Abstract: A method, system, and computer program product for the prioritization of code execution. The method includes accessing a thread in a context containing a set of code instances stored in memory; identifying sections of the set of code instances that correspond to deferrable code tasks; executing the thread in the context; determining that the thread is idle; and executing at least one of the deferrable code tasks. The deferrable code task is executed within the context and in response to determining that the thread is idle.

Abstract: A source code search comprises a two-pass search. The first pass comprises a topological measure of similarity. The second pass comprises a semantic measure of similarity. The query source code is a user-selected portion of source code. The results may be ranked and output to an I/O device.

Abstract: A computer implemented method for managing a network intrusion is disclosed. The method can include monitoring, by an intrusion management system, a set of nodes of a computer network. The method can also include determining a node workload for the set of nodes. Further, the method can include classifying an intrusion signature for the network intrusion. Classifying the intrusion signature can be performed in response to detecting a network intrusion related to the set of nodes. The method can include determining a response for managing a security vulnerability of the set of nodes based on the node workload and the intrusion signature. The method can also include instantiating, by the intrusion management system, the response to the set of nodes.

Abstract: Source code for a function of a computer program is compiled by compilers to generate executable code variants for the function according to different optimization approaches. Each executable code variant is executable on a same processor architecture. A binary file for the computer program is constructed that includes each executable code variant. At runtime of the binary file, one of the executable code variants is selected for the function. The selected executable code variant is used during execution of the computer program, until execution is halted.

Abstract: A source code search comprises a two-pass search. The first pass comprises a topological measure of similarity. The second pass comprises a semantic measure of similarity. The query source code is a user-selected portion of source code. The results may be ranked and output to an I/O device.

Abstract: A method, system, and computer program product for the prioritization of code execution. The method includes accessing a thread in a context containing a set of code instances stored in memory; identifying sections of the set of code instances that correspond to deferrable code tasks; executing the thread in the context; determining that the thread is idle; and executing at least one of the deferrable code tasks. The deferrable code task is executed within the context and in response to determining that the thread is idle.

Abstract: An approach is provided in which a computer system generates a current hash value of a computer program in response to receiving a request to execute the computer program. Next, the computer system determines that the current hash value fails to match a reference hash value that was previously generated subsequent to installing the computer program on the computer system. Since the two hash values do not match each other, the computer system matches the current hash value to an updated hash value that was previously generated in response to modifying the computer program on the computer system. In turn, the computer system executes the computer program when the current hash value matches the updated hash value.

Abstract: Embodiments of the invention relate to implementation of an intermediate trusted state of an electronic account based upon questionable account communication(s). A profile of malicious or unauthorized activity is created, and a profile of account activity is created. As account activity takes place, the activity is assessed against one or both of the profiles to statistically determine if the activity resembles that associated with malicious or unauthorized intent. The state of the account is placed in the intermediate trusted state if the activity statistically matches the unauthorized activity profile. An authentication activity enables the trusted state to be removed and for the account activity to resume.

Abstract: A computer implemented method for managing a network intrusion is disclosed. The method can include monitoring, by an intrusion management system, a set of nodes of a computer network. The method can also include determining a node workload for the set of nodes. Further, the method can include classifying an intrusion signature for the network intrusion. Classifying the intrusion signature can be performed in response to detecting a network intrusion related to the set of nodes. The method can include determining a response for managing a security vulnerability of the set of nodes based on the node workload and the intrusion signature. The method can also include instantiating, by the intrusion management system, the response to the set of nodes.

Abstract: Embodiments of the invention relate to implementation of an intermediate trusted state of an electronic account based upon questionable account communication(s). A profile of malicious or unauthorized activity is created, and a profile of account activity is created. As account activity takes place, the activity is assessed against one or both of the profiles to statistically determine if the activity resembles that associated with malicious or unauthorized intent. The state of the account is placed in the intermediate trusted state if the activity statistically matches the unauthorized activity profile. An authentication activity enables the trusted state to be removed and for the account activity to resume.

Abstract: A method which controls modification of passwords. An end user designates, in advance, a universe of social media contacts such as friends on social media web sites such as Facebook and LinkedIn. Contacts so identified are used as a set of potential identity verifiers. In order to enable a reset or modification of an account password, a subset of the universe is required to assert that they have verified the identity of the user requesting to reset a password. Such verification can be accomplished by varying means by those to whom an inquiry has been directed.

Abstract: Apparatus which control modification of passwords by implementing a procedure by which end user designates, in advance, a universe of social media contacts such as friends on social media web sites such as Facebook and Linkedln. Contacts so identified are used as a set of potential identity verifiers. In order to enable a reset or modification of an account password, a subset of the universe is required to assert that they have verified the identity of the user requesting to reset a password. Such verification can be accomplished by varying means by those to whom an inquiry has been directed. Te apparatus may be in the form of a computer system or a computer readable storage medium.

Abstract: A method which controls modification of passwords. An end user designates, in advance, a universe of social media contacts such as friends on social media web sites such as Facebook and LinkedIn. Contacts so identified are used as a set of potential identity verifiers. In order to enable a reset or modification of an account password, a subset of the universe is required to assert that they have verified the identity of the user requesting to reset a password. Such verification can be accomplished by varying means by those to whom an inquiry has been directed.

Abstract: Apparatus which control modification of passwords by implementing a procedure by which end user designates, in advance, a universe of social media contacts such as friends on social media web sites such as Facebook and LinkedIn. Contacts so identified are used as a set of potential identity verifiers. In order to enable a reset or modification of an account password, a subset of the universe is required to assert that they have verified the identity of the user requesting to reset a password. Such verification can be accomplished by varying means by those to whom an inquiry has been directed. The apparatus may be in the form of a computer system or a computer readable storage medium.

Abstract: A host machine provisions a virtual machine from a catalog of stock virtual machines. The host machine instantiates the virtual machine. The host machine configures the virtual machine, based on customer inputs, to form a customer's configured virtual machine. The host machine creates an image from the customer's configured virtual machine. The host machine unwraps a sealed customer's symmetric key to form a customer's symmetric key. The host machine encrypts the customer's configured virtual machine with the customer's symmetric key to form an encrypted configured virtual machine. The host machine stores the encrypted configured virtual machine to non-volatile storage.

Abstract: A method and system are provided to classify and convey data to satisfy a client request. The classification system is a two dimensional data classification system, including a first dimension pertaining to subject matter and a second dimension pertaining to data security. A partition is dynamically created, and data that satisfies the request populates the created partition to convey parsed data based satisfying both dimensions of the request.

Abstract: A host machine provisions a virtual machine from a catalog of stock virtual machines. The host machine instantiates the virtual machine. The host machine configures the virtual machine, based on customer inputs, to form a customer's configured virtual machine. The host machine creates an image from the customer's configured virtual machine. The host machine unwraps a sealed customer's symmetric key to form a customer's symmetric key. The host machine encrypts the customer's configured virtual machine with the customer's symmetric key to form an encrypted configured virtual machine. The host machine stores the encrypted configured virtual machine to non-volatile storage.

Abstract: A method and system are provided to classify and convey data to satisfy a client request. The classification system is a two dimensional data classification system, including a first dimension pertaining to subject matter and a second dimension pertaining to data security. A partition is dynamically created, and data that satisfies the request populates the created partition to convey parsed data based satisfying both dimensions of the request.

Abstract: The present disclosure is directed to a method for limiting access to a virtual sensitive compartmented information facility (SCIF) and secure transport of information between two virtual SCIFs. The method may comprise creating a virtual SCIF, allowing access to the to the virtual SCIF to only those virtual subjects having the proper security clearance as analyzed by an access rule set loaded into an object request broker, creating a second virtual SCIF, creating a key lockable secure container to transport the information from the first virtual SCIF to the second virtual SCIF, and restricting access to the key to unlock the secure container in the second virtual SCIF.

Abstract: A method of avoiding virtual world fatigue by generating an active avatar in an avatar wallet. The method includes creating and storing an active avatar in the avatar wallet, selecting target worlds for the active avatar to visit, modifying the initial appearance, the user information, the contact map and the characteristic sharing information of the active avatar in accordance with user preferences with respect to each of the target worlds so as to generate a version of the active avatar for each of the target worlds, and initiating a submission of a version of the active avatar to the corresponding target world such that the version is automatically tailored to allowable avatar properties of the corresponding target world.