Abstract: A method for creating and maintaining a Security Knowledge Base and related Security Knowledge Graph for modeling and analysis of security attacks and attack surfaces is described. A Security Knowledge Base can be assembled from a set of source documents, operational artifacts and experiential insights about Information Systems and Security. A Security Attack Knowledge Graph can be created from data in the Security Knowledge Base. The Security Attack Knowledge Graph can take the form of a connected graph used by a Graph Computing system and algorithms. The Graph Computing system can perform traversals to model security attacks for a target system and an attack scenario. The content of the Security Knowledge base can be further used to evaluate the traversal results, and produce reports, recommendations and action plans. The Security Knowledge Base and Security Attack Knowledge Graph can be improved with new source documents, artifacts, and experiential insights.

Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.

Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.

Abstract: Mechanisms are provided for dynamically determining one or more automation levels for tasks of a workflow. The mechanisms receive a workflow from a source component and receiving context and state information for an environment in which the workflow is to be performed. One or more tasks and associated task attributes are identified in the workflow and applying one or more automation rules to the context and state information and the task attributes to generate one or more automation level settings from the one or more tasks. The one or more tasks are performed in the environment in accordance with the one or more automation level settings. The automation level settings specify a degree of automation to be used when performing the one or more tasks.

Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.

Abstract: Mechanisms are provided for dynamically determining one or more automation levels for tasks of a workflow. The mechanisms receive a workflow from a source component and receiving context and state information for an environment in which the workflow is to be performed. One or more tasks and associated task attributes are identified in the workflow and applying one or more automation rules to the context and state information and the task attributes to generate one or more automation level settings from the one or more tasks. The one or more tasks are performed in the environment in accordance with the one or more automation level settings. The automation level settings specify a degree of automation to be used when performing the one or more tasks.

Abstract: Mechanisms are provided for dynamically determining one or more automation levels for tasks of a workflow. The mechanisms receive a workflow from a source component and receiving context and state information for an environment in which the workflow is to be performed. One or more tasks and associated task attributes are identified in the workflow and applying one or more automation rules to the context and state information and the task attributes to generate one or more automation level settings from the one or more tasks. The one or more tasks are performed in the environment in accordance with the one or more automation level settings. The automation level settings specify a degree of automation to be used when performing the one or more tasks.

Abstract: A method, system, and computer usable program product for providing consistent cryptographic operations in a data processing environment using protected structured data objects are provided in the illustrative embodiments. A data input is received from an originating application by a security plug-in, both the application and the security plug-in executing in the data processing system. A security schema object is received by the security plug-in, the security schema object describing a sequence of cryptographic operations, wherein the security schema object includes a plurality of components each component describing an aspect of the cryptographic operations. The data input is transformed into a secure structured data object by the security plug-in using the sequence of cryptographic operations. A property of the secure structured data object is populated using data about the security schema object. The secure structured data object is transmitted to a consumer application.

Abstract: Providing consistent cryptographic operations across several applications using secure structured data objects includes a security middleware component, using an application programming interface, receiving a data input from an originating application operating in application space. Both the application and the middleware component execute in the data processing system. A security schema object is retrieved by the security middleware component from an object store, the security schema object describing a sequence of cryptographic operations and includes several components describing aspects of the cryptographic operations. The data input is transformed from a first format to a second format where one of the formats is a secure structured data object formed using the sequence of cryptographic operations. A property of the secure structured data object contains data about the security schema object. The data input is transmitted in the second format to a consumer application operating in application space.

Abstract: A system and method for generating an information technology solution. A system for generating a runtime model is provided, comprising: a system for selecting a business pattern; a system for providing a management integration table, wherein the management integration table includes a plurality of cells, each representing at least one management application pattern; and a system for generating a runtime model from the selected business pattern and management integration table, wherein the generating system supplements the business pattern with additive patterns, bridge patterns, and management application patterns in order to generate the runtime model.

Abstract: Mechanisms are provided for dynamically determining one or more automation levels for tasks of a workflow. The mechanisms receive a workflow from a source component and receiving context and state information for an environment in which the workflow is to be performed. One or more tasks and associated task attributes are identified in the workflow and applying one or more automation rules to the context and state information and the task attributes to generate one or more automation level settings from the one or more tasks. The one or more tasks are performed in the environment in accordance with the one or more automation level settings. The automation level settings specify a degree of automation to be used when performing the one or more tasks.

Abstract: A method, system, and computer usable program product for providing consistent cryptographic operations in a data processing environment using protected structured data objects are provided in the illustrative embodiments. A data input is received from an originating application by a security plug-in, both the application and the security plug-in executing in the data processing system. A security schema object is received by the security plug-in, the security schema object describing a sequence of cryptographic operations, wherein the security schema object includes a plurality of components each component describing an aspect of the cryptographic operations. The data input is transformed into a secure structured data object by the security plug-in using the sequence of cryptographic operations. A property of the secure structured data object is populated using data about the security schema object. The secure structured data object is transmitted to a consumer application.

Abstract: Providing consistent cryptographic operations across several applications using secure structured data objects includes a security middleware component, using an application programming interface, receiving a data input from an originating application operating in application space. Both the application and the middleware component execute in the data processing system. A security schema object is retrieved by the security middleware component from an object store, the security schema object describing a sequence of cryptographic operations and includes several components describing aspects of the cryptographic operations. The data input is transformed from a first format to a second format where one of the formats is a secure structured data object formed using the sequence of cryptographic operations. A property of the secure structured data object contains data about the security schema object. The data input is transmitted in the second format to a consumer application operating in application space.

Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.

Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.

Abstract: A system and method of designing a secure solution which meets the needs of a customer but which is appropriate and repeatable and may use components which are insecure or not trusted. In its preferred embodiment, the security system includes subsystems selected from access control, information flow, identity and credentials management, integrity and assurance. In each subsystem, elements are employed to reduce the effect of perils and to provide a repeatable system design.

Abstract: An automated method, system, device, and/or computer program for performing risk assessment for an information system. A risk assessment tool can receive a scenario for which to perform a risk assessment. A contextual data model and a set of data instances for the information system can be accessed. The contextual data model can define relationships between physical and logical assets of the information system. The contextual data model and set of data instances can be analyzed in relation to the scenario. An action plan can be generated that addresses the scenario.

Abstract: Techniques for establishing entitlement to a computer program product are provided, and include providing a client identity in a registration process to produce an entitlement file, obtaining an encoded version of a computer program product, and transforming the computer program product into an installation product in a computer storage medium, wherein the installation product comprises the entitlement file to establish entitled use of the computer program product.

Abstract: An automated method, system, device, and/or computer program for performing risk assessment for an information system. A risk assessment tool can receive a scenario for which to perform a risk assessment. A contextual data model and a set of data instances for the information system can be accessed. The contextual data model can define relationships between physical and logical assets of the information system. The contextual data model and set of data instances can be analyzed in relation to the scenario. An action plan can be generated that addresses the scenario.

Abstract: A system and method of designing a secure solution which meets the needs of a customer but which is appropriate and repeatable and may use components which are insecure or not trusted. In its preferred embodiment, the security system includes subsystems selected from access control, information flow, identity and credentials management, integrity and assurance In each subsystem, elements are employed to reduce the effect of perils and to provide a repeatable system design.