Abstract: A system has a virtual overlay infrastructure mapped onto physical resources for processing, storage and network communications, the virtual infrastructure having virtual entities for processing, storage and network communications. Virtual infrastructures of different users share physical resources but are isolated. Each infrastructure has its own infrastructure controller to create and configure the infrastructure. It has a user accessible part (CFC) for configuration of that user's infrastructure, and a user inaccessible part (UFC) able to access the mapping and the physical resources. This increases user control to ease system administration, while maintaining security by limiting access to the mapping.

Abstract: To provide a secure service to an application virtual machine running in a first domain of a virtualized computing platform, a second domain is arranged to run a corresponding service driver exclusively for the application virtual machine. As part of the secure service, the service driver effects a key-based cryptographic operation; to do so, the service driver has to obtain the appropriate key from a key manager. The key manager is arranged to store the key and to release it to the service driver only upon receiving evidence of its identity and being satisfied of compliance with release policies associated with the key. These policies include receipt of valid integrity metrics, signed by trusted-device functionality of the virtualized computing platform, for the service driver and the code on which it depends.

Abstract: A method of assessing a network uses a model (450) having nodes (100, 110) to represent parts of the network infrastructure and the application services, and having links to represent how the nodes influence each other. Dependencies or effects of the application services are found by determining paths through the nodes and links of the model (530). Such assessment can be useful for design, test, operations, and diagnosis, and for assessment of which parts of the infrastructure are critical to given services, or which services are dependent on, or could have an effect on a given part of the infrastructure. The dependencies or effects can encompass reachability information. The use of a model having links and nodes can enable more efficient processing, to enable larger or richer models. What changes in the dependencies or effects result from a given change in the network can be determined (830).

Abstract: A system has a virtual overlay infrastructure mapped onto physical resources for processing, storage and network communications, the virtual infrastructure having virtual entities for processing, storage and network communications. Each virtual infrastructure can be passivated by suspending applications, stopping operating systems, and storing state, to enable later reactivation. This is simpler for a complete virtual infrastructure than for groups of virtual entities and physical entities. It enables cloned virtual infrastructure to be created for testing, upgrading or sharing without risk to the parent. On failure, reversion to a previous working clone is feasible.

Abstract: A system for analyzing an environment to identify a security risk, comprising a model engine to generate a model of the environment using multiple components defining adjustable elements of the model and a risk analyzer to calculate multiple randomized instances of an outcome for the environment using multiple values for parameters of the elements of the model selected from within respective predefined ranges for the parameters.

Abstract: To provide a secure service to an application virtual machine running in a first domain of a virtualized computing platform, a second domain is arranged to run a corresponding service driver exclusively for the application virtual machine. As part of the secure service, the service driver effects a key-based cryptographic operation; to do so, the service driver has to obtain the appropriate key from a key manager. The key manager is arranged to store the key and to release it to the service driver only upon receiving evidence of its identity and being satisfied of compliance with release policies associated with the key. These policies include receipt of valid integrity metrics, signed by trusted-device functionality of the virtualized computing platform, for the service driver and the code on which it depends.

Abstract: A system has a virtual overlay infrastructure mapped onto physical resources for processing, storage and network communications, the virtual infrastructure having virtual entities for processing, storage and network communications. Virtual infrastructures of different users share physical resources but are isolated. Each infrastructure has its own infrastructure controller to create and configure the infrastructure. It has a user accessible part (CFC) for configuration of that user's infrastructure, and a user inaccessible part (UFC) able to access the mapping and the physical resources. This increases user control to ease system administration, while maintaining security by limiting access to the mapping.

Abstract: A system has a virtual overlay infrastructure mapped onto physical resources for processing, storage and network communications, the virtual infrastructure having virtual entities for processing, storage and network communications. The system has a mapping manager to dynamically alter the mapping for balancing, performance, and redundancy. There can be more independence from the underlying physical configuration, compared to known methods of virtualizing only some of the entities. The mapping manager can be distributed across a number of entities on different physical servers arranged to cooperate with each other.

Abstract: In one embodiment, a system and method pertain to receiving audit exceptions indicative of instances of noncompliance of an information system under evaluation relative to a policy or standard, identifying remediation recommendations that are relevant to the audit exceptions and that indicate how to correct conditions that caused the noncompliance, and providing the remediation recommendations to an entity responsible for correcting the conditions so as to provide information as to how the information system can be brought into compliance with the policy or standard.

Abstract: In one embodiment, a system or method pertain to accessing a model that comprises a computer-readable version of a standard or policy, identifying rules or requirements specified by the model that pertain to compliance with the standard or policy, and automatically generating questions relevant to the identified rules or requirements, the questions being intended to query intended respondents as to compliance with the identified rules or requirements.

Abstract: An apparatus (22,44) is described for use in generating configuration information for a computer system (12) employing hierarchical entities. A policy template (24) is employed which contains a definition of an abstract high-level policy, for the configuration of the system, and permitted refinements to that policy, the definition referring to a plurality of the entities. An information and system model (16) contains information about the computer system and its environment including the entities referred to in the high-level policy definition, the hierarchy thereof and non-hierarchical relations between the entities. A policy authoring engine (26) refines the high-level policy definition with reference to the permitted refinements thereto and the stored information about the entities to which the high-level policy definition relates in order to produce a refined policy definition.