determining the number of products to be controlled by the entity E1 as a function of the number of products in the stocks of the entity E1 and the number of orders received by the entity E2,

a second operation 02 for determining the number of products to be ordered from other suppliers, this second operation being executed consecutively to the first operation when two conditions are fulfilled, the first condition being that the number of products in the stocks of the entity E1 is below a given threshold, the second condition being that the number of products in the stocks of the entity E1 determined during the first operation 01 does not make it possible to respond to all the orders received by the entity E2.

The formal description of this process is performed using a formal language appropriate for the process description, for example the Business Process Management Notation (BPMN).

An editing tool capable of editing a BPMN description is used to generate the description and thus formalize the process. Such a language makes it possible to define the manner of executing and linking the processing operations implemented by the components provided by the library, to define the data flows, to define new processing operations.

An example of such a graphic description is shown in Figure 2, in the case of an example of an elementary inventory process of short-term and medium-term stocks of products used under certain conditions in a procurement process.

In the graphical notation used, the round with thin line designates the initial state of the process. Rectangles with rounded edges designate operations performed by a web service. The other processing operations are represented by rectangles. The test operations are represented by diamonds.

In the PROC process example shown in Figure 2, the process description includes the following elements:

a step S200 corresponding to the step of initializing the process;

a processing step S210, corresponding to the determination, by querying the database of the entity E2, of the number X of components of a given type T that are available in the stocks of the entity E2;

a processing step S215, corresponding to the determination, by interrogation of the database of the entity E2, of the number Y of manufactured products incorporating the component of the type T that are to be produced by the entity E2;

a processing step S220, corresponding to the comparison of the results obtained in steps S210 and S215 and to the determination of the quantity Z of components of type T to be controlled corresponding to the difference Z = Y-X;

a step S225 of verifying a condition in which it is checked whether the quantity Z of components calculated in step S220 is non-zero; if yes, the process continues in step S230, otherwise in step S260;

a step S230 of processing, corresponding to the determination, by querying the database 5 of the entity E1, of the number Z1 of components of the type T that are available in the stocks of the entity E1;

a step S240 of checking a condition, in which it is checked whether the quantity Z1 is greater than a threshold; if so, the process continues in step S250, otherwise in step S260;

a step S250 during which a component command is sent to the entity E1;

a step S260 corresponding to the end of the process and the release of the software and hardware resources used by the process.

The initial step S200 optionally comprises an operation for verifying a predefined condition or for detecting the occurrence of at least one predefined event. This operation conditions the execution of the following steps S210 to S260. This event is for example the reception of a request or a message from a given entity, for example from the entity E2 or E1, or from any other entity, the receipt of a document, the receiving an SMS, receiving a phone call, the occurrence of a given date or time, etc.

The BPMN description of the PROC process is interpreted by an automatic generation engine capable of generating source code in BPEL4WS (Business Process Execution Language for Web Service) language that allows generating Web service components and invoking services. Existing web. Such tools are well known to experts in the field of process management. With this type of tools, a process can be defined from predefined standard components or templates, especially as a particular cooperation and scheduling of these typical components. Web services components WS1 to WS6 are then used during the implementation of the process, each web service corresponding to an instantiation of a template used to define the process.

The execution by the WO component of the process PROC of FIG. 2 uses, in the example described here, the components WA3 to WA5, WS3 to WS5 and WL1 to WL3.

Each of the software modules WL1 to WL3 is able to implement one or more predefined basic processing operations. In the example PROC process illustrated in FIG. 2, the step S220, (respectively S225, S240) is implemented by the software module WL1 (respectively WL2, WL3). The software modules WL1 to WL3 can themselves be derived from an automatic generation from a description in formal language.

Step S210 of the PROC process described in FIG. 2 is implemented by the software module WS4 in cooperation with the module WA4, constituting the server-side API 15 of the software module WS4. Similarly, the step S215 (respectively S230) of the process PROC described in FIG. 2 is implemented by the software module WS5 (respectively WS3) in cooperation with the module WA5 (respectively WA3), constituting the server-side API 15 of the WS5 software module (respectively WS3).

The software modules WS1 to WS6 can themselves be derived from an automatic generation from a description in formal language.

The process PROC is itself implemented by a component of the Web services type, which in the example described is the software module WO. An interface in Web Service Description Language (WSDL) makes it possible to invoke the execution of the PROC process in the same way as that of another Web service. The PROC process implemented by the software module WO thus corresponds to the process describing the cooperation modalities between the information systems of the entities E1 and E2.

From a formal language description of a process, one or more software components (WO) can automatically be generated capable of implementing the process defined by this formal description.

In one embodiment of the invention, the entities E1 and E2 concerned by the cooperation process generate and validate the description of the process. The server 15 preferably comprises means for editing, validating and recording the description of the process. The editing and validation of the process is performed from a terminal in communication link with the server 15.

Preferably, the server 15 comprises means for verifying whether an entity is authorized to edit or validate said description. In this case, the identification and / or authentication data of the entity concerned are transmitted to the server 15 which identifies and / or authenticates the entity before giving it access to the validated description.

In addition, the validated description is encrypted and / or digitally signed, so that it can not be modified without the consent of the entities that have approved it or only by an authorized entity. In this case, the server 15 verifies the signature of said description before proceeding to the generation of software components able to implement the process defined by this formal description.

The server 15 thus plays the role of third party mediation and trust. It is the repository of the validated description and implements the process as validated. Furthermore, as described in more detail below, it comprises control and security means ensuring that access to the data of one of the information systems 10 or 20 is done exclusively via the components corresponding to the process such that valid. In this way, access by another entity to information in an entity's information system is permitted only within a framework limited to a process validated and approved by those entities. In other words, the web services WS1 to WS3 (respectively WS4 to WS6) can only be invoked by a processing process authorized by the entity E1 (respectively the entity E2).

The server 15 further comprises an automatic generation engine capable of automatically generating the software component WO from the validated description it receives. Therefore the server 15 is able to process requests for the execution of the corresponding process.

The server 15 after generation of the software module WO transmits identification and / or authentication data of this module to the information systems 10 and 20 which is stored respectively in tables T1 and T2. Tables T1 and T2 define which programs are allowed to invoke the various Web services implemented respectively in information systems 10 and 20. In one embodiment, these tables associate each Web service identifier with program identifiers. allowed to invoke the web service. The table T1 (respectively T2) is stored in the information system 10 (respectively 20), preferably at the level of an extension of the middleware MW1 (respectively MW2).

Activation of the WO module is either free or reserved for a given entity. In this second case, an identification of the entity invoking the WO module is transmitted during this activation.

Each request sent by one of the information systems 10 or 20 and received by the server 15 triggers the execution of a particular process associated with the request. As a variant, only one global process is defined, capable of processing all the requests and implementing a subprocess associated with the request. In this variant, the global process comprises conditions and processing operations relating to the received request: analysis of the received request, obtaining an identification of the sub-process for which the request has been issued, then execution of the sub-process corresponding. The method according to the invention is described in more detail with reference to FIG. 3. It corresponds to the processing by the server 15 of a request sent by one of the information systems 10 or 20, in this case by the system information 20.

In step S100, a request is sent by the information system 20 of the entity E2, in order to execute the process PROC on the data of the information system 10 of the entity E1. This request is transmitted to the software module WO. Identification and / or authentication data (for example, login with password) of the sending E2 entity of the request are sent with the request.

In step S110, the software module WO receives the request, verifies the identity of the issuing entity from the transmitted authentication data, and if the issuing entity E2 is authorized to request the execution of the program PROC. , triggers the execution of the PROC process. Otherwise, the execution of the PROC process is not triggered and a warning message is sent to the issuing entity E2.

In step S120, the software module WO executes the initialization step of the PROC process. At the first execution of step S120, it is the step S200 of the PROC process that is executed. As described above, this step S200 may include waiting for a particular event conditioning the execution of the continuation of the PROC process.

In step S125, the process PROC implemented by the software component WO continues. If the execution of the PROC process is completed, the method according to the invention continues in the final step S160. Otherwise, the component WO determines whether to invoke a software component WS1 to WS6 processing. If so, the method according to the invention continues in step S130. In this case in the example given, the next step of the process PROC being the step S210, requiring the activation of the software component WS1, the method continues in step S130.

In step S130, for example during the execution of step S210 of the PROC process, the software component WO invokes the software component WS4 for processing implementing a processing operation or consultation of the information system data. 10 of the entity E1.

The software module WO issues an activation request to the component WS4 via its interface WA4. This request is transmitted in the form of a SOAP protocol message to the destination software module via the MW and MW1 parts of the middleware. This request includes identification and / or authentication data of the software component WO. This data can be security tokens, for example certificates or security infrastructure keys.

The transmission of requests between components is preferably done in a secure environment. A security mechanism using a combination of public key and private key in accordance with the X509 standard can be used to encrypt the request by means of a private key prior to its transmission via the middleware or the network, the public key of decryption being known from the component execution environment so that the request can be decrypted by means of this public key before processing by the destination component.

In step S135, following the transmission of the activation request, the WS4 component receiving the message identifies and authenticates the WO software module issuing the request from the identification and / or authentication data received. . In case of authentication of the software module issuing the request, the component WS4 determines, from the reference data table T1 managed by the information system 10, whether the authenticated component WO is authorized to invoke the module WS4.

Known technologies adapted to web services can be used for the authentication of the WO component, for example the Web Service Security (WS-Security) architecture using various security mechanisms: identifier / password pair, security token method and that of the certificates in particular. This technology makes it possible to authenticate the sender of the SOAP message from the data of the message. More precisely, it defines the data to be inserted in a SOAP message allowing the verification of the access rights corresponding to these various security mechanisms.

Furthermore, it is possible to obtain the address of the sender of a SOAP message of the data of the HTTP transport layer via which this message has been transported. Such an address can be used to perform the authentication operations in combination with the message data.

Authentication can also be carried out at the level of the middleware carrying the message or preferably at the level of the execution environment of the Web services (for example Axis). In such an environment, it is possible to define processing to be performed on a SOAP message before executing the message receiving web service.

As an alternative, the authentication and access authorization is carried out not by the components WS1 to WS6 implemented in the information system 10 or 20, but by the components WA1 to WA6, implemented in the server. And serving as an interface respectively to the components WS1 to WS6. In this case, the server 15 comprises a table T storing the information of the tables T1 and T2, which table is stored at the level of the middleware MW of the server 15. This alternative assumes that the server provides secure access to the data of these tables so to guarantee the integrity of the data stored there.

In case of authorization, the method according to the invention continues in step S140. In the opposite case, an error message is returned to the component WO, which in turn transmits an error message to the information system 20 of the entity E2 transmitting the request for processing request. The process ends in step S160.

The execution and activation of the WO component of the process control is done exclusively from the server 15. It is thanks to this module, generated from the validated description, that the server is able to provide the exclusive use of data in the context of a given processing process, ensuring that access to the data is only for processing operations that are part of a process corresponding to the validated description.

In step S140, the invoked WS4 software module issues a query to interrogate the information system 10 and the database 5 through the network R1, in order to obtain the data required for the execution of the processing operation associated with it.

In step S150, the software module WS4 executes the processing operation associated with it from the data obtained and then returns to the module WO the data resulting from the execution of this operation.

In step S160, the software module WO terminates the execution of the process PROC and returns to the information system 20 of the entity E2 the data resulting from the execution of the process PROC.

Steps S130 to S150 are executed again each time that the software component WO invokes a new software module WS1 to WS6 for data processing and access, in particular during the execution of the step S210, S215, S230 of the PROC process.

The device or method, according to the invention allows the automation of the execution of cooperation processes between several partner companies in particularly dynamic contexts requiring rapid exchange of information, or real time.

Its interest should increase with the deployment of technological solutions facilitating the real-time updating of data of an information system, especially in the case of stock management using RFID tags.

The invention has been described in the context of enterprise in the field of manufactured products. The fields of application of the invention can, however, be very varied.

The pharmaceutical sector provides an example of an E2 entity (pharmacies) distributing products provided by E1 entities (laboratories / industries) with E1 and E2 internal inventory management and distributed market intelligence at the entity level. E2. The high-tech or automotive sectors are other examples of sectors working more and more in just-in-time with reduced stocks at the level of E2.

According to a preferred implementation, the various steps of the method according to the invention are executed by means of computer program instructions.

These steps are thus preferably implemented by the processor (s) of the server 15 and servers 10 or 20, processor (s) using programs or subroutines designed for the execution of the various steps of this method.

Accordingly, the invention also relates to a computer program on an information medium, this program being capable of being implemented in a computer or by a data processor, this program comprising instructions adapted to the implementation of a data processing method according to the invention.

This program can use any programming language, and be in the form of source code, object code, or intermediate code between source code and object code, such as in a partially compiled form, or in any other form desirable shape.

The invention also relates to a computer-readable information medium, comprising instructions of a computer program as mentioned above.

The information carrier may be any entity or device capable of storing the program. For example, the medium may comprise storage means, such as a ROM, for example a CD ROM or a microelectronic circuit ROM, or a magnetic recording medium, for example a floppy disk or a disk. hard.

On the other hand, the information medium may be a transmissible medium such as an electrical or optical signal, which may be conveyed via an electrical or optical cable, by radio or by other means. The program according to the invention can be downloaded in particular on an Internet type network.

Alternatively, the information carrier may be an integrated circuit in which the program is incorporated, the circuit being adapted to execute or to be used in the execution of the method in question.

Claims

A data processing system comprising a server (15) mediating between a first entity called client entity (E2) and a second entity called provider entity (E1), said server comprising program execution means for executing, on query from the client entity, a program (WO) implementing a predefined process (PROC) for processing, said program (WO) being able to trigger, during the execution of said process, a transmission through a link for communicating at least one activation request of at least one processing module (WS1 -WS6) of a server of the provider entity to execute at least one processing operation on at least a part of the data at least one database (5) accessible via the server of the supplier entity, the system comprising control means (T1, T2) designed for, in case of authentication of said program, determining whether said program (WO ) is self it is possible to activate said processing module (WS1 -WS6) and, in the absence of authorization, to inhibit the execution of said at least one processing operation. 2. System according to claim 1, said mediation server comprising software generation means able to generate said program from a description in formal language of said process, said description being defined by reference to at least one module selected from a plurality processor modules of the provider entity server that can be activated independently of one another. 3. System according to claim 2, said mediation server comprising means for editing and validation of said description from a terminal in communication with said server. 4. System according to claim 3, said mediation server comprising means for verifying whether an entity is authorized to edit or validate said description. 5. System according to any one of the preceding claims, said mediation server comprising means for verifying whether an entity is authorized to invoke the execution of said program. 6. A mediation server (15) between a client entity (E2) and a provider entity (E1), said mediation server comprising program execution means for executing, on request from the client entity, a program (WO) implementing a predefined processing process (PROC), said program (WO) being able to trigger, during the execution of said process, a transmitting, via a communication link, at least one activation request of at least one processing module (WS1 -WS6) of a server of the provider entity in order to execute at least one processing operation on at least one at least part of the data of at least one database (5) accessible via the server of the supplier entity, said mediation server comprising control means (T1, T2) designed for, in case of authentication of said program determining whether said program (WO) is authorized to activate said processing module (WS1 -WS6) and, in the absence of authorization, inhibiting the execution of said at least one processing operation. A data processing server (10, 20) accessing at least one database (5, 25) of data, said processing server being able to communicate through a communication link with a server (15) mediating between a client entity (E2) and a provider entity (E1), said processing server comprising at least one processing module (WS1 -WS6), designed to execute at least one processing operation on at least a part of said data of said database. data and queryable from the mediation server (15) by means of a program (WO) implementing a predefined processing process (PROC), said processing server comprising control means (T1, T2) for , following the emission by said program of a request for activation of a processing module, checking whether said program is authorized to activate said processing module (WS1 -WS6) and, in the absence of authorization, inhibit lad performance ite at least one processing operation. A method of processing data included in at least one database accessible via a data processing server (10, 20), said method comprising at least, a step of execution by a mediation server of a program (WO) implementing a predefined process of processing, said execution step being intended to be executed following the reception by the mediation server of a request from a client entity, a triggering step by said program (WO), during the execution of said process, of the transmission through a communication link of at least one activation request of at least one processing module (WS1 - WS6) of the processing server to execute at least one processing operation on at least a portion of said data, a control step for determining whether the program (WO) initiating the activation request is authorized to activate said processing module (WS1 -WS6), a step of triggering the execution of said at least one processing operation, said triggering step being executed only in the case of authorization. 9. The method of claim 8 comprising a step of authenticating the program at the origin of the activation request, said checking step being executed only in case of authentication. Data carrier on which at least one set of program code instructions has been stored for performing at least one step of the method according to one of claims 8 to 9.