Abstract: According to one embodiment of the present invention, a system analyzes data in response to detecting occurrence of an event, and includes a computer system including at least one processor. The system maps fields between the data and a fingerprint definition identifying relevant fields of the data to produce a fingerprint for the data. The data is deleted after occurrence of the event. The produced fingerprint is stored in a data repository, and retrieved in response to detection of the event occurrence after the data has been deleted. The system analyzes the retrieved fingerprint to evaluate an impact of the event on corresponding deleted data. Embodiments of the present invention further include a method and computer program product for analyzing data in response to detecting occurrence of an event in substantially the same manner described above.

Abstract: Techniques are disclosed for generating a view of a data flow model. One or more groupings of data flow objects in the data flow model is determined, based on an ontology. At least a first one of the groupings is collapsed in the view. The view is output for display in a user interface configured to selectively expand and collapse the first group based on user input.

Abstract: Mapping and translating reference data from multiple databases using an enterprise ontology. This is achieved by various means, including mapping values of a first database to corresponding fields within the ontology, mapping values of a second database to corresponding fields within the ontology, and determining relationships between the values of the first database and the values of the second database based on their respective mappings to common fields within the ontology.

Abstract: A system maps data within a data source to a target data model, and comprises a computer system including at least one processor. The system determines an identifier for each data object of the data source based on the data within that data object, wherein the identifier indicates for that data object a corresponding concept within a domain ontological representation of a data model of the data source. The determined identifiers for the data objects of the data source are compared to the target data model to determine mappings between the data objects of the data source and the target data model. Data objects from the data source are extracted for the target data model in accordance with the mappings. Present invention embodiments further include a method and computer program product for mapping data within a data source to a target data model.

Abstract: Access controls for a Web service (which controls are based on abstract WSDL definitions) are defined for a WSDL defined protected object space and, as such, are loosely coupled with the concrete WSDL binding derived from those definitions, preferably on a per binding level. This WSDL-defined POS is in turn loosely bound to a resource-specific protected object space definition. This loose coupling is leveraged to allow changes (e.g., updates) to the abstract WSDL binding's protected object space to be transitively applied to the application-specific protected object space. If appropriate, changes to the resource-specific protected object space may be applied to the WSDL's protected object space. Thus, according to the invention, the coupling may be one-way (typically, from the WSDL POS to the resource level POS) or two-way (from the WSDL POS to the resource level POS and vice versa).

Abstract: Mechanisms for evaluating software sustainability are provided. The illustrative embodiments provide code scanning tools for identifying authors of portions of a software product and various attributes about the development, maintenance, and improvement of portions of the software product over time. This information may be correlated with organizational information to identify portions of the software product that may be lacking in sustainability by the persons currently associated with the software organization. Moreover, this information may be used to obtain information regarding the relative quality of the composition or conception of portions of the software product, portions of the software product that have required a relatively larger amount of resources to develop over time, a relative indication of which portions of the software product are “harder” or “easier” to sustain and who is associated with those portions of the software product, and the like.

Abstract: Policy controls for Web service resource objects in a hierarchical resource space are loosely coupled so that policy changes are applied and enforced across the objects. This technique ensures that different policies are not applied unintentionally to the same resource (for example, one at the Web services entry level, and the other at the resource level). By synchronizing the object in the manner described, neither the entity that deploys the application nor the security administrator need to be aware of the differences between the various types of requests that occur within a Web services environment. In a representative embodiment, resource objects are linked within a hierarchical resource space to provide synchronized policy control, where the policy is an audit policy, a quality-of-service (QoS) policy, a service level agreement (SLA) policy, a governance policy, a compliance policy, a patch management/vulnerability management policy, a user management policy, or a rights management policy.

Abstract: Mapping and translating reference data from multiple databases using an enterprise ontology. This is achieved by various means, including mapping values of a first database to corresponding fields within the ontology, mapping values of a second database to corresponding fields within the ontology, and determining relationships between the values of the first database and the values of the second database based on their respective mappings to common fields within the ontology.

Abstract: Mapping and translating reference data from multiple databases using an enterprise ontology. This is achieved by various means, including mapping values of a first database to corresponding fields within the ontology, mapping values of a second database to corresponding fields within the ontology, and determining relationships between the values of the first database and the values of the second database based on their respective mappings to common fields within the ontology.

Abstract: A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy.

Abstract: Provided are techniques for providing security in a computing system with identity mediation policies that are enterprise service bus (EBS) independent. A mediator component performs service-level operation such as message brokering, identity mediation, and transformation to enhance interoperability among service consumers and service providers. A mediator component may also delegate identity related operations to a token service of handler. Identity mediation may include such operations as identity determination, or “identification,” authentication, authorization, identity transformation and security audit.

Abstract: Provided are techniques for providing security in a computing system with identity mediation policies that are enterprise service bus (EBS) independent. A mediator component performs service-level operation such as message brokering, identity mediation, and transformation to enhance interoperability among service consumers and service providers. A mediator component may also delegate identity related operations to a token service of handler. Identity mediation may include such operations as identity determination, or “identification,” authentication, authorization, identity transformation and security audit.

Abstract: Mapping and translating reference data from multiple databases using an enterprise ontology. This is achieved by various means, including mapping values of a first database to corresponding fields within the ontology, mapping values of a second database to corresponding fields within the ontology, and determining relationships between the values of the first database and the values of the second database based on their respective mappings to common fields within the ontology.

Abstract: A method, system and computer-usable medium are disclosed for controlling the distribution of data. Data stored in a datastore is filtered according to a data release policy to generate filtered data. A data release policy agreement, corresponding to the data release policy, is generated. The filtered data and the data release policy agreement are then provided to an information consumer. The data release policy agreement is then used to enforce the data release policy.

Abstract: A method, system and computer-usable medium are disclosed for validating user credentials submitted to a data source by an untrusted intermediary. An untrusted intermediary attempts to access a data source on behalf of a user. The untrusted intermediary challenges the user to provide credentials of the type and format required to access the data provided by the data source. The user's trust client connects to an authentication service and identification credentials of the required type and format are generated. The identification credentials are conveyed to the user's trust client, which then provides them to the user's client, which in turn conveys them to the untrusted intermediary. The untrusted intermediary then presents the identification credentials to an authentication plug-in of the data source. The authentication plug-in validates the authenticity of the provided credentials with their associated authentication service.

Abstract: A system and method for evaluating software sustainability are provided. The illustrative embodiments provide code scanning tools for identifying authors of portions of a software product and various attributes about the development, maintenance, and improvement of portions of the software product over time. This information may be correlated with organizational information to identify portions of the software product that may be lacking in sustainability by the persons currently associated with the software organization. Moreover, this information may be used to obtain information regarding the relative quality of the composition or conception of portions of the software product, portions of the software product that have required a relatively larger amount of resources to develop over time, a relative indication of which portions of the software product are “harder” or “easier” to sustain and who is associated with those portions of the software product, and the like.

Abstract: A method, system and program are provided for managing the installation and configuration of a software product by using a proxy service to loosely couple the installation and/or configuration of constituent modules within the installation/configuration flow of the software product. The proxy service invokes the installation/configuration processing of an existing software component, thereby reducing the complexity associated with installing new component installation processes every time a component is to be supported, especially where the software products and new component(s) do not share the same installation/configuration platforms.

Abstract: A method, system and program are provided for managing the installation and configuration of a software product by using a proxy service to loosely couple the installation and/or configuration of constituent modules within the installation/configuration flow of the software product. The proxy service invokes the installation/configuration processing of an existing software component, thereby reducing the complexity associated with installing new component installation processes every time a component is to be supported, especially where the software products and new component(s) do not share the same installation/configuration platforms.

Abstract: Policy controls for Web service resource objects in a hierarchical resource space are loosely coupled so that policy changes are applied and enforced across the objects. This technique ensures that different policies are not applied unintentionally to the same resource (for example, one at the Web services entry level, and the other at the resource level). By synchronizing the object in the manner described, neither the entity that deploys the application nor the security administrator need to be aware of the differences between the various types of requests that occur within a Web services environment. In a representative embodiment, resource objects are linked within a hierarchical resource space to provide synchronized policy control, where the policy is an audit policy, a quality-of-service (QoS) policy, a service level agreement (SLA) policy, a governance policy, a compliance policy, a patch management/vulnerability management policy, a user management policy, or a rights management policy.

Abstract: Access controls for a Web service (which controls are based on abstract WSDL definitions) are defined for a WSDL defined protected object space and, as such, are loosely coupled with the concrete WSDL binding derived from those definitions, preferably on a per binding level. This WSDL-defined POS is in turn loosely bound to a resource-specific protected object space definition. This loose coupling is leveraged to allow changes (e.g., updates) to the abstract WSDL binding's protected object space to be transitively applied to the application-specific protected object space. If appropriate, changes to the resource-specific protected object space may be applied to the WSDL's protected object space. Thus, according to the invention, the coupling may be one-way (typically, from the WSDL POS to the resource level POS) or two-way (from the WSDL POS to the resource level POS and vice versa).