Abstract: A node provides a service to a client node in a network. The node is configured to execute a code for providing the service to the client node in an enclave of a trusted execution environment (TEE) and to execute a code library in the enclave to attest to the client node the identity of the service provided. The service provided to the client node may be a distributed service including a result of a cooperation of a plurality of neighbor nodes, which are connected to the node either directly or through other intermediate nodes. The code library is configured to attest to the client node the identity of the distributed service.

Abstract: In a method for software attestation, an enclave including an operating system (OS) library is initialized in a trusted execution environment, wherein software attestation is performed to verify an identity of the enclave, wherein an application is executed inside the enclave using the OS library, and wherein performing the software attestation includes attestation of a content of a disk image associated with the application.

Abstract: A data access device for enforcing a data policy, including an input unit, a processing unit, a data exposure enforcement unit, and an output unit, where the data access device is configured to run in a trusted execution environment; the input unit is configured to receive a first data including a request for handling data, and a target identification; the processing unit is configured to process the first data to attain a second data including the target identification and a data structure according to requirements of an application running in the data access device; the data exposure enforcement unit is configured to manipulate the second data according to a data exposure policy to attain a third data; and the output unit is configured to output the third data.

Abstract: A node provides a service to a client node in a network. The node is configured to execute a code for providing the service to the client node in an enclave of a trusted execution environment (TEE) and to execute a code library in the enclave to attest to the client node the identity of the service provided. The service provided to the client node may be a distributed service including a result of a cooperation of a plurality of neighbor nodes, which are connected to the node either directly or through other intermediate nodes. The code library is configured to attest to the client node the identity of the distributed service.

Abstract: A method for resolving domain names, where a name server is configured to receive a query for a domain name system (DNS) record from a stub resolver, where a public key or certificate held by the stub resolver matches a private key of the name server. The name server runs the query for a DNS record by executing code in a trusted execution environment. Instead of recursively resolving the query for a DNS record as is common practice, the name server reads the DNS record corresponding to the query from a ledger. At last the name server prepares an authenticated response to the stub resolver by authenticating the response comprising the read DNS record with its private key, wherein the private/public key pair or alternatively private key and matching certificate are protected and distributed with the at least another name server via the common ledger.

Abstract: A method for resolving domain names is provided. A name server is configured to receive a query for a domain name system (DNS) record from a stub resolver, wherein a public key or certificate held by the stub resolver matches a private key of the name server. The name server runs the query for a DNS record by executing code in a trusted execution environment. Instead of recursively resolving the query for a DNS record as is common practice, the name server reads the DNS record corresponding to the query from a ledger. At last the name server prepares an authenticated response to the stub resolver by authenticating the response comprising the read DNS record with its private key, wherein the private/public key pair or alternatively private key and matching certificate are protected and distributed with the at least another name server via the common ledger.

Abstract: In one example of the disclosure, a promotion artifact is received, the promotion artifact for implementation at a computer system. An origin environment is identified. A risk probability is determined for each of a set of artifacts included within the promotion artifact, the risk probability based upon a community rating and a count of artifact dependencies for the artifact. A risk impact is determined for each of the set of the artifacts. A risk assessment for implementation of the promotion artifact at the computer system is determined based upon the origin environment, and upon the risk probability and the risk impact determined for each of the artifacts.

Abstract: Methods, apparatus, and articles of manufacture to deploy software applications are disclosed. A disclosed example includes query a user for a first parameter indicative of a capacity level needed for a software system and a second parameter indicative of a set of software applications to be installed for the software system, determine a group of components of the software system to be installed on the computer system based on the first parameter and the second parameter, determine a computer hardware requirement based on the set of software applications, compare the determined computer hardware requirement to a computer hardware configuration, indicate that the computer hardware configuration is sufficient when the computer hardware configuration at least meets the determined computer hardware requirement, and when the computer hardware configuration is sufficient, configure the set of software applications by installing the determined group of components of the set of software applications.

Abstract: Example implementations relate to isolating production environment debugging sessions. Some example implementations may include a runtime execution engine to execute, using a production environment, an original work flow corresponding to a unit of production environment source code. Some example implementations may also include a session initiation request engine to receive a request to perform a debugging session of a modified version of the unit of production environment source code. In some examples, the request may include a modified execution plan corresponding to a machine-readable translation of the modified version. Some example implementations may also include a debugging execution engine to execute the modified execution plan in isolation, the modified execution plan being executed in the production environment without altering at least one of the unit of production environment source code and the original work flow.

Abstract: A class map is created based on source code for a subject program that includes program modules. The class map maps the program modules to object-oriented programming classes referenced by the source code. A log map is created based on the class map and logging-mechanism configuration files. The logging-mechanism configuration files map the classes to log files. The log map maps the program modules to log files.

Abstract: Methods, apparatus, and articles of manufacture to deploy software applications are disclosed. A disclosed example includes query a user for a first parameter indicative of a capacity level needed for a software system and a second parameter indicative of a set of software applications to be installed for the software system, determine a group of components of the software system to be installed on the computer system based on the first parameter and the second parameter, determine a computer hardware requirement based on the set of software applications, compare the determined computer hardware requirement to a computer hardware configuration, indicate that the computer hardware configuration is sufficient when the computer hardware configuration at least meets the determined computer hardware requirement, and when the computer hardware configuration is sufficient, configure the set of software applications by installing the determined group of components of the set of software applications.