Abstract: A computer-implemented method for reducing cookie traffic in browser communication is provided. The method sends, by a browser to a domain, a first request resulting in a returned cookie. The returned cookie includes a category tag. The method adds the returned cookie to a set of cookies for the browser. The category tag of the returned cookie is added to a related category tag in a browser tag list. The method sends, by the browser to a server of the domain, a second request resulting in a returned list of required category tags. The method sends a selected cookie with a category tag relating to at least one required category tag of the list of required category tags for the server. The selected cookie is selected from the set of cookies and the category tag for the selected cookie occurs within the browser tag list.

Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.

Abstract: A method, a computer program product, and a system for distributing a private signature key between authorization instances. The method includes registering a plurality of authorization instances in a configuration file and generating host instance key pairs by each of the authorization instances. The method also includes storing the public host keys in the shared database and electing one of the authorization instances to be a signature key leader instance. The method includes generating, by the signature key leader instance, a signature key pair. The signature key pair includes a public signature key and a private signature key. The method also includes storing the public signature key in the shared database and transmitting an encrypted private signature key to a requesting authorization instance of the authorization instances. The method further includes decrypting the encrypted private signature key using the private host key generated by the requesting authorization instance.

Abstract: The present disclosure relates to a method for authentication with identity providers via a federating authorization server, wherein the federating authorization server has at least one interface to at least one identity provider. Each identity provider is configured to validate user identities using a respective validation method. The method comprises: receiving login data via a webpage, the login data indicating at least an identity provider and a user. The validation method of the indicated identity provider may be determined using the login data. An update of the content of the webpage may be caused for enabling the determined validation method. Identity information of the user may be provided via the updated webpage and verifying the identity information using the determined validation method.

Abstract: A method for automated network deployment of cloud services into a network is suggested. The method includes receiving a certain cloud service with a certain resource protection template specifying an isolation policy for isolating zones in the network, receiving certain customer protection parameters specifying customer needs regarding protection in the network, providing security requirements by matching the received resource protection templates and the received customer protection parameters, and automatically deploying the certain cloud service into the network by using the provided security requirements.

Abstract: A method for automated network deployment of cloud services into a network is suggested. The method includes receiving a certain cloud service with a certain resource protection template specifying an isolation policy for isolating zones in the network, receiving certain customer protection parameters specifying customer needs regarding protection in the network, providing security requirements by matching the received resource protection templates and the received customer protection parameters, and automatically deploying the certain cloud service into the network by using the provided security requirements.

Abstract: A method of coupling asynchronous process interaction between computer systems integrated within an overall system of interconnected systems includes receiving a set of information describing an invocation call for execution of a first process on a first system integrated within the overall system; correlating a first callback argument received upon completion of the first process that includes a first unique identifier for the first process generated by the first system with the set of information according to the first unique identifier for the first process; and sending a notification message to a callback endpoint in a second process implemented to receive notification upon completion of the first process by the first system indicating completion of the first process. The second process executing on a second system integrated within the overall system makes the invocation call. The set of information specifies the first unique identifier and the callback endpoint.

Abstract: One aspect of the present invention provides a workflow model to effectively respond to outage events within an IT infrastructure. This workflow model enables a combination of manual and automated processing to effectively deploy a flexible, plannable, and testable recovery to outages and problems encountered within IT infrastructure settings. In one embodiment, a shared processing context is created to accompany the operations of the workflow, thereby collecting useful data in one location related to events and status information during the outage and the outage response. Within the workflow, analysis of the outage event is performed, an appropriate recovery plan is selected, the selected recovery plan is implemented, and recovery to the outage event is completed. Data collected within the processing context can be analyzed to obtain post mortem analysis and continuous service improvements.

Abstract: A data processing method is disclosed. The data processing method comprises the step of receiving a request for a service interface description of a service from a client at a server, wherein the service is implemented via a first service endpoint at the server, and wherein the first service endpoint is associated with a first service endpoint interface description. In a further step, a given set of correlations is employed for the determination of service endpoints correlated with the first service endpoint with respect to the service, wherein each of the correlated service endpoints is associated with a service endpoint interface description. Furthermore the service interface description is generated by aggregating the first service endpoint interface description with the service endpoint interface descriptions of the correlated service endpoints and the service interface description is provided to the client.

Abstract: An apparatus and method provides visualization of IT resources that are exposed as WSDM resources. A management system with a console provides visibility and functionality for WSDM resources by employing a visualization mechanism that processes standardized visualization metadata that is sent from a WSDM resource. The visualization mechanism uses standardized information to enable the management system console to display a robust presentation of the resource without needing to update the management system and console code when new types of resources are added.

Abstract: A metadata file can be automatically generated based on a database instance and a user defined maximum depth. The relationships between data objects that constitute a business object may be visualized in a tree. The maximum depth limits the number of levels in the tree to traverse. A metadata file describes the structure of a business object and relationships between sets of data objects that constitute the business object. The structure defined in the metadata file can be used to export instances of the business object from the database. The exported business object instances can be imported to another database.

Abstract: The present invention relates to method and system for accessing a resource implemented in a computer network, wherein a plurality of different runtime environments exist used by either one of the resources or by a systems management application accessing one of the resources, wherein the different runtime environments require the usage of a web service resource framework comprising a plurality of respective different, runtime-specific web service standards.

Abstract: The present invention relates to the field of systems management on IT-resources using web services. An improved method proposes a single web service implementation which dynamically and automatically generates multiple WSDLs for respective multiple resource type classes. This implementation is model-agnostic, as it doesn't require any knowledge about the underlying model, be that a resource model, or any other model in question, and uses introspection of the applied model at the time of invocation for the dynamic WSDL generation. The state of the resource is maintained within the instrumentation of the resource. No additional persistence on top needs to be implemented. A single implementation of a low number of generic web services, basically only two, reduces implementation and maintenance efforts significantly.

Abstract: A metadata file can be automatically generated based on a database instance and a user defined maximum depth. The relationships between data objects that constitute a business object may be visualized in a tree. The maximum depth limits the number of levels in the tree to traverse. A metadata file describes the structure of a business object and relationships between sets of data objects that constitute the business object. The structure defined in the metadata file can be used to export instances of the business object from the database. The exported business object instances can be imported to another database.

Abstract: One aspect of the present invention provides a workflow model to effectively respond to outage events within an IT infrastructure. This workflow model enables a combination of manual and automated processing to effectively deploy a flexible, plannable, and testable recovery to outages and problems encountered within IT infrastructure settings. In one embodiment, a shared processing context is created to accompany the operations of the workflow, thereby collecting useful data in one location related to events and status information during the outage and the outage response. Within the workflow, analysis of the outage event is performed, an appropriate recovery plan is selected, the selected recovery plan is implemented, and recovery to the outage event is completed. Data collected within the processing context can be analyzed to obtain post mortem analysis and continuous service improvements.

Abstract: A method of coupling asynchronous process interaction between computer systems integrated within an overall system of interconnected systems includes receiving a set of information describing an invocation call for execution of a first process on a first system integrated within the overall system; correlating a first callback argument received upon completion of the first process that includes a first unique identifier for the first process generated by the first system with the set of information according to the first unique identifier for the first process; and sending a notification message to a callback endpoint in a second process implemented to receive notification upon completion of the first process by the first system indicating completion of the first process. The second process executing on a second system integrated within the overall system makes the invocation call. The set of information specifies the first unique identifier and the callback endpoint.

Abstract: An apparatus and method provides visualization of IT resources that are exposed as WSDM resources. A management system with a console provides visibility and functionality for WSDM resources by employing a visualization mechanism that processes standardized visualization metadata that is sent from a WSDM resource. The visualization mechanism uses standardized information to enable the management system console to display a robust presentation of the resource without needing to update the management system and console code when new types of resources are added.

Abstract: The present invention relates to method and system for accessing a resource implemented in a computer network, wherein a plurality of different runtime environments exist used by either one of the resources or by a systems management application accessing one of the resources, wherein the different runtime environments require the usage of a web service resource framework comprising a plurality of respective different, runtime-specific web service standards.

Abstract: A data processing method is disclosed. The data processing method comprises the step of receiving a request for a service interface description of a service from a client at a server, wherein the service is implemented via a first service endpoint at the server, and wherein the first service endpoint is associated with a first service endpoint interface description. In a further step, a given set of correlations is employed for the determination of service endpoints correlated with the first service endpoint with respect to the service, wherein each of the correlated service endpoints is associated with a service endpoint interface description. Furthermore the service interface description is generated by aggregating the first service endpoint interface description with the service endpoint interface descriptions of the correlated service endpoints and the service interface description is provided to the client.

Abstract: The present invention relates to performing systems management on IT-resources using web services, wherein the resources are managed in a computational network within a plurality of runtime environments having different respective instrumentations, wherein the web services are implemented according to a public web service standard, and wherein a resource configuration database is provided for storing a collection of resource-specific data on said IT-resources.