Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.

Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.

Abstract: A method and implementing computer system are provided in which a Quality Of Protection (QOP) indication is established in a tagged component for servers in a network domain. Each server may have one QOP setting associated with the server for inbound messages and another QOP setting associated with the server for outbound messages. In an exemplary embodiment, the QOP settings are contained in a list which may be updated to include additional QOPs which the server may be equipped to support.

Abstract: Identity token principal mapping, including receiving in a target system a CORBA message invoking a member method on the target system, the message including a security context including an identity token including an asserted identity, the identity token having an identity token type, the target system having an authentication type, and granting to the asserted identity, in dependence upon the authentication type and in dependence upon the identity token type, authorization privileges of a corresponding user account in the target system.

Abstract: A system and method for improved electronic security credentials is presented. A client sends a request to a server wherein the request includes a user's identity information. The server authenticates the user using the user's identity information, and creates an authentication credential. The server stores the user's identity information in the authentication credential in the same form as it was received. If the server determines that the request should be sent to a downstream server, the server creates a message and includes the user's identity information in the message. The continued propagation of the user's original identity information preserves the integrity of the user's identity on a server-by-server basis. Each server may map this information to a credential in a way that it chooses based upon the server's underlying authentication mechanism and mapping rules.

Abstract: Methods for mutual authentication between a client and a server, including providing to the client an object reference comprising a component identifying the server's client authentication protocol, establishing an SSL connection between the client and the server, including authenticating the server with the server's public key, and authenticating the client using the client authentication protocol identified in the component in the object reference.

Abstract: A system and method for concurrent security connections is presented. An association table is used that includes a list of active credentials. An active credential includes information such as user id and password information for a given domain. The active credential may also include dynamic data that is retrieved from a user, such as a pseudo-random code or a fingerprint scan. The active credential is sent to a domain, or the managing server of the domain, when domain access is requested. This access request does not involve the user of the client unless dynamic input data is requested.

Abstract: A method and implementing computer system are provided in which user alert signals are generated whenever an underlying display window in a multi-window display environment requires user attention. In one exemplary embodiment, the user is enabled to specify various preferred characteristics of the alert signals. The alert signals include audio signals, video signals and combinations of selected audio and visual signals. The user is further enabled to specify input an alert repeat interval to define an elapsed time between successive alert signals.

Abstract: A method for testing programming interfaces including application program interfaces and command line utilities. Each interface may be called from a loop instruction in a test instruction a number of times corresponding to a number of parameter sets which are needed to test each interface. The parameter sets are maintained in a separate data file and are retrieved for each call being made to an interface. One or more return value are included in the parameter set. The operating system generates one or more return values which are compared with the stored return value. A judgment is made based on the comparison of the stored return values and the programming interface-generated return value. When this comparison is not as expected, the return values are written to a file along with the parameter set which produced the unexpected comparison.