Abstract: An automated method for checking the adequacy of security in a distributed computing environment (DCE) consisting of a client and a server(s). The method comprises of first loading a DCE security tool on the DCE server/client machine. The security is a software application which instantiates the security checks of the invention. The DCE security tool is executed on the DCE by entering an executable command on the client or the server. This causes the DCE security tool to automatically search for security violations or warnings and output a resulting report with any violation or warning found.

Abstract: A vulnerability checking tool for a host computer designed to examine security logs of attempted logins and revocations, to detect systematic attacks of a wide variety, and to generate a report file that can be examined for information concerning these types of events. Host computer files which contain data regarding attempted accesses and logins are used to create an event list based upon event criteria. The list is evaluated using a “floating period” time frame which advances by single event steps while no violation is detected within a particular floating period, and which advances by “jumps” when violations are detected in a time period so as to reduce the possibility of “over reporting” violations related to the same set of events.

Abstract: A data processing system, method, and program are described for monitoring the security of an operating system being executed by the data processing system. A plurality of security requirements are established for utilizing the operating system. A plurality of system parameters are established. And, a plurality of user values are established for each user of the operating system. A determination is made regarding whether each of the plurality of security requirements is met. This determination is made utilizing the plurality of system parameters and the plurality of user values for each user of the operating system. The operating system is deemed to be secure when all of the plurality of security requirements are met. A notice of a security breach is generated in response to a determination that one or more of the plurality of security requirements is not met. A suggested correction is provided for correcting the security breach.

Abstract: A tool for checking storage management system security settings which accesses one or more security parameters, compares them to security policies, rules, and allowable values, and reports noncompliant settings via a user-readable report. A set of automatic correction rules may be employed to automatically modify noncompliant settings to bring them into compliance, which actions may also be reported in the user-readable report.

Abstract: A unified network address database for recording network addresses for both internally accessible (e.g. intranet) and externally accessible (e.g. Internet) sites, servers and resources, including ownership information and authorization policies. A system for accessing the address database is provided to allow a user access to the contents according to the user's defined privileges.

Abstract: A system and method to facilitate development, installation, support and maintenance of international versions of application programs and support tools. Language-specific user interface (UI) messages are placed into a message file which is compiled to produce a message source code file and a message definitions and symbols file. The application source code is modified or originally developed to utilize the functions provided by the message source code file, and a language-specific unified application executable program is created by compiling and linking. This language-specific executable program can then be installed on an end users computer without necessity of installing related resource or message catalog files, and without necessity of properly setting environment variables. Application programs for users in alternate languages are produced by translating the message file, and repeating the compiling and linking steps, without need to modify the application source code.

Abstract: A vulnerability checking tool for a host computer designed to examine security logs of attempted logins and revocations, to detect systematic attacks of a wide variety, and to generate a report file that can be examined for information concerning these types of events. Host computer files which contain data regarding attempted accesses and logins are used to create an event list based upon event criteria. The list is evaluated using a “floating period” time frame which advances by single event steps while no violation is detected within a particular floating period, and which advances by “jumps” when violations are detected in a time period so as to reduce the possibility of “over reporting” violations related to the same set of events.

Abstract: A method and system for providing a single access point for the resources of application programs distributed within a network. The single access point is provided via a master object comprising an application identification list and a plurality of application procedure interfaces. Each of the application programs has an associated agent for managing the resources of the associated application program. These agents manage the resources using a subset of the plurality of application procedure interfaces of the master object. The application identification list of the master object is used for storing the binding handle of the agent as well as the identification for the associated application. A client or user accesses the resources of a particular application program by specifying the identification of the application program and the required action to be taken by the application program to the master object.