Abstract: A method, system and program product for assigning a resource to a client in a collaborative environment. The method includes defining, using a tool, a threshold value for collaborative attributes for each resource responding to one or more clients and calculating on a periodic basis, using the tool, an updated value for the collaborative attributes for each resource. The method further includes comparing, upon receipt of a collaboration request, the updated value with the threshold value defined for collaborative attributes for a first resource and, if the updated value is less than the threshold value for the first resource, connecting the client to the first resource for establishing a collaborative session. If not, repeating comparing the updated value with the threshold value for the collaborative attributes defined for a next resource and connecting the client to the next resource whose updated value is less than the threshold value.

Abstract: A method, system and computer-usable medium for terminating an in-progress voicemail and immediately connecting callers to each other based on identity. A telephone system can be enabled to detect that a calling party (e.g., subscriber “A”) receives no answer from a called party (e.g., subscriber “B”) and if the calling party is a current voicemail recipient from the called party then the voicemail message can be discarded by the telephone system. Such an approach enables an immediate connection between the calling party and the called party to each other by a call switching component. The incomplete voicemail message in the voicemail system is automatically discarded. A command to discard and/or erase the voicemail message can be predetermined by the telephone system.

Abstract: An embodiment of the invention includes a method for detecting fraudulent use in a conference calling system. A threshold period is received, wherein the threshold period indicates the maximum allowable time period for a participant of a conference call to enter the conference call prior to the entry of the moderator of the conference call. A monitor detects the entry of the moderator into the conference call and entry of the participants into the conference call. A waiting period is determined for one or more of the participants, wherein the waiting period represents the time period between the entry of the moderator and the entry of the participant. A processor compares the waiting period to the threshold period. If the threshold period exceeds the waiting period, the conference call is allowed to continue. In at least one embodiment, actions are performed with the processor if the waiting period exceeds the threshold period.

Abstract: Illustrative embodiments provide a computer implemented method, a data processing system and a computer program product for a predictive mobile phone service disruption service. In one illustrative embodiment, the computer implemented method comprises monitoring a cellular call of a caller, calculating a location and vector of the caller, and determining whether the caller is approaching a drop zone. The computer implemented method responsive to determining the caller is approaching a drop zone, estimates a duration of a loss of service, and responsive to determining the caller is approaching a drop zone, selectively notifying the caller.

Abstract: An embodiment of the invention includes a method for detecting fraudulent use in a conference calling system. A threshold period is received, wherein the threshold period indicates the maximum allowable time period for a participant of a conference call to enter the conference call prior to the entry of the moderator of the conference call. A monitor detects the entry of the moderator into the conference call and entry of the participants into the conference call. A waiting period is determined for one or more of the participants, wherein the waiting period represents the time period between the entry of the moderator and the entry of the participant. A processor compares the waiting period to the threshold period. If the threshold period exceeds the waiting period, the conference call is allowed to continue. In at least one embodiment, actions are performed with the processor if the waiting period exceeds the threshold period.

Abstract: An embodiment of the invention includes a method for detecting fraudulent use in a conference calling system. One or more access parameters are received, wherein the access parameters include an authorized day of week parameter, an authorized time of day parameter, and/or an authorized location parameter. One or more requests to access the conference calling system are received, wherein each request includes a user passcode and one or more request parameters. A processor determines whether the request parameters match the access parameters. Access to the conference calling system is granted when the request parameters match the access parameters; however, the processor performs actions when a request parameter does not match an access parameter.

Abstract: An embodiment of the invention provides a method for detecting fraudulent use of a moderator passcode in a conference calling system. The method sets a threshold number of moderator passcodes permitted in a conference call. The total number of moderator passcodes entered into the conference call is determined and compared to the threshold number with a processor. The conference call is allowed to continue if the threshold number exceeds the total number of moderator passcodes entered into the conference call. If, however, the total number of moderator passcodes exceeds the threshold number of moderator passcodes, the processor performs validation actions and/or alert actions.

Abstract: An embodiment of the invention includes a method for detecting fraudulent use in a conference calling system. One or more time duration thresholds are received for a conference call. The conference call is monitored to determine an attendee duration, a participants duration, and/or a conference call duration. The attendee duration represents the call duration of an attendee of the conference call; the participants duration represents the total call duration of all of the attendees combined; and, the conference call duration represents the call duration of the conference call. The time duration thresholds are compared to the attendee duration, participants duration, and/or conference call duration. Actions are performed by a processor if the attendee duration, participants duration, and/or conference call duration exceeds the time duration thresholds.

Abstract: An embodiment of the invention includes a method for detecting fraudulent use in a conference calling system. An authorized device registry is created in an electronic database, wherein the authorized device registry identifies one or more authorized devices permitted to access the conference calling system. A request to access the conference calling system is received from a device; and, a processor determines whether the device is included in the authorized device registry. If the device is included in the authorized device registry, the device is granted access to the conference calling system. If the device is not included in the authorized device registry, however, are performed by the processor.

Abstract: System method and program for controlling access to a VLAN via a port of a VLAN switch system. In response to receipt of a message packet at the port, the switch system determines if a MAC address of the packet matches a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. The MAC address of the packet does not match a MAC address for which the port has been programmed to recognize as a MAC address of a device authorized to communicate with the port. In response, the switch system blocks the packet if a rate of ill-formed packets and/or packets from an unrecognized MAC address exceeds a threshold pass rate. The threshold pass rate can be adjusted based on the rate of change of receipt of ill-formed packets and/or packets from an unrecognized MAC address.

Abstract: A system and method for an end user to change the operation of a data flow filter mechanism, such as a firewall, that operates to control data flows between a plurality of protected computing devices and one or more non-protected computing devices. With the system and method, an administrator of a sub-network of computing devices may set a client computing device's scope of rules/policies that may be changed by a user of the client computing device, with regard to a data flow filter mechanism. The user of the client computing device, or the client computing device itself, may then log onto the data flow filter mechanism and modify the operation of the data flow filter mechanism within the limits established by the administrator.

Abstract: A method and system for using business rules to control invitations to participate in instant message (IM) collaborations. A primary invitee is invited to participate in an IM collaboration via a first IM. A business rule associated with the primary invitee is applied to determine that the primary invitee is unavailable to participate in the IM collaboration. A second IM is sent to automatically invite a backup invitee to participate in the IM collaboration. In another embodiment, a primary invitee with credentials specified by a business rule is to be invited to an IM collaboration at a specified time. An application of the business rule determines that the specified time is outside a valid invitation time period or the primary invitee's credentials are not included in a set of predefined credentials. Following the application of the business rule, a backup invitee is invited.

Abstract: A method for determining the entry point of an attack by a vandal such as a hacker upon a device such as a computer or a server such as a web server that operates under the protection of an intrusion detection system. Intrusion detection information regarding the attack and network information regarding the attack are correlated, and the entry point of the attack thereby deduced. In one embodiment, a source address of a message representative of the attack is found in a router table of a router that provides a connection supporting the attack. Logical ports of the connection are determined, and the corresponding physical ports found, thereby identifying the attack's entry point into the protected device.

Abstract: Method, system, and program product for port based authentication protocols where addresses are dynamically assigned within a network environment, and more particularly to port based authentication in the network environment, where connection information is captured and stored. This facilitates administrator access to information created as a result of protocol exchanges involved in dynamic address assignment, authentication, and connection.

Abstract: A computer implemented method, a computer program product, and a data processing system inform a teleconference participant that a person-of-interest has become active within the teleconference. A user is identified. A person-of-interest, an alert condition, and a notification method are received from the user. The identification, the alert condition, and the notification method are then stored in a person-of-interest data structure. When a user connects to a teleconference, the person-of-interest data structure is retrieved. The teleconference is then monitored for the occurrence of the alert condition. Upon the occurrence of the alert condition, the notification is delivered to the user according to the notification method.

Abstract: Method and apparatus for protecting a data processing system such as an Internet server from attack by a vandal who uses an offensive vulnerability scanner to find an externally visible vulnerability of the data processing system. The method includes determining an externally visible vulnerability using a defensive vulnerability scanner, configuring an intrusion detection system to detect a network flow associated with the vulnerability, and blocking that flow by a firewall or a router. The apparatus includes a defensive vulnerability scanner that finds an externally visible vulnerability and provides a description of the vulnerability, an intrusion detection system that detects a network flow that satisfies the description, and a firewall or a router that blocks the flow responsive to detection of the flow by the intrusion detection system.

Abstract: A method, system and program product for assigning a resource to a client in a collaborative environment. The method includes defining, using a tool, a threshold value for collaborative attributes for each resource responding to one or more clients and calculating on a periodic basis, using the tool, an updated value for the collaborative attributes for each resource. The method further includes comparing, upon receipt of a collaboration request, the updated value with the threshold value defined for collaborative attributes for a first resource and, if the updated value is less than the threshold value for the first resource, connecting the client to the first resource for establishing a collaborative session. If not, repeating comparing the updated value with the threshold value for the collaborative attributes defined for a next resource and connecting the client to the next resource whose updated value is less than the threshold value.

Abstract: A method of operating an intrusion detection system. The system determines occurrence of a signature event indicative of a denial of service intrusion on a protected device. A value of a signature event counter is increased. The value of the signature event counter is adjusted to not include a count of signature events past a sliding window. The value of the signature event counter is determined to exceed a signature threshold quantity, followed by generation of an alert at a time subsequently recorded in a log. The log is cleared of entries past a permissible age. A present alert generation rate is determined as a ratio of the total number of timestamps in the log to the permissible age. The present alert generation rate is ascertained to exceed an alert generation rate threshold. A selected element of the signature set is altered to decrease the alert generation rate.

Abstract: Computer system, method and program product for facilitating a chat session. An icon or a definition of the icon and a corresponding intelligent agent program are received at a workstation. In response, the workstation displays the icon in a chat session window. A selection of the icon is received during the chat session. In response, the workstation invokes the intelligent agent program. In response, the intelligent agent program obtains information about the workstation or information about a participant in the chat session at the workstation and automatically renders the information in the chat session at the workstation. In response to a request to send the rendered information to other participants in the chat session at other workstations, the rendered information is automatically sent to the other participants in the chat session at the other workstations.

Abstract: A method and system for improving control of an instant messaging system. Multiple instant message (IM) instances are initiated with identical credentials of a user of multiple users participating in an IM session controlled by an IM server. A front-of-screen representation enables the user to manage instance attributes and allows any user to view conversational connectivity information. The IM server receives the user's selection of a graphical element that represents a remote IM instance of the multiple IM instances. Via the first IM instance, the IM server receives the user's request for a computing device to perform an action that includes an interaction with the remote IM instance. The computing device performing the action is located remotely from the user and is executing the remote IM instance. The action is performed by controlling a remote system function of the computing device.