Abstract: A system includes: at least one processor running instances of two or more services. Instances of a first service are dependent upon instances of a second service. A fault-injection manager, based on data in a service directory indicative of dependencies of services of the system, determines a fault-inducing condition to inject into the system and injects the fault-inducing condition into the system. A health monitoring manager detects failures in the system and identifies the first service as vulnerable to the fault-inducing condition when the fault-inducing condition causes an instance of the second service to fail.

Abstract: Providing rich contextual information to a user in an authentication agnostic way with respect to the user. A method includes, at an application, receiving a request from a first user to access functionality of the application. The request from the first user comprises information identifying a second user who has consented to their social media information being used by the application. The method further includes sending information to the identity provider which includes information identifying the second user. The identity provider is managed by an entity separate from the application. The method further includes receiving, at the application, social media information common between the first user and the second user. The method further includes providing at least a portion of the common social media information, to the first user, in an authentication agnostic way with respect to the first user's authentication to the application.

Abstract: A network entity that allows collaboration among end users of a collaborative application by using different identifiers. The network entity receives an authentication request from a collaborative application to authenticate an end user. The network entity uses a first identifier of the end user that is associated with the network entity to verify that end user is permitted to use the collaborative application and informs the collaborative application that the end user is permitted to use the collaborative application. The network entity receives from the collaborative application a second identifier of the end user that is not associated with the network entity. The second identifier is linked to the first identifier. The network entity allows the second identifier to be used to authenticate the user with the collaborative application without the need to use the first identifier when a collaborative session is begun.

Abstract: A system includes: at least one processor running instances of two or more services. Instances of a first service are dependent upon instances of a second service. A fault-injection manager, based on data in a service directory indicative of dependencies of services of the system, determines a fault-inducing condition to inject into the system and injects the fault-inducing condition into the system. A health monitoring manager detects failures in the system and identifies the first service as vulnerable to the fault-inducing condition when the fault-inducing condition causes an instance of the second service to fail.

Abstract: Systems and methods disclosed herein are directed to creating a service directory of dependencies for services running on a system, wherein instances of a first service are dependent upon instances of a second service. The directory of dependencies comprises metadata associated with connections between the services. The system injects faults targeting all levels of the dependencies. The system is monitored to detect failures created by the faults. The injected faults are selected from transport layer faults, memory pressure, processor pressure, storage pressure, virtual machine restart, and virtual machine shut down. A domain name service is monitored to identify names that are resolved for the services. The service directory is then updated continuously with additional dependencies using information about the resolved names. The faults may be injected in a guided manner, wherein the scope of the faults is increased in steps over time to identify a failure point in the system.

Abstract: Systems and methods disclosed herein are directed to creating a service directory of dependencies for services running on a system, wherein instances of a first service are dependent upon instances of a second service. The directory of dependencies comprises metadata associated with connections between the services. The system injects faults targeting all levels of the dependencies. The system is monitored to detect failures created by the faults. The injected faults are selected from transport layer faults, memory pressure, processor pressure, storage pressure, virtual machine restart, and virtual machine shut down. A domain name service is monitored to identify names that are resolved for the services. The service directory is then updated continuously with additional dependencies using information about the resolved names. The faults may be injected in a guided manner, wherein the scope of the faults is increased in steps over time to identify a failure point in the system.

Abstract: A network entity that allows collaboration among end users of a collaborative application by using different identifiers. The network entity receives an authentication request from a collaborative application to authenticate an end user. The network entity uses a first identifier of the end user that is associated with the network entity to verify that end user is permitted to use the collaborative application and informs the collaborative application that the end user is permitted to use the collaborative application. The network entity receives from the collaborative application a second identifier of the end user that is not associated with the network entity. The second identifier is linked to the first identifier. The network entity allows the second identifier to be used to authenticate the user with the collaborative application without the need to use the first identifier when a collaborative session is begun.

Abstract: Providing rich contextual information to a user in an authentication agnostic way with respect to the user. A method includes, at an application, receiving a request from a first user to access functionality of the application, The request from the first user comprises information identifying a second user who has consented to their social media information being used by the application. The method further includes sending information to the identity provider which includes information identifying the second user. The identity provider is managed by an entity separate from the application. The method further includes receiving, at the application, social media information common between the first user and the second user. The method further includes providing at least a portion of the common social media information, to the first user, in an authentication agnostic way with respect to the first user's authentication to the application.

Abstract: A system for assessing the quality of a service provided by an application hosted by a hosting system is provided. An assessment system generates a data storage score that indicates the data storage support provided by the hosting system to the application. The assessment system may also generate a computational score that indicates the computational support provided by the hosting system to the application. The assessment system may also generate a security score that indicates the security support provided by the hosting system to the application. The assessment system then generates a service score by combining the data storage score, the computational score, and the security score. The assessment system then provides the service score as an indication or certification of the quality of the service provided by the application that is hosted by the hosting system.

Abstract: Using real world network traffic for both a primary and ancillary system. A method includes accessing intercepted network traffic directed to a primary system. The intercepted network traffic is real network traffic sent by entities sending messages directed to the primary system. One or more policy constraints are identified on network traffic to be used at an ancillary system. Based on the one or more policy constraints, a subset of the intercepted network traffic is identified. The subset of the intercepted traffic is sent to the ancillary system, where the subset of the intercepted traffic is consumed by the ancillary system.