Abstract: Prioritizing vulnerability scan results is provided. Vulnerability scan results data corresponding to a network of data processing systems are received from a vulnerability scanner. The vulnerability scan results data are parsed to group the vulnerability scan results data by vulnerability identifiers. A corresponding security threat information identifier is associated with each vulnerability identifier. A correlation of each associated security threat information identifier is performed with a set of current vulnerability exploit data that corresponds to that particular security threat information identifier. Current security threat information that affects host data processing systems in the network is determined based on the correlation between each associated security threat information identifier and its corresponding set of current vulnerability exploit data. The current security threat information is prioritized based on a number of corresponding current vulnerability exploit attacks.

Abstract: A method, computer program product and computer system to analyze network vulnerability expansion is provided. A processor receives network infrastructure data regarding a network. A processor identifies a plurality of vulnerabilities associated with one or more components of the network. A processor generates a architecture model based, at least in part, on the network infrastructure data and the plurality of vulnerabilities. A processor generates a vulnerability expansion model based, at least in part, on the architecture model. A processor determines a vulnerability expansion based, at least in part, on the vulnerability expansion model and at least one vulnerability of plurality of vulnerabilities being compromised.

Abstract: An approach is disclosed that optically transmit data from a dedicated mobile device (DMD) to another device. Optically transmitting the data is performed by displaying the data on a display screen included in the DMD. The approach further optically receives data at the DMD. The data is received at a digital camera included in the DMD. Based on the exchanged data, the DMD determines if the DMD and the other device are bound to each other.

Abstract: An approach is disclosed that places a first side of an optical communication mounting frame (OCMF) onto a surface of a device with some of the device's display and its digital camera being are hidden from view from outside of the OCMF. A second device is received at another side of the OCMF, with some of the device's display and its digital camera being are hidden from view from outside of the OCMF. Each display is viewable from the other device's digital camera. Optical communications between the devices is performed by displaying data on one display that is read by the other device's digital camera and this communication is allowed while the OCMF is present. However, communication between the devices is inhibited when the OCMF is not present.

Abstract: Prioritizing vulnerability scan results is provided. Vulnerability scan results data corresponding to a network of data processing systems are received from a vulnerability scanner. The vulnerability scan results data are parsed to group the vulnerability scan results data by vulnerability identifiers. A corresponding security threat information identifier is associated with each vulnerability identifier. A correlation of each associated security threat information identifier is performed with a set of current vulnerability exploit data that corresponds to that particular security threat information identifier. Current security threat information that affects host data processing systems in the network is determined based on the correlation between each associated security threat information identifier and its corresponding set of current vulnerability exploit data. The current security threat information is prioritized based on a number of corresponding current vulnerability exploit attacks.

Abstract: A method, computer program product and computer system to analyze network vulnerability expansion is provided. A processor receives network infrastructure data regarding a network. A processor identifies a plurality of vulnerabilities associated with one or more components of the network. A processor generates a architecture model based, at least in part, on the network infrastructure data and the plurality of vulnerabilities. A processor generates a vulnerability expansion model based, at least in part, on the architecture model. A processor determines a vulnerability expansion based, at least in part, on the vulnerability expansion model and at least one vulnerability of plurality of vulnerabilities being compromised.

Abstract: Prioritizing vulnerability scan results is provided. Vulnerability scan results data corresponding to a network of data processing systems are received from a vulnerability scanner. The vulnerability scan results data are parsed to group the vulnerability scan results data by vulnerability identifiers. A corresponding security threat information identifier is associated with each vulnerability identifier. A correlation of each associated security threat information identifier is performed with a set of current vulnerability exploit data that corresponds to that particular security threat information identifier. Current security threat information that affects host data processing systems in the network is determined based on the correlation between each associated security threat information identifier and its corresponding set of current vulnerability exploit data. The current security threat information is prioritized based on a number of corresponding current vulnerability exploit attacks.

Abstract: An approach is disclosed that optically transmit data from a dedicated mobile device (DMD) to another device. Optically transmitting the data is performed by displaying the data on a display screen included in the DMD. The approach further optically receives data at the DMD. The data is received at a digital camera included in the DMD. Based on the exchanged data, the DMD determines if the DMD and the other device are bound to each other.

Abstract: An approach is disclosed that places a first side of an optical communication mounting frame (OCMF) onto a surface of a device with some of the device's display and its digital camera being are hidden from view from outside of the OCMF. A second device is received at another side of the OCMF, with some of the device's display and its digital camera being are hidden from view from outside of the OCMF. Each display is viewable from the other device's digital camera. Optical communications between the devices is performed by displaying data on one display that is read by the other device's digital camera and this communication is allowed while the OCMF is present. However, communication between the devices is inhibited when the OCMF is not present.

Abstract: In an approach, a certificate authority management device comprises a computing device with an operating system that supports certificate authority software, a power port with shutter door, a first key slot for an administrative user to enable use of the certificate authority management device in response to an insertion of a first key, a second key slot for management of a plurality of hybrid security keys in response to an insertion of a second key, and a touchscreen with graphical user interface.

Abstract: In an approach, a hybrid security key comprises at least one physical face on a first side of a key comprising a key groove cut and a barcode coupled to a top surface of the physical face; and at least one logical face on a second side of the key comprising a surface insert overlaying a conductive film, wherein the conductive film includes at least one contact point, at least one conductive trace, and a smart chip.

Abstract: Prioritizing vulnerability scan results is provided. Vulnerability scan results data corresponding to a network of data processing systems are received from a vulnerability scanner. The vulnerability scan results data are parsed to group the vulnerability scan results data by vulnerability identifiers. A corresponding security threat information identifier is associated with each vulnerability identifier. A correlation of each associated security threat information identifier is performed with a set of current vulnerability exploit data that corresponds to that particular security threat information identifier. Current security threat information that affects host data processing systems in the network is determined based on the correlation between each associated security threat information identifier and its corresponding set of current vulnerability exploit data. The current security threat information is prioritized based on a number of corresponding current vulnerability exploit attacks.

Abstract: An approach is disclosed that optically transmits a data from an information handling system that is a Stand Alone Certificate Authority (SACA) device, to a dedicated mobile device (DMD). The optically transmission is performed by displaying the data on a display screen included in the SACA device. The approach further optically receives data from the DMD by reading data displayed on the DMD's display screen using the SACA device's digital camera. Based on the data transmitted and received, the system verifies that the DMD and the SACA device are bound to each other.

Abstract: In an approach, a locking device comprises a lock cylinder, a first solenoid valve and a second solenoid valve, a barcode scanner adjacent to the lock cylinder, a spring-loaded interface adjacent to the lock cylinder, and a logical circuit comprising a first disc and a second disc. In an approach for using a hybrid security key in a non-networked device, a locking device of the non-networked device authenticates logical and physical attributes of a hybrid security key, determines authorizations of the hybrid security key, and audits use of hybrid security key while in the locking device of the non-networked device.

Abstract: In an approach, a locking device comprises a lock cylinder, a first solenoid valve and a second solenoid valve, a barcode scanner adjacent to the lock cylinder, a spring-loaded interface adjacent to the lock cylinder, and a logical circuit comprising a first disc and a second disc. In an approach for using a hybrid security key in a non-networked device, a locking device of the non-networked device authenticates logical and physical attributes of a hybrid security key, determines authorizations of the hybrid security key, and audits use of hybrid security key while in the locking device of the non-networked device.

Abstract: In an approach, a hybrid security key comprises at least one physical face on a first side of a key comprising a key groove cut and a barcode coupled to a top surface of the physical face; and at least one logical face on a second side of the key comprising a surface insert overlaying a conductive film, wherein the conductive film includes at least one contact point, at least one conductive trace, and a smart chip.

Abstract: In an approach, a certificate authority management device comprises a computing device with an operating system that supports certificate authority software, a power port with shutter door, a first key slot for an administrative user to enable use of the certificate authority management device in response to an insertion of a first key, a second key slot for management of a plurality of hybrid security keys in response to an insertion of a second key, and a touchscreen with graphical user interface.

Abstract: An approach that provides presence driven notification to a subscriber when a business process automation chain requires manual intervention is provided. In one embodiment, there is a notification tool, including a routing component configured to transmit a message to the subscriber based on data gathered relating to subscriber presence, location and preferences.

Abstract: An approach that identifies a service oriented architecture (SOA) shared service opportunity is provided. In one embodiment, there is an opportunity tool, including an identification component configured to identify a plurality of projects from each of a plurality of lines of business; a selection component configured to select a set of projects common to more than one line of business from the plurality of lines of business; and an evaluation component configured to evaluate the set of projects common to more than one line of business from the plurality of lines of business to identify a SOA shared service opportunity.

Abstract: An approach that constructs a service oriented architecture (SOA) shared service is provided. In one embodiment, there is a service construction tool, including an input component configured to receive design input for a SOA shared service solution; and a construction component configured to construct a SOA shared service based on the design input for the SOA shared service solution.