Abstract: A computer establishes normal activity levels of a factor associated with an application, system, network, or computing environment. The computer receives rules prescribing the trust levels assigned to users or devices during normal and abnormal activity levels exhibited by the factor. The computer monitors the activity level exhibited by the factor and determines whether the activity is normal or abnormal. If the computer determines that the factor is exhibiting abnormal activity, the computer modifies the trust level of associated users and devices according to the rules. The computer continues to monitor the activity of the factor until the computer determines that normal activity levels of the factor have returned, at which point the computer modifies the trust level of associated users or devices according to the rules.

Abstract: A tool for credential validation using multiple computing devices. The tool select at least one challenge question. The tool selects two or more user owned devices, wherein selecting the two or more user owned devices includes querying a database for each user owned device associated with a user account. The tool presents the at least one challenge question to the two or more user owned devices. The tool determines whether the at least one response received from the two or more user owned devices is a correct response relative to the at least one challenge question.

Abstract: Technical solutions for optimization of network resources are described. One general aspect includes a method, including measuring, by a controller, an attribute of network route being used to communicate a network flow between a first apparatus and a second apparatus. The method also includes comparing, by the controller, a predetermined threshold and the attribute. The method also includes in response to the attribute being non-compliant with the predetermined threshold, selecting, by the controller, an alternative network route to communicate the network flow between the first apparatus and the second apparatus. The method also includes routing, by the controller, the network flow to be communicated via the alternative route between the first apparatus and the second apparatus.

Abstract: Technical solutions for optimization of network resources are described. One general aspect includes a method, including measuring, by a controller, an attribute of network route being used to communicate a network flow between a first apparatus and a second apparatus. The method also includes comparing, by the controller, a predetermined threshold and the attribute. The method also includes in response to the attribute being non-compliant with the predetermined threshold, selecting, by the controller, an alternative network route to communicate the network flow between the first apparatus and the second apparatus. The method also includes routing, by the controller, the network flow to be communicated via the alternative route between the first apparatus and the second apparatus.

Abstract: An approach is provided for controlling a first application's access of a second application of a mobile device. Attributes are assigned to a graphical element displayed by the mobile device. Manipulations of first and second icons representing first and second applications, respectively, are detected as placing the first and second icons into the graphical element. One of the assigned attributes specifying an exchange of information permitted between the first and second applications is obtained. If access control settings of the first application are automatically configurable, the access control settings are automatically configured based on the obtained attribute; otherwise, the obtained attribute is applied to the first application by utilizing resource controls of the mobile device operating system. Based on the configured access control settings or the attribute applied to the first application, an access of the second application by the first application is controlled.

Abstract: Aspects dynamically set enterprise-level security rules. Risk values representing likelihoods of loss of enterprise secure data are determined for different attributes of a user, and added together to generate a user risk factor. If the risk factor does not meet one or more off-site access threshold value(s), additional security enhancements applicable to the user and not enabled within currently applied security are iteratively selected and used to revise the security settings, and the risk factor is revised by a risk abrogation value of each of the selected security enhancements, until either the revised risk factor meets the off-site access threshold value(s) (wherein access is granted to the secure data from the off-site location pursuant to the revised security settings), or until no additional applicable security enhancements are available (wherein user access to the secure data from the off-site location is denied).

Abstract: A computer establishes normal activity levels of a factor associated with an application, system, network, or computing environment. The computer receives rules prescribing the trust levels assigned to users or devices during normal and abnormal activity levels exhibited by the factor. The computer monitors the activity level exhibited by the factor and determines whether the activity is normal or abnormal. If the computer determines that the factor is exhibiting abnormal activity, the computer modifies the trust level of associated users and devices according to the rules. The computer continues to monitor the activity of the factor until the computer determines that normal activity levels of the factor have returned, at which point the computer modifies the trust level of associated users or devices according to the rules.

Abstract: An approach is provided for controlling a first application's access of a second application of a mobile device. Attributes are assigned to a graphical element displayed by the mobile device. Manipulations of first and second icons representing first and second applications, respectively, are detected as placing the first and second icons into the graphical element. One of the assigned attributes specifying an exchange of information permitted between the first and second applications is obtained. If access control settings of the first application are automatically configurable, the access control settings are automatically configured based on the obtained attribute; otherwise, the obtained attribute is applied to the first application by utilizing resource controls of the mobile device operating system. Based on the configured access control settings or the attribute applied to the first application, an access of the second application by the first application is controlled.

Abstract: A tool for identify verification using computing device collaboration. The tool generates a hash based, at least in part, on device specific information for one or more user owned devices. The tool determines whether a hash for the initial device matches the hash for at least one of the one or more user owned devices, and if so, sends, one or more challenge questions to the initial device, wherein the one or more challenge questions include at least one challenge question based on the device specific information for the one or more user owned devices. The tool determines whether each of one or more responses to the one or more challenge questions is correct.

Abstract: Embodiments of the present invention provide a solution to optimize data transfer between a mobile device and a cloud storage provider. Specifically, embodiments of the present invention may select one or more files for transfer from the mobile device to a cloud storage device based on an analysis of a set (at least one) of factors such as: (1) the percentage of local storage being consumed on the mobile device; (2) the mobile device's billing plan, and whether file transfer will cause the billing plan to be exceeded; (3) a capacity of a link between the mobile device and the cloud storage provider; (4) dates of last access for files stored on the mobile device; and/or (5) a battery power remaining in the mobile device (if applicable). Any files selected based on an analysis of these factors can be transferred via the link and deleted from the mobile device. Typically, a file is a candidate for transfer if it has not been accessed recently (e.g.

Abstract: Aspects dynamically set enterprise-level security rules. Risk values representing likelihoods of loss of enterprise secure data are determined for different attributes of a user, and added together to generate a user risk factor. If the risk factor does not meet one or more off-site access threshold value(s), additional security enhancements applicable to the user and not enabled within currently applied security are iteratively selected and used to revise the security settings, and the risk factor is revised by a risk abrogation value of each of the selected security enhancements, until either the revised risk factor meets the off-site access threshold value(s) (wherein access is granted to the secure data from the off-site location pursuant to the revised security settings), or until no additional applicable security enhancements are available (wherein user access to the secure data from the off-site location is denied).

Abstract: In an approach for asset management, a processor identifies the location of an asset. A processor receives information specific to the location of the asset. A processor determines that an alert is required based on at least the asset, the location of the asset, and the information specific to the location of the asset. A processor generates an alert.

Abstract: In an approach for asset management, a processor identifies the location of an asset. A processor receives information specific to the location of the asset. A processor determines that an alert is required based on at least the asset, the location of the asset, and the information specific to the location of the asset. A processor generates an alert.

Abstract: Aspects dynamically set enterprise-level security rules by assessing risk factors associated with a user. Risk values representing likelihoods of loss of enterprise secure data are determined for different attributes of a user, and added together to generate a user risk factor. If the risk factor does not meet one or more off-site access threshold value(s), additional security enhancements applicable to the user and not enabled within currently applied security are iteratively selected and used to revise the security settings, and the risk factor is revised by a risk abrogation value of each of the selected security enhancements, until either the revised risk factor meets the off-site access threshold value(s) (wherein access is granted to the secure data from the off-site location pursuant to the revised security settings), or until no additional applicable security enhancements are available (wherein user access to the secure data from the off-site location is denied).

Abstract: Aspects dynamically set enterprise-level security rules by assessing risk factors associated with a user. Risk values representing likelihoods of loss of enterprise secure data are determined for different attributes of a user, and added together to generate a user risk factor. If the risk factor does not meet one or more off-site access threshold value(s), additional security enhancements applicable to the user and not enabled within currently applied security are iteratively selected and used to revise the security settings, and the risk factor is revised by a risk abrogation value of each of the selected security enhancements, until either the revised risk factor meets the off-site access threshold value(s) (wherein access is granted to the secure data from the off-site location pursuant to the revised security settings), or until no additional applicable security enhancements are available (wherein user access to the secure data from the off-site location is denied).

Abstract: A system for responding to a cyber-attack on a server. A notification is sent to a server administrator that a cyber-attack is occurring and the number of cyber-attacks on the server has exceeded a predetermined threshold. A request is received by a server, from the server administrator, in response to receiving the notification, to obtain a new Internet Protocol (IP) address for the server. The new IP address will be generated following a protocol received by the server from the server administrator. In response to receiving instructions to follow a protocol from the server administrator, the server requests a new IP address from a DHCP system. The DHCP system will obtain a new IP address for the server following the protocol sent by the server to the DHCP system.

Abstract: A tool for credential validation using multiple computing devices. The tool select at least one challenge question. The tool selects two or more user owned devices, wherein selecting the two or more user owned devices includes querying a database for each user owned device associated with a user account. The tool presents the at least one challenge question to the two or more user owned devices. The tool determines whether the at least one response received from the two or more user owned devices is a correct response relative to the at least one challenge question.

Abstract: There are provided a system, a method and a computer program product for routing a data packet. A first router includes a routing table having address routes for routing packets of a first network communication protocol and address routes for routing packets of a second network communication protocol. A source router, adjacent to the first router, stores first network communication protocol addresses of routers adjacent to the first router. The system creates a network communication path from the source router to one or more adjacent routers for only routing the data packets according to a corresponding first network communication protocol address route. The system updates the routing table of the first router to remove the second network communication protocol address routes to the adjacent routers. The system routes the data packet according to the created network communication path and the updated routing table of the first router.

Abstract: Embodiments of the present invention relate to an approach for reconfiguring interrelationships between components of virtual computing networks (e.g., a grid computing network, a local area network (LAN), a cloud computing network, etc.). In a typical embodiment, a set of information pertaining to a set of components associated with a virtual computing network is received in a computer memory medium or the like. Based on the set of information, a graphical representation (e.g., hierarchical tree) depicting the set of interrelationships between the set of components is generated. When a failure in the virtual computing network is detected, at least one of the set of interrelationships between the set of components is reconfigured based on the graphical representation and the set of rules to address the failure.

Abstract: A tool for credential validation using multiple computing devices. The tool selects at least one challenge question. The tool selects one or more user owned devices, wherein selecting the one or more user owned devices includes querying a database for each user owned device associated with a user account. The tool selects at least one device order, based, at least in part, on a level of security desired in credential validation. The tool presents the at least one challenge question to the one or more user owned devices, wherein the at least one challenge question includes the at least one device order for returning at least one response. The tools determines whether the at least one response received from the one or more user owned devices is a correct response relative to the at least one challenge question and the at least one device order.