Abstract: A method and system for handling a malicious intrusion to a machine in a networked group of computers. The malicious intrusion is an unauthorized access to the machine, such as a server in a server farm. When the intrusion is detected, the machine is isolated from the rest of the server farm, and the machine is reprovisioned as a decoy system having access to only data that is ersatz or at least non-sensitive. If the intrusion is determined to be non-malicious, then the machine is functionally reconnected to the server farm, and the machine is reprovisioned to a state held before the reprovisioning of the machine as a decoy machine.

Abstract: A method, apparatus, and computer instructions are provided for a session initiation protocol application design, development, execution, and integration. A framework with a framework controller, an application data object, transition handlers, precondition handlers and post condition handlers is provided. When a message is received in a SIP application, the framework controller determines a state of application and parses the message to update application data by using corresponding handlers. The handlers for each state are specified in an input markup language model defined by a user externally via a Web service accessible component.

Abstract: In response to detecting a failed server, subscription message processing of a failover server is stopped. A subscription queue of the failed server is opened. A marker message is published to all subscribers of a particular messaging topic. The marker message includes an identification of the failover server managing the subscription queue of the failed server. Messages within the subscription queue of the failed server are processed. In response to determining that a message in the subscription queue of the failed server is the marker message, the subscription queue of the failed server is closed. Then, the failover server resumes processing of its original subscription queue looking for the marker message, while processing yet unseen messages from the queue. Once the marker message is found in the original subscription queue, normal operation is resumed.

Abstract: Methods, apparatus, and products for managing presence information of a presentity through a network according to a loosely-coupled network architecture style, the presentity representing a user of the network, are described that include receiving, by the presence information server, a request message to administer presence information of the presentity in a presence information document, the presence information document implemented as a markup document that includes one or more dedicated sections for presence information of the presentity, the request message identifying an action to administer presence information in the presence information document, and an identification of a dedicated section; retrieving, by the presence information server in response to the request message, the presence information document; and modifying, by the presence information server, the presence information document, including administering, in accordance with the request message, the presence information of the presentity in

Abstract: Methods, apparatus, and products for administering feeds of presence information of one or more presentities including creating a feed definition; adding to the feed definition one or more identifications of presentities; receiving a feed request; creating the feed, the feed including presence information for presentities identified in the feed definition; and sending a response to the feed request including the feed.

Abstract: The present invention discloses a system for implementing a software application programming interface (API) within a session initiation protocol (SIP) servlet. Such a system can utilize a state machine, a SIP servlet configured to execute the state machine, and an enterprise service bus (ESB). The state machine can be configured to send and receive a series of communications and can be defined in a definition document. The series of communications can represent the execution of a software function defined within an API. The SIP servlet can select a state machine based upon an indicator contained within a received SIP message. The ESB can be configured to execute a system function in response to communications with the state machine.

Abstract: A system for testing branch execution and state transition logic in session initiation protocol application modular components. A test harness constructs, sends, and initializes an artificial session initiation protocol runtime environment in order to test session initiation protocol application modular components. The artificial session initiation protocol runtime environment simulates session initiation protocol messages and a determines whether an appropriate session initiation protocol event occurs. Subsequent to determining whether the appropriate session initiation protocol event occurs in response to the simulated session initiation protocol messages, a report of the test results is generated.

Abstract: The present invention discloses a solution for modifying a group list server to perform syndication feed operations. A syndication feed creation software component, a content gathering component, and a content extraction converting component can be added to a group list server. The modified group list server can continue to function as a traditional list server and can also function as a traditional feed server that is able to interoperate with standard, client-side feed readers. In one embodiment, the modified list server can repurpose syndication groups as to operate as syndication feed channels and can repurpose group members to operate as feed items.

Abstract: A system and method for creating global sessions across different protocols and multiple converged protocol applications are provided. By creating a global session, state information for each of the individual protocol sessions may be communicated across protocols and utilized in performing operations across converged protocol applications. An edge server is used at the edge of a data network to correlate client interactions over different protocols and to associate them with a global session. The edge server acts as a session reference counter for individual client sessions that are part of a larger global session. The global session is created after the creation of the first protocol session and exists across the creation of future sessions on other protocols and other converged applications. Logical names and global session tokens are utilized to manage the various global sessions handled by the edge server.

Abstract: A mechanism for ensuring the authenticity of written and printed documents. With the mechanism of the present invention, electronic ink is deposited onto a document, wherein the electronic ink deposited comprises at least one mark visible to a user. Current is applied to the electronic ink while the electronic ink is wet. The current is applied to the electronic ink in order to imprint a pattern in the ink. The electronic ink deposited on the document is then allowed to dry. The pattern in the electronic ink may then be examined to verify the authenticity of the document.

Abstract: A method for providing access control to a single sign-on computer network is disclosed. A user is assigned to multiple groups within a computer network. In response to an access request by the user, the computer network determines a group pass count based on a user profile of the user. The group pass count is a number of groups in which the access request meets all their access requirements. The computer network grants the access request if the group pass count is greater than a predetermined high group pass threshold value.

Abstract: A system and method for burst traffic smoothing for Session Initiation Protocol (SIP) processing elements are provided. A dispatch queue management engine determines whether a received packet is a TCP or UDP packet. If the packet is a TCP packet, the packet is automatically added to the dispatch queue. If the packet is a UDP packet, a value for a drop function f is generated and a random or pseudo-random number r is generated. If r has a predetermined relationship to f, then the UDP packet is added to the dispatch queue, otherwise the UDP packet is discarded. The value for f is based on the current dispatch queue load, the network quality, the retransmission rate, and the allowable drop rate. Thus, the determination as to whether to drop UDP packets or not is configurable by an administrator and also adaptable to the current network and dispatch queue conditions.

Abstract: A system and method for developing Diameter applications are provided. The system and method extend the application server servlet model to support Diameter applications. A “base protocol” servlet is provided that handles the basic Diameter protocol functionality. Base application servlets are provided for each Diameter interface (for example, an “Sh” base servlet for the IMS “Sh” interface). These servlets are base classes for application code. The base application servlets implement additional semantics on top of the base protocol servlet to support additional attribute-value pair semantics. With the system and method, Diameter servlets share the same ServletContext as HTTP and SIP servlets. This mechanism facilitates communication between the various application entities and facilitates generation of converged applications.

Abstract: A system, computer program product and computer Implemented method of communicating with a Session Initiation Protocol (SIP) application session using a messaging service are provided. The system, computer program product and computer-Implemented method register the SIP application session with a messaging server. The system, computer program product and computer-Implemented method then publish an addressable messaging endpoint corresponding to the SIP application session in response to registering the SIP application session with the messaging server. Consequently, communication with the SIP application session can occur via messages directed to the published addressable messaging endpoint.

Abstract: A method for providing access control to a single sign-on computer network is disclosed. A user is assigned to multiple groups within a computer network. In response to an access request by the user, the computer network determines a group pass count based on a user profile of the user. The group pass count is a number of groups in which the access request meets all their access requirements. The computer network grants the access request if the group pass count is greater than a predetermined high group pass threshold value.

Abstract: Provided is an apparatus and method for detecting fraudulent passwords so that computer break-in attempts can be distinguished from authorized users incorrectly entering their passwords. An actual password is mapped against a computer keyboard and the resultant data is stored in memory. The profile of an entered password is compared to the stored profile. If the profile of the entered password differs significantly from the stored profile, then the login attempt is flagged as an attempted intrusion. In one embodiment of the current invention, passwords are mapped according to the distance subsequent keystrokes are from each other. Different embodiments may have different mapping schemes. For example, mapping data may correspond to statistical data that corresponds to the likelihood that a particular character is typed by mistake when another character is intended.

Abstract: Given a SIP call flow definition and WSDL extended with SIP/call flow interactions, a converged application integration (CAI) engine provides service-oriented application practitioners with an ability to reuse existing Web services integration techniques in a new converged application integration green space. The converged application integration engine “wraps” a pre-existing converged Web service/SIP or a SIP-only application, listens to application-specific signaling, and based on a supplied WSDL with SIP/call flow extensions, makes and accepts interaction requests using Web services. Given a SIP call flow definition, a WSDL extended with SIP/call flow interactions, and the converged application integration engine, a converged application execution (CAE) engine that greatly eases developing new converged applications. At runtime, the CAE engine “stitches” the signaling onto the decomposed servlet model by following the WSDL extended with SIP/call flow interactions.

Abstract: Development tooling receives the extended Web services description language with call flow interactions. The development tooling allows the user to select trivial message exchanges in the call flow. The development tooling may generate servlets for the selected message exchanges automatically to form a template form of the application that will execute in the converged application engine. Alternatively, the development tooling may generate a template form of the application that may be interpreted in an interpretive engine. The user may then drop in higher level business logic. The automatically generated servlets, or template form of the application to be interpreted, are configured to pass to the Web services information, including the last message contents.

Abstract: An extended Web services description language (WSDL) is provided to allow for the merging of call flow XML with the interface description. This is accomplished through additional WSDL bindings for operations that associate an operation with segments or message points within the call flow. In addition, the extension to WSDL defines a set of interactions that provide additional semantics for how the operation interacts with the call flow. These interactions capture the interaction points between the WSDL. The WSDL interfaces that are created may be used for outbound interactions (i.e. initiated through Web services from some event within the call flow) or for the usual inbound request response. An additional lifecycle listener interface is used to convey different binding points between an enhanced converged Web service processing engine and a converged application implementation of the WSDL.

Abstract: An interface design tool may include a traditional call flow design view and a traditional WSDL interface design view. The call flow design view may allow for the grouping of the call flow into segments or exchanges, and allow for labeling of each message in the segment. The tooling then allows for the creation of a mapping between WSDL operations and the call flow. The mapping may be labeled with the interaction type. The output of the visual artifacts may then be a WSDL and call flow XML document, where the additional bindings are included for the operations that capture the interaction relationships.