Abstract: A mechanism is provided for blocking IP connection addresses and prefixes. Header information is extracted from an incoming connection request. A determination is made as to whether a portion of an Internet Protocol address comprised in the header information is blacklisted. Responsive to a portion of the Internet Protocol address being blacklisted, a fingerprint is generated, and a determination is made as to whether the fingerprint is blacklisted. Responsive to the fingerprint being blacklisted, the underlying physical connection is dropped; data associated with the incoming connection request is stored in a buffer, the fingerprint is associated to the incoming connection request; the incoming connection request is merged with stored blacklisted requests of a related originating system; and shared prefixes of the Internet Protocol address of the stored blacklisted requests are filtered out.

Abstract: A mechanism is provided for blocking IP connection addresses and prefixes. Header information is extracted from an incoming connection request. A determination is made as to whether a portion of an Internet Protocol address comprised in the header information is blacklisted. Responsive to a portion of the Internet Protocol address being blacklisted, a fingerprint is generated, and a determination is made as to whether the fingerprint is blacklisted. Responsive to the fingerprint being blacklisted, the underlying physical connection is dropped; data associated with the incoming connection request is stored in a buffer, the fingerprint is associated to the incoming connection request; the incoming connection request is merged with stored blacklisted requests of a related originating system; and shared prefixes of the Internet Protocol address of the stored blacklisted requests are filtered out.

Abstract: A mechanism is provided for secure data storage in a distributed computing system by a client of the distributed computing system. A gateway device intercepts a data file from at least a portion of stream data during transmission. If the destination of the data file is the storage, the gateway device selects a set of analysis algorithms to determine whether the data file comprises sensitive data.

Abstract: A mechanism is provided for secure data storage in a distributed computing system by a client of the distributed computing system. A gateway device intercepts a data file from at least a portion of stream data during transmission. If the destination of the data file is the storage, the gateway device selects a set of analysis algorithms to determine whether the data file comprises sensitive data.

Abstract: A mechanism is provided for secure data storage in a distributed computing system by a client of the distributed computing system. A gateway device intercepts a data file from at least a portion of stream data during transmission. If the destination of the data file is the storage, the gateway device selects a set of analysis algorithms to determine whether the data file comprises sensitive data.

Abstract: Embodiments include a method for delegating authentication for a web service to a delegatee. The delegation includes a request being detected at a delegation service from a web service for a first credential of a delegator. The first credential has authorization to access the web service. A request is detected from a delegatee having a second credential, at the delegation service, to use the web service with the first credential. The delegation service determines whether the second credential authorizes the delegatee to use the web service with the first credential. The delegation service authorizes access to the web service for use by the second credential of the delegatee with the first credential.

Abstract: Embodiments include a method for delegating authentication for a web service to a delegatee. The delegation includes a request being detected at a delegation service from a web service for a first credential of a delegator. The first credential has authorization to access the web service. A request is detected from a delegatee having a second credential, at the delegation service, to use the web service with the first credential. The delegation service determines whether the second credential authorizes the delegatee to use the web service with the first credential. The delegation service authorizes access to the web service for use by the second credential of the delegatee with the first credential.

Abstract: A mechanism is provided for secure data storage in a distributed computing system by a client of the distributed computing system. A gateway device intercepts a data file from at least a portion of stream data during transmission. If the destination of the data file is the storage, the gateway device selects a set of analysis algorithms to determine whether the data file comprises sensitive data.