Abstract: An approach is provided for securely authenticating an identity of a user participating in an electronic transaction. A request for a biometric identifier/security question is converted to a first Quick Response (QR) code. Based on user attributes and a request from the user's mobile device to a computer to initiate the transaction, the first QR code is disassembled into first and second portions. The first portion, but not the second portion, is sent to the mobile device. Responsive to the mobile device reassembling the first QR code, receiving and converting the biometric identifier/answer to the security question to a second QR code, disassembling the second QR code into first and second portions, and transmitting the first portion of the second QR code to the computer, the second QR code is reassembled. The transaction is authorized based on whether the biometric identifier/answer matches a data repository record.

Abstract: An approach is provided for securely authenticating an identity of a user participating in an electronic transaction. A request for a biometric identifier/security question is converted to a first Quick Response (QR) code. Based on user attributes and a request from the user's mobile device to a computer to initiate the transaction, the first QR code is disassembled into first and second portions. The first portion, but not the second portion, is sent to the mobile device. Responsive to the mobile device reassembling the first QR code, receiving and converting the biometric identifier/answer to the security question to a second QR code, disassembling the second QR code into first and second portions, and transmitting the first portion of the second QR code to the computer, the second QR code is reassembled. The transaction is authorized based on whether the biometric identifier/answer matches a data repository record.

Abstract: An approach is provided for managing a deployment of a software package. First and second quality assurance (QA) seals are determined to match exactly one QA seal and no QA seal, respectively, in a plurality of QA seals. First details about hardware, middleware, and applications required in a first environment, which are included in the first QA seal, are determined to match second details of the first environment. Based on the first QA seal matching exactly one QA seal and the first details matching the second details, the software package is determined to be compatible with the first environment and a notification is generated authorizing the deployment of the software package to the first environment. Based on the second QA seal not matching any of the plurality of QA seals, a notification is generated indicating that the deployment of the software package to a second environment is not authorized.

Abstract: A method for archival management of business processes in a cloud environment is provided. In one aspect, the method comprises archiving managed pool including one or more versions of a business process instance or business process execution in a cloud computing environment. The method further comprises a provisioning manager of the cloud computing environment that requests or tasks provisioning, deprovisioning, decommissioning or deleting the one or more versions of a business process instance or business process execution. For each of the requests or tasks, a restore manager of the cloud environment determines, if the managed pools of virtual instances contain a business process management environment or a business process archive manager environment. The restore manager further recreates a previous version of the one or more versions of the business process instance or business process execution based on the determination.

Abstract: A method of securing authentication of a user's identity is disclosed. The method comprises the steps of: an authentication program of an entity receiving initiation of a transaction from a user; the authentication program searching for associated information of the user; the authentication program choosing an authentication query requiring input from the user based on the associated information; the authentication program generating a visual code representing the authentication query; the authentication program splitting the visual code into pieces; and the authentication program sending each piece of visual code to the user via a separate communication channel. A method of securing authentication of a user's identity with an entity is also disclosed.

Abstract: An approach is provided for securely authenticating an identity of a user participating in an electronic transaction. A request is received from a mobile device to initiate the electronic transaction. Attributes of the user and request are received. A request is selected for a biometric identifier or a security question to authenticate the identity of the user. The request for the biometric identifier or security question is converted to a complete Quick Response (QR) code. Based on the user and request attributes, the complete QR code is disassembled into first and second portions by employing a disassembly algorithm. The first portion, but not the second portion, is sent to the mobile device, which prevents an entity other than the user and the enterprise from obtaining the request for the biometric identifier or security question by capturing network traffic that includes the electronic transaction.

Abstract: An approach is provided for securely authenticating an identity of a user participating in an electronic transaction. A request is received from a mobile device to initiate the electronic transaction. Attributes of the user and request are received. A request is selected for a biometric identifier or a security question to authenticate the identity of the user. The request for the biometric identifier or security question is converted to a complete Quick Response (QR) code. Based on the user and request attributes, the complete QR code is disassembled into first and second portions by employing a disassembly algorithm. The first portion, but not the second portion, is sent to the mobile device, which prevents an entity other than the user and the enterprise from obtaining the request for the biometric identifier or security question by capturing network traffic that includes the electronic transaction.

Abstract: An approach is provided for managing a deployment of a software package. A retrieved quality assurance (QA) seal corresponding to a software package is verified. A target deployment environment (TDE) is obtained. The QA seal is read to obtain first and second profiles, and metadata, which specify a deployment environment, hardware and software dependencies required in the deployment, and an approval for a release of the software package to the specified deployment environment, respectively. Based on a determination that the TDE matches the specified deployment environment, the QA seal indicates the software package is compatible with the TDE. The dependencies are determined to be satisfied. Based on the software package being compatible with the TDE, the dependencies being satisfied, and the specified approval for the release of the software package, a notification of an authorization of the deployment of the software package to the TDE is generated.

Abstract: Architecture that facilitates the virtual specification of a connection between physical endpoints. A network can be defined as an abstract connectivity model expressed in terms of the connectivity intent, rather than any specific technology. The connectivity model is translated into configuration settings, policies, firewall rules, etc., to implement the connectivity intent based on available physical networks and devices capabilities. The connectivity model defines the connectivity semantics of the network and controls the communication between the physical nodes in the physical network. The resultant virtual network may be a virtual overlay that is independent of the physical layer. Alternatively, the virtual overlay can also include elements and abstracts of the physical network(s). Moreover, automatic network security rules (e.g., Internet Protocol security-IPSec) can be derived from the connectivity model of the network.

Abstract: Methods and arrangements for enhancing a ticket relative to user interaction with a system. An information technology ticket related to user interaction with an information technology system is received, and a system trace is activated, wherein additional input related to the user interaction with the information technology system is accepted. Information derived from the trace of the information technology system is associated with the information technology ticket. Other variants and embodiments are broadly contemplated herein.

Abstract: An approach for modifying cloud application service levels based upon analysis of documents is provided. The approach performs automated ingestion of documents to determine criticality and needs of certain applications, and develops an understanding of existing cloud environments and service level agreements. The approach may further suggest or automatically reassign applications to the cloud infrastructure to meet the needs of an application.

Abstract: A method of securing authentication of a user's identity is disclosed. The method comprises the steps of: an authentication program of an entity receiving initiation of a transaction from a user; the authentication program searching for associated information of the user; the authentication program choosing an authentication query requiring input from the user based on the associated information; the authentication program generating a visual code representing the authentication query; the authentication program splitting the visual code into pieces; and the authentication program sending each piece of visual code to the user via a separate communication channel. A method of securing authentication of a user's identity with an entity is also disclosed.

Abstract: A method and system for enabling multiple users in a computing environment is provided. The method includes receiving software comprising an operating system, integrated development environment (IDE) software, middleware software, and database software. A virtual image instance of operating system, the IDE software, the middleware software, and the database software is provisioned to a virtual instance. User IDs for access to the operating system instance are generated. Workspaces are generated and associated with the user IDs. The middleware software and the database software are configured and the virtual image instance is enabled to accept multiple concurrent logins associated with the user IDs.

Abstract: An approach is provided for managing a deployment of a software package. A retrieved quality assurance (QA) seal corresponding to a software package is verified. A target deployment environment (TDE) is obtained. The QA seal is read to obtain first and second profiles, and metadata, which specify a deployment environment, hardware and software dependencies required in the deployment, and an approval for a release of the software package to the specified deployment environment, respectively. Based on a determination that the TDE matches the specified deployment environment, the QA seal indicates the software package is compatible with the TDE. The dependencies are determined to be satisfied. Based on the software package being compatible with the TDE, the dependencies being satisfied, and the specified approval for the release of the software package, a notification of an authorization of the deployment of the software package to the TDE is generated.

Abstract: An approach for modifying cloud application service levels based upon analysis of documents is provided. The approach performs automated ingestion of documents to determine criticality and needs of certain applications, and develops an understanding of existing cloud environments and service level agreements. The approach may further suggest or automatically reassign applications to the cloud infrastructure to meet the needs of an application.

Abstract: A method, system and a computer program product of a computer controlling delivery and access of electronic communications is provided which includes providing an electronic communication sender to include a security measure with respect to an electronic communication to be sent to at least one electronic communication account of at least one intended recipient, receiving and applying the electronic communication security measure to the electronic communication to be sent, sending the electronic communication with the security measure to at least one intended recipient, determining existence of one or more delegates of the electronic communication account of the at least one intended recipient and in response to the determination step, preventing the sent electronic communication with the security measure from view by the one or more delegate of the electronic communication account of the at least one intended recipient.

Abstract: A method and system for enabling multi-tenancy in a commerce server is provided. The method includes receiving software comprising an operating system, integrated development environment (IDE) software, commerce server middleware software, and database software. A virtual image instance of operating system, the IDE software, and the database software is provisioned to a virtual instance. User IDs for access to the operating system instance are generated. Workspaces are generated and associated with the user IDs. The commerce server middleware software is configured such that the user IDs, hosts, and ports are mapped to commerce server services associated with the commerce server middleware software. The database software is configured such that the virtual image instance is enabled to accept multiple concurrent logins associated with the user IDs.

Abstract: A method for product for archival management of business processes in a cloud environment is provided. In one aspect, the method comprises archiving managed pool including one or more versions of a business process instance or business process execution in a cloud computing environment. The method further comprises a provisioning manager of the cloud computing environment that requests or tasks provisioning, deprovisioining, decommissioning or deleting the one or more versions of a business process instance or business process execution. For each of the requests or tasks, a restore manager of the cloud environment determines, if the managed pools of virtual instances contain a business process management environment or a business process archive manager environment. The restore manager further recreates a previous version of the one or more versions of the business process instance or business process execution based on the determination.

Abstract: Methods and arrangements for enhancing a ticket relative to user interaction with a system. An information technology ticket related to user interaction with an information technology system is received, and a system trace is activated, wherein additional input related to the user interaction with the information technology system is accepted. Information derived from the trace of the information technology system is associated with the information technology ticket. Other variants and embodiments are broadly contemplated herein.

Abstract: In general, embodiments of the present invention provide an approach for providing a multi-tenant/customer partition group separator and securer in a shared cloud infrastructure (e.g., as an extension to DB2®, Label-Based Access Control (LBAC), and/or an independent tool). Among other things, embodiments of the present invention provide cloud administrators with an easy to use customizable, configurable security constraint builder/tool with a built-in multi-tenant/customer enabled security model. Moreover, embodiments of the present invention enable cloud administrators to set up, configure, and manage tenants/customers and their private shards with their own security constraints. The output of this tool greatly eases the time to create an invisible (e.g., software) wall of separation for multiple tenants/customers in a shared cloud infrastructure.