Abstract: A method of administering a shared pool of computer system resources by a control node by monitoring a first cluster with a first and second node and a second cluster with a third and fourth node. The method also includes maintaining, by the first cluster, a record of parameters and maintaining, by the second cluster, a record of parameters. The method also includes monitoring, by the control node, a database of the records. The method also includes determining, by the control node, whether the parameter associated with write traffic between the first and third node exceeds a threshold value, and responsive to the parameter exceeding the threshold value, instructing, by the control node, the second node to be a responding node. The method also includes notifying a user to check the computer system resources when the parameter exceeds the threshold value.

Abstract: A computing device determines that an electronic message entered by a sender user for a recipient user includes an emoji character. The computing device determines a replacement emoji character that is more culturally relevant to the recipient user than the emoji character entered by the sender user is. The computing device replaces the emoji character entered by the sender user with the replacement emoji character that has been determined, within the electronic message. The computing device may be the computing device of the sender user, or the computing device of the recipient user.

Abstract: A computer implemented method, data processing system, and computer program product for monitoring system events and providing real-time response to security threats. System data is collected by monitors in the computing system. The expert system of the present invention compares the data against information in a knowledge base to identify a security threat to a system resource in a form of a system event and an action for mitigating effects of the system event. A determination is made as to whether a threat risk value of the system event is greater than an action risk value of the action for mitigating the system event. If the threat risk value is greater, a determination is made as to whether a trust value set by a user is greater than the action risk value. If the trust value is greater, the expert system executes the action against the security threat.

Abstract: A computer implemented method, apparatus, and computer usable program code to detect an indication that a conversation between users in an instant messaging system should be saved. Endpoints and keyword data are extracted from the conversation in response to detecting the indication. An abstract generating from the endpoints and keyword data. The conversation is stored in association with the abstract.

Abstract: A method, apparatus, and computer usable program code to receive a request from a user to access a network to form a received request, wherein the received request contains encrypted access information encrypted by a hardware security module on a client data processing system using a first key. The decryption of the encrypted access information occurs using the second key associated with the first key to form the decrypted information. An authorization process is performed using the decrypted information. The user is allowed access to the resource if the authorization process is successful.

Abstract: Exemplary methods, systems, and products are described that operate generally by moving subroutine return address protection to the processor itself, in effect proving atomic locks for subroutine return addresses stored in a stack, subject to application control. More particularly, exemplary methods, systems, and products are described that write protect subroutine return addresses by calling a subroutine, including storing in a stack memory address a subroutine return address and locking, by a computer processor, the stack memory address against write access. Calling a subroutine may include receiving in the computer processor an instruction to lock the stack memory address. Locking the stack memory address may be carried out by storing the stack memory address in a protected memory lockword. A protected memory lockword may be implemented as a portion of a protected content addressable memory.

Abstract: The present invention provides a system and method for automatically hiding sensitive information, obtainable from a process table, from other processes that should not access the sensitive information. The system and method include a sensitive command attribute table that is used by a system administrator to designate the commands and command attributes that will typically be associated with sensitive information. The sensitive command attribute table is used when a command is entered that requests information from the process table to be displayed or output. In response, a search of the process table entries is made to determine if a command and/or its attribute in the process table matches an entry in the sensitive command attribute table. If so, the command, its attributes, and/or its attribute values are blanked from the output of the process table information.

Abstract: A method, apparatus, and computer instructions for authorizing a user to access resources on a data processing system. A request to access resources on the data processing system is received. This request includes a certificate for use in authenticating the user making the request. An authentication process is performed using the certificate. If the user is authenticated, a determination is made as to whether an authorizing agent is specified in the certificate. A mapping for the user is requested from the authorizing agent, if the authorizing agent is specified in the certificate. The user is mapped to a local user on the data processing system using the mapping, in response to receiving the mapping for the user, wherein the user accesses resources on the data processing system as the local user. If an authorizing agent is not specified, the user is denied access to the resources.

Abstract: A user device initiates a network access authentication operation via a network access device with a network access authentication server, e.g., a Remote Authentication Dial-In User Service (RADIUS) server, which also generates an X.509 proxy certificate and includes the proxy certificate with the information, such as a set of network access parameters, that is returned to the user device in response to a successful completion of the network access authentication operation. The user device extracts and stores the proxy certificate. The network access parameters are used by the user device to communicate via the network access device on a network, which supports a grid. When the user device accesses a resource in the grid, the proxy certificate is already available, thereby obviating the need to generate a new proxy certificate and allowing a user of the user device to experience an integrated single-sign-on for network access and grid access.