Abstract: Described embodiments provide systems and methods for resource appropriation in a multi-tenant environment using risk and value modeling. A resource server can provide a plurality of applications access to a plurality of resources in response to requests from clients based in part on risk scores and value scores. The resource server can generate and execute a risk model and a value model to determine a risk score and a value score for each of the applications. The resource server can use the risk and value scores to determine access to a particular resource for a requested application. The resource server can assign a first allocation of resource tokens to an application. The resource tokens can correspond to access privileges to plurality of resources. The resource server can dynamically modify the resource allocation for applications responsive to changes to a risk score or value score of a respective application.

Abstract: Described embodiments provide systems and methods for resolving Domain Name Service (DNS) requests. An authoritative DNS server may receive, from a recursive resolver, a DNS request to resolve a query on behalf of a client. The authoritative DNS server may determine whether the recursive resolver is classified as a non-client representative resolver or a client representative resolver. The authoritative DNS server may identify a redirect server based on the recursive resolver classified as the non-client representative resolver or the resolved server based on the recursive resolver classified as the client representative resolver. The authoritative DNS server may transmit, to the recursive resolver, a response to the DNS request including an address of one of the redirect server or the resolved server.

Abstract: Described embodiments provide systems and methods for resource appropriation in a multi-tenant environment using risk and value modeling. A resource server can provide a plurality of applications access to a plurality of resources in response to requests from clients based in part on risk scores and value scores. The resource server can generate and execute a risk model and a value model to determine a risk score and a value score for each of the applications. The resource server can use the risk and value scores to determine access to a particular resource for a requested application. The resource server can assign a first allocation of resource tokens to an application. The resource tokens can correspond to access privileges to plurality of resources. The resource server can dynamically modify the resource allocation for applications responsive to changes to a risk score or value score of a respective application.

Abstract: Described embodiments provide systems and methods for cross protocol association using internet addresses for metadata association. An association between IPv4 addresses and IPv6 addresses can determined and used to bridge metadata from collection context in a first protocol into usage for a second protocol. A server can monitor a plurality of handshake exchanges to generate the association between IPv4 addresses and IPv6 addresses for a device or group of devices. The handshake exchange can include an IPv4 address, an IPv6 address, or both an IPv4 address and an IPv6 address for a respective device. The handshake exchanges can include a unique identifier corresponding to the respective device. The server can use the association to generate a mapping linking a range of IPv4 addresses to a range of IPv6 addresses corresponding to the same device. The mapping can be used to associate metadata to devices within the same ranges.

Abstract: Described embodiments provide systems and methods for cross protocol association using internet addresses for metadata association. An association between IPv4 addresses and IPv6 addresses can determined and used to bridge metadata from collection context in a first protocol into usage for a second protocol. A server can monitor a plurality of handshake exchanges to generate the association between IPv4 addresses and IPv6 addresses for a device or group of devices. The handshake exchange can include an IPv4 address, an IPv6 address, or both an IPv4 address and an IPv6 address for a respective device. The handshake exchanges can include a unique identifier corresponding to the respective device. The server can use the association to generate a mapping linking a range of IPv4 addresses to a range of IPv6 addresses corresponding to the same device. The mapping can be used to associate metadata to devices within the same ranges.

Abstract: Described embodiments provide systems and methods for resolving Domain Name Service (DNS) requests. An authoritative DNS server may receive, from a recursive resolver, a DNS request to resolve a query on behalf of a client. The authoritative DNS server may determine whether the recursive resolver is classified as a non-client representative resolver or a client representative resolver. The authoritative DNS server may identify a redirect server based on the recursive resolver classified as the non-client representative resolver or the resolved server based on the recursive resolver classified as the client representative resolver. The authoritative DNS server may transmit, to the recursive resolver, a response to the DNS request including an address of one of the redirect server or the resolved server.

Abstract: Described embodiments provide systems and methods for resource appropriation in a multi-tenant environment using risk and value modeling. A resource server can provide a plurality of applications access to a plurality of resources in response to requests from clients based in part on risk scores and value scores. The resource server can generate and execute a risk model and a value model to determine a risk score and a value score for each of the applications. The resource server can use the risk and value scores to determine access to a particular resource for a requested application. The resource server can assign a first allocation of resource tokens to an application. The resource tokens can correspond to access privileges to plurality of resources. The resource server can dynamically modify the resource allocation for applications responsive to changes to a risk score or value score of a respective application.

Abstract: Described embodiments provide systems and methods for cross protocol association using internet addresses for metadata association. An association between IPv4 addresses and IPv6 addresses can determined and used to bridge metadata from collection context in a first protocol into usage for a second protocol. A server can monitor a plurality of handshake exchanges to generate the association between IPv4 addresses and IPv6 addresses for a device or group of devices. The handshake exchange can include an IPv4 address, an IPv6 address, or both an IPv4 address and an IPv6 address for a respective device. The handshake exchanges can include a unique identifier corresponding to the respective device. The server can use the association to generate a mapping linking a range of IPv4 addresses to a range of IPv6 addresses corresponding to the same device. The mapping can be used to associate metadata to devices within the same ranges.

Abstract: Described embodiments provide systems and methods for resolving Domain Name Service (DNS) requests. An authoritative DNS server may receive, from a recursive resolver, a DNS request to resolve a query on behalf of a client. The authoritative DNS server may determine whether the recursive resolver is classified as a non-client representative resolver or a client representative resolver. The authoritative DNS server may identify a redirect server based on the recursive resolver classified as the non-client representative resolver or the resolved server based on the recursive resolver classified as the client representative resolver. The authoritative DNS server may transmit, to the recursive resolver, a response to the DNS request including an address of one of the redirect server or the resolved server.

Abstract: A system provides single sign-on capabilities for accessing a Web application through a passive client across multiple realms within a federation. A federation refers to different organizations or realms that have employed agreements, standards, and/or cooperative technologies to make user identity and entitlements portable between the organizations. Communications are redirected through a client in one realm to obtain a security token that can allow the resource server in the other realm to authenticate the user for access to the Web application.

Abstract: A method and mechanism for performing a prioritized determining of a climate conditioning to be provided to a zone in a multiple zone structure. In one embodiment of the invention, the determining of a climate conditioning to be provided to a zone is to be a prioritized determining, where a climate control condition is determined to satisfy a priority condition of the first zone. In another embodiment, the first priority condition associated with the first zone is based at least in part on an assigning of a first priority to the first zone.

Abstract: A method and apparatus for a control interface for environment control systems. An embodiment of a controller for a climate control system includes a memory to store a plurality of constraints for the climate control system and a processor to choose a current climate control activity, the current climate control activity being based at least in part on the constraints. The controller includes a user control interface to provide information to a user, the information identifying the current climate control activity of the climate control system and a constraint that influenced the choice of the current activity.

Abstract: Managing and securing process flow. A network server receives user data and retrieves secured flow data from the user data. A user interface is rendered at the client in response to the user data. The flow data is based on a web request from the client and identifies the process flow and a position within the process flow. The request initiates the process flow on a data communication network and the user interface has a hidden form field that contains the retrieved flow data. The client posts user-supplied information in addition to the flow data via the user interface for verifying the web request.

Abstract: A method and mechanism for performing a prioritized determining of a climate conditioning to be provided to a zone in a multiple zone structure. In one embodiment of the invention, the determining of a climate conditioning to be provided to a zone is to be a prioritized determining, where a climate control condition is determined to satisfy a priority condition of the first zone. In another embodiment, the first priority condition associated with the first zone is based at least in part on an assigning of a first priority to the first zone.

Abstract: A method and apparatus for a control interface for environment control systems. An embodiment of a controller for a climate control system includes a memory to store a plurality of constraints for the climate control system and a processor to choose a current climate control activity, the current climate control activity being based at least in part on the constraints. The controller includes a user control interface to provide information to a user, the information identifying the current climate control activity of the climate control system and a constraint that influenced the choice of the current activity.

Abstract: A system provides single sign-on capabilities for accessing a Web application through a passive client across multiple realms within a federation. A federation refers to different organizations or realms that have employed agreements, standards, and/or cooperative technologies to make user identity and entitlements portable between the organizations. Communications are redirected through a client in one realm to obtain a security token that can allow the resource server in the other realm to authenticate the user for access to the Web application.