Abstract: Devices, systems, and methods receive a token and a request to create a joint tenant, wherein at least one of the token and the request identifies a first user of a first tenant of a first service; receive one or more administrator credentials for a second service; send the one or more administrator credentials and a request to create a service account to the second service; and create a joint tenant that includes a tenant of the first service and a tenant of the second service, wherein the first user is included in the tenant of the first service, and wherein the service account is included in the tenant of the second service.

Abstract: Devices, systems, and methods receive a token and a request to create a joint tenant, wherein at least one of the token and the request identifies a first user of a first tenant of a first service; receive one or more administrator credentials for a second service; send the one or more administrator credentials and a request to create a service account to the second service; and create a joint tenant that includes a tenant of the first service and a tenant of the second service, wherein the first user is included in the tenant of the first service, and wherein the service account is included in the tenant of the second service.

Abstract: Access to web services is managed. Metrics associated with accesses to a service are collected, and the metrics include activities associated with a user. A profile associated with the user is generated and updated. One or more metrics of an incoming access request to the service are compared against the profile using a statistical measure and a corresponding threshold for detecting an anomaly. The threshold is determined based on associations between a distribution of the metrics of the profile and a subset of other profile metric distributions. There is a determination of whether the incoming access request is an anomaly based on the comparison.

Abstract: Security is managed on a collaboration of plural computers that together define a trusted network environment. Each computer presents one or more real services and one or more spoof services which spoof real services on a subset of ports. At any one computer of the plural computers, unauthorized or suspicious activity from a device is detected at the subset of ports. A message is transmitted from the one computer to the plural computers on the network informing of the activity. In response to receiving one or more messages pertaining to the device, each computer individually changes its access rules to block the device.

Abstract: Systems, devices, and methods for provisioning a device receive authentication information from a user interface; send the authentication information to an identity provider device; receive a token at the registration device from the identify provider device; send the token, device information of a new device, and a provisioning request from the registration device to a provisioning service; receive an activation code at a user interface of the new device; send the activation code and the token from the new device to the provisioning device; and receive a key from the provisioning device, the key being associated with the device identifier of the new device.

Abstract: Systems, devices, and methods for provisioning a device receive authentication information from a user interface; send the authentication information to an identity provider device; receive a token at the registration device from the identify provider device; send the token, device information of a new device, and a provisioning request from the registration device to a provisioning service; receive an activation code at a user interface of the new device; send the activation code and the token from the new device to the provisioning device; and receive a key from the provisioning device, the key being associated with the device identifier of the new device.