Abstract: The illustrative embodiments provide a computer implemented method and computer program product for managing a meeting cancellation. A selection of a meeting entry on a calendar for cancellation is received and a cancellation notification is sent to all invitees of the meeting. The meeting entry is marked as cancelled on each calendar of each invitee. Upon receiving a confirmation of the cancellation notification from an invitee, a percentage of cancellation confirmations received is calculated and the meeting entry is marked with the percentage of cancellation confirmations received.

Abstract: Replay attacks in an encrypted file system are prevented by generating a session key and providing the session key to one or more drive managers and an encrypted file system process. When a drive request is received by the encrypted file system process the drive request is encrypted using the generated session key. The encrypted drive request is sent to a drive manager. The drive manager attempts to decrypt the drive request using the session key. If the encrypted drive request is successfully decrypted, then the drive manager performs the requested operation. On the other hand, if the request is not decrypted successfully, then the request is not performed by the drive manager. Drive managers can include both disk device drivers and a logical volume managers.

Abstract: A computer implemented method, data processing system, and computer program product for monitoring system events and providing real-time response to security threats. System data is collected by monitors in the computing system. The expert system of the present invention compares the data against information in a knowledge base to identify a security threat to a system resource in a form of a system event and an action for mitigating effects of the system event. A determination is made as to whether a threat risk value of the system event is greater than an action risk value of the action for mitigating the system event. If the threat risk value is greater, a determination is made as to whether a trust value set by a user is greater than the action risk value. If the trust value is greater, the expert system executes the action against the security threat.

Abstract: An apparatus, system and method of executing a monolithic application program successfully on a grid computing system are provided. Before the program is executed on the grid computing system, the program is executed on a computer on which the program has previously been successfully executed. During its execution, the program is monitored to collect its runtime information. The runtime information is provided to the grid computing system. With this information the grid computing system is able to successfully execute the program.

Abstract: An application for disabling the use of selected applications is provided. A server receives identification information from a user. The location of the user is determined. If the user is determined to be in a reserved location, the use of one or more applications is disabled, for the user.

Abstract: A method, system and computer program product for enabling user-customization of an ATM display/receipt for a transaction carried out at an automated teller machine (ATM). The customer/user of the ATM creates/selects specific alerts to be outputted during subsequent ATM transactions. The alerts/notices are linked to the customer account. During subsequent access to the user's account via an ATM, the pre-selected alert/notice is displayed to the user or printed on the transaction receipt.

Abstract: A method, medium and implementing processing system are provided in which displayed text is manipulated using two fingers within an editing application to select a region of text or objects. In an example, two fingers are placed on a touch-sensitive display or touch pad and the region of text between the fingers is selected. The selected text can be manipulated as otherwise selected text is currently manipulated, e.g. cut, paste and copy functions can be performed. The movement of the fingers also performs this manipulation. In one example, if the fingers are brought to together, the selected text is cut, or a split screen could occur. If the fingers are placed together and then parted, the action would be to part the text to make room for a picture or other insert.

Abstract: A user device initiates a network access authentication operation via a network access device with a network access authentication server, e.g., a Remote Authentication Dial-In User Service (RADIUS) server, which also generates an X.509 proxy certificate and includes the proxy certificate with the information, such as a set of network access parameters, that is returned to the user device in response to a successful completion of the network access authentication operation. The user device extracts and stores the proxy certificate. The network access parameters are used by the user device to communicate via the network access device on a network, which supports a grid. When the user device accesses a resource in the grid, the proxy certificate is already available, thereby obviating the need to generate a new proxy certificate and allowing a user of the user device to experience an integrated single-sign-on for network access and grid access.

Abstract: A computer implemented method, data processing system, and computer program product for discovering an unauthorized router in a network. The process in the illustrative embodiments first obtains a physical address of a suspected router or destination device. A data packet is created which comprises at least a destination media access control field, a destination internet protocol field, and a time-to-live field, wherein the destination media access control field comprises the physical address of the destination device, wherein the destination internet protocol field comprises a bogus internet protocol address, and wherein the time-to-live field comprises a value indicating the data packet has exceeded a time limit. The data packet is sent to the destination device using the physical address in the destination media access control field. If a time exceeded message is received from the destination device, the destination device is determined to be enabled for routing.

Abstract: A system, method, and program product is provided that selects an instant messaging message that includes one or more words in a text area. The instant message is a communication with an instant messaging participant that corresponds to an instant messaging participant identifier. A count is kept of the words that match keywords that are associated with a selected instant messaging group data store that is stored in a nonvolatile data area. If the count exceeds a particular threshold, the instant messaging participant identifier is added to the selected instant messaging group.

Abstract: A system, method, and computer program product for managing e-mail and real-time messaging activity between a first client and a second client. In accordance with one embodiment, the method includes the first or second client detecting an nth e-mail thread response to an original e-mail message delivered between the first client and second client, wherein n is greater than or equal to one. In response to detecting occurrence of an nth e-mail thread response, a real-time electronic messaging session is invoked between the first and second clients. In an alternate embodiment of the invention, the first client sends a real-time message to the second client during a real-time messaging session between the first and second clients. In response to a specified real-time messaging session termination event, an e-mail message containing the sent real-time message is sent to the second client.

Abstract: Files, such as HTML files, are managed by performing a permitted command or action initiated on a current file on all its co-requisite files as identified in an extended attribute field stored within the current file. Thus, when an HTML file is emailed or transferred, all requisite files necessary to properly render the web page at the client are assured to be sent. The extended attribute field indicates the parent-child relationship of the co-requisite files and only performs the action on child files. The extended attribute field within the current file also indicates the actions that can be performed on each of its co-requisite files.

Abstract: A method of creating multiple, alternative presentations within a single electronic presentation, by assigning one or more presentation constraint parameters to the electronic slides, and generating a sequence for presenting less than all of the electronic slides based on the presentation constraint parameters. Different sequences can be generated using different presentation constraint parameters that are assigned to the electronic slides. For example, a first electronic slide could be included in a first sequence, and a second electronic slide (or multiple slides) can be substituted for the first electronic slide in a second sequence. A sequence can be generated by adjusting a scalable constraint associated with the presentation constraint parameters to determine which electronic slides to include. The presentation constraint parameters can include a time factor and a content level.

Abstract: An OSI layer 2 network device on the edge of a network such as a SAN is configured to replace the original source address of traffic entering the network with a known identifier or address, which is used to signify that entry point as the traffic source to the other nodes of the network. Nodes of the network recognize the new source address as a valid source address. The network device also maintains state (e.g., association of original source address with new source address/identifier) so as to translate addresses to enable reply traffic to be sent back to the original sender.

Abstract: A computer implemented method of allowing a device access to a network in a trusted network connect environment. Responsive to receiving a request from the device to access the network, a type of the device is determined. Responsive to determining the type of the device, a policy for the device is determined based on the type of the device. Responsive to determining the policy for the device based on the type of the device, determining whether an integrity of the device satisfies the policy. Responsive to determining that the device does not satisfy the policy, performing a remediation action on the device. Responsive to determining that the device satisfies the policy, allowing the device access to the network.

Abstract: A method of communicating with a remote site on a network by establishing different user personas respectively associated with different remote sites on the network, each user persona containing one or more attributes used in accessing the remote sites, and then accessing a specific one of the remote sites using the attributes in a specific one of the user personas that is associated with the specific remote site. The specific remote site can be associated with the specific user persona by a universal resource locator (URL), e.g., for web sites on the Internet, and the accessing is automatically performed in response to matching of the URL of the specific remote site to the URL associated with the specific user persona. A default persona can be used for any remote site having no specifically associated user persona.

Abstract: A system, apparatus and method that relate a real-time clock of a first computer system to a real-time clock of a second computer system are provided. When the first computer system is using files created by the second computer system, it requests that the second computer provides its current local time. The first computer records the time of the request, the time the response to the request is received as well as the requested current local time. Using these different recorded times, the first computer is able to compute a time difference (if any) between its real-time clock and the real-time clock of the second computer system.

Abstract: A mechanism for mutual authorization of a secondary resource in a grid of resource computers is provided. When a primary resource attempts to offload a grid computing job to a secondary resource, the primary resource sends a proxy certificate request to the user machine. Responsive to a proxy certificate request, the user machine performs authorization with the secondary resource. If authorization with the secondary resource is successful, the user machine generates and returns a valid proxy certificate. The primary resource then performs mutual authentication with the secondary resource. If the authorization with the secondary resource fails, the user machine generates and returns an invalid proxy certificate. Mutual authentication between the primary resource and the secondary resource will fail due to the invalid proxy certificate. The primary resource then selects another secondary resource and repeats the process until a resource is found that passes the mutual authorization with the user machine.

Abstract: Exemplary methods, systems, and products are described that operate generally by moving subroutine return address protection to the processor itself, in effect proving atomic locks for subroutine return addresses stored in a stack, subject to application control. More particularly, exemplary methods, systems, and products are described that write protect subroutine return addresses by calling a subroutine, including storing in a stack memory address a subroutine return address and locking, by a computer processor, the stack memory address against write access. Calling a subroutine may include receiving in the computer processor an instruction to lock the stack memory address. Locking the stack memory address may be carried out by storing the stack memory address in a protected memory lockword. A protected memory lockword may be implemented as a portion of a protected content addressable memory.

Abstract: Responding to an event at a server that supports workload partitions. An event is detected. The event is an activity that can degrade an ability of the server to function according to an intended purpose. The event is triggered by a communication from a client to the server. Responsive to detecting the event, a connection of the client to the server is temporarily suspended. A first workload partition is created. The connection is re-established between the client and the server. Responsive to re-establishing the connection, all data is routed from the client to the first workload partition. In an illustrative example, the event is allowed to continue on the first workload partition while forensic data is collected on the event.