Abstract: Some implementations of the disclosed systems, apparatus, methods and computer program products may provide for chatbots configured to perform tasks requiring end user identification on behalf of users. Such a chatbot may be authenticated through tokens with custom claims. The custom claims may include identifying or authenticating tokens received by the chatbot or server system and the chatbot may create and/or provide such tokens for authentication. The custom claim may be configured to provide user identifying data, allowing for the chatbot to be provided with end user credentials. Accordingly, chatbots may be utilized to perform sensitive tasks that require user credentials while continuing to provide security for users.

Abstract: Systems and methods for role-based access control to computing resources are presented. In an example embodiment, a request to perform a type of access of a computing resource is received via a communication network from a process executing on a client device. Using a data store storing process identifiers and associated access control information, access control information associated with the requesting process is identified based on a process identifier of the requesting process. Based on the access control information associated with the requesting process, a determination is made whether the requesting process is allowed to perform the requested type of access of the computing resource. The request is processed based on the requesting process being allowed to perform the requested type of access of the computing resource.

Abstract: Systems and methods for role-based access control to computing resources are presented. In an example embodiment, a request to perform a type of access of a computing resource is received via a communication network from a process executing on a client device. Using a data store storing process identifiers and associated access control information, access control information associated with the requesting process is identified based on a process identifier of the requesting process. Based on the access control information associated with the requesting process, a determination is made whether the requesting process is allowed to perform the requested type of access of the computing resource. The request is processed based on the requesting process being allowed to perform the requested type of access of the computing resource.

Abstract: Provided are a system and method for routing messages in a multi-tenant cloud computing environment based on digital certificates. In one example, a server includes a network interface configured to receive a request and a digital certificate from a network object, where the digital certificate includes a plurality of attributes. The server also includes a processor configured to determine whether the digital certificate is valid, and in response to determining the digital certificate is valid, detect tenant information from an attribute among the plurality of attributes included in the digital certificate. For example, the detected tenant information may identify a tenant of the multi-tenant cloud computing environment. The network interface may be further configured to transmit the request to the multi-tenant cloud computing environment based on the detected tenant information.

Abstract: Systems and methods for role-based access control to computing resources are presented. In an example embodiment, a request to perform a type of access of a computing resource is received via a communication network from a process executing on a client device. Using a data store storing process identifiers and associated access control information, access control information associated with the requesting process is identified based on a process identifier of the requesting process. Based on the access control information associated with the requesting process, a determination is made whether the requesting process is allowed to perform the requested type of access of the computing resource. The request is processed based on the requesting process being allowed to perform the requested type of access of the computing resource.

Abstract: A credentials database that includes a first credentials locker with a first path defining the location of the first locker, and a second credentials locker. An application program is executed and the application program is a computer program that has direct interaction with a user. A first service program and a second service program are executed, and the first service program and the second service program do not have direct interaction with the user. The first service program is called by the application program, and the second service program is called by the first service program. The first service program uses security credentials to request and obtain data from the second service program, and the second service program. The first service program always has access to and is able to obtain the current credentials.

Abstract: An authentication system receives an authentication request from a client device. The authentication request includes a unique token assigned to the device that has been encrypted using a private key. In response to receiving the request, the authentication system verifies, based on the unique token received in the authentication request, that the device is registered with the authentication system, and accesses, from a blockchain, integrity measurement information for the device. The integrity measurement information was previously generated in connection with the device. The authentication system generates an access token for the device factoring in the integrity measurement information, and provides the access token to the device. The access token provides the device with access to at least a first service.

Abstract: A credentials database that includes a first credentials locker with a first path defining the location of the first locker, and a second credentials locker. An application program is executed and the application program is a computer program that has direct interaction with a user. A first service program and a second service program are executed, and the first service program and the second service program do not have direct interaction with the user. The first service program is called by the application program, and the second service program is called by the first service program. The first service program uses security credentials to request and obtain data from the second service program, and the second service program. The first service program always has access to and is able to obtain the current credentials.

Abstract: Systems and methods for role-based access control to computing resources are presented. In an example embodiment, a request to perform a type of access of a computing resource is received via a communication network from a process executing on a client device. Using a data store storing process identifiers and associated access control information, access control information associated with the requesting process is identified based on a process identifier of the requesting process. Based on the access control information associated with the requesting process, a determination is made whether the requesting process is allowed to perform the requested type of access of the computing resource. The request is processed based on the requesting process being allowed to perform the requested type of access of the computing resource.

Abstract: Multiple blockchains have block data strictures with different event granularities. A first blockchain adds blocks according to a data structure with high event granularity. A second blockchain adds a block digest according to a data structure with low event granularity. The block digest is a digest of the blocks added to the first blockchain.

Abstract: Provided are a system and method for routing messages in a multi-tenant cloud computing environment based on digital certificates. In one example, a server includes a network interface configured to receive a request and a digital certificate from a network object, where the digital certificate includes a plurality of attributes. The server also includes a processor configured to determine whether the digital certificate is valid, and in response to determining the digital certificate is valid, detect tenant information from an attribute among the plurality of attributes included in the digital certificate. For example, the detected tenant information may identify a tenant of the multi-tenant cloud computing environment. The network interface may be further configured to transmit the request to the multi-tenant cloud computing environment based on the detected tenant information.

Abstract: A system and method for tracking conversations is disclosed. The method includes receiving an alert, the alert comprising operation information of a machine, determining a user for the alert, determining a first communication medium for a notification message, transmitting the notification message to the user via the first communication medium, the notification message comprising the operation information, storing a record of the notification message in a database in association with a conversation identification, receiving a command message from the user via a second communication medium different from the first communication medium, the command message comprising an instructional command for the machine, transmitting the command message to a control unit of the machine, the control unit being configured to control an operation of the machine based on the instructional command, and storing a record of the command message in the database in association with the conversation identification.