Abstract: Various embodiments herein described are directed to methods, apparatuses and computer program products configured for improving human-computer interactions and interfaces in integrated service and asset management platforms. In some embodiments, an integrated service and asset management platform may generate and store ticket data objects (for example, incident ticket data objects and/or change ticket data objects). When a new ticket data object (for example, an incident ticket data object and/or a change ticket data object) is received by the integrated service and asset management platform, the integrated service and asset management platform may select one or more related ticket data objects. Additional example embodiments provide various example incident and change management user interfaces that facilitate various user inputs and software operations in the integrated service and asset management platform.

Abstract: Described herein is a computer implemented method for confirming the completion of an onboarding setup item of an IT Service Management (ITSM) system. The system comprises a first software platform, a second software platform and an intermediary onboarding platform operatively associated with a database for storing a state of the setup item, the setup item being associated with at least one of the first and second software platforms. The method comprises receiving input data associated with at least one of the first and second software platforms; querying the received input data against completion criteria that is dependent on a predetermined item type; updating a state of the setup item; and displaying a visual indication of confirmation of the completion of the setup item.

Abstract: Described herein is a computer implemented method for confirming the completion of an onboarding setup item of an IT Service Management (ITSM) system. The system comprises a first software platform, a second software platform and an intermediary onboarding platform operatively associated with a database for storing a state of the setup item, the setup item being associated with at least one of the first and second software platforms. The method comprises receiving input data associated with at least one of the first and second software platforms; querying the received input data against completion criteria that is dependent on a predetermined item type; updating a state of the setup item; and displaying a visual indication of confirmation of the completion of the setup item.

Abstract: Methods and devices are directed to authorizing a network device to a resource over a network. An access server determines based, in part, on an attribute of the network device associated with the attribute certificate, whether the network device may be authorized access to the resource over the network. The attribute may be associated with a capability granted to the network device, a condition to be satisfied for the attribute to be valid, and the like. The attribute may belong to a group of network devices, or one or more users accessing the network through the network device. In one embodiment, the attribute certificate may be provided based on an automated security scan of the network device. In another embodiment, the access server may make the attribute available to a network resource associated with the access server.

Abstract: Apparatus, system, method and computer program product for verifying the integrity of remote network devices that request access to network services and resources. Unintended computer programs such as viruses, worms, or Trojan horses, may compromise remote devices. The invention involves downloading verification software over the web into the web browser of a client for the purpose of performing checks to verify the integrity and security of the client's device or system. The results of such checks are returned over the web to be used in security decisions involving authentication and the grant of authorization to access services and resources.

Abstract: Methods and systems are directed to authenticating a client over a network. The client generates a certificate and sends it to a server through a trusted mechanism. The server is configured to store the received certificate. When the client requests authentication over the network, it provides the certificate again, along with a parameter associated with a secure session. The server verifies the parameter associated with the secure session and determines if the certificate is substantially the same as the stored certificate. The server authenticates the client over the network, if the certificate is determined to be stored. In another embodiment, the client transmits the certificate that is generated by a third party Certificate Authority (CA) based, in part, on the client's public key.

Abstract: Method and devices are directed to managing access to a resource over a network. Upon receiving a request for access to the resource over the network, a resource controller determines a parameter associated with the request based on a query of the user and a scan of a client device associated with the request. The controller then applies an access control rule based, in part, on the parameter to determine a level of trust. Depending on the type of request, the resource controller may negotiate access to the resource with a resource server on behalf of the user and act as proxy in establishing the connection, if the request is permitted. A level of access to the resource may be determined based on the level of trust.

Abstract: Methods and devices are directed to authorizing a network device to a resource over a network. An access server determines based, in part, on an attribute of the network device associated with the attribute certificate, whether the network device may be authorized access to the resource over the network. The attribute may be associated with a capability granted to the network device, a condition to be satisfied for the attribute to be valid, and the like. The attribute may belong to a group of network devices, or one or more users accessing the network through the network device. In one embodiment, the attribute certificate may be provided based on an automated security scan of the network device. In another embodiment, the access server may make the attribute available to a network resource associated with the access server.

Abstract: Methods, devices, and systems are directed to managing a proxy request over a secure network using inherited security attributes. Proxy traffic, such as HTTP proxy traffic, is tunneled through a secure tunnel such that the proxy request inherits security attributes of the secure tunnel. The secure attributes may be employed to enable proxy access to a server, thereby extending a security property of the secure tunnel to the proxy connection tunneled through it. A secure tunnel service receives a proxy request from a client and modifies the proxy request to include the security attribute. In one embodiment, the security attribute is an identifier that enables a proxy service may employ to determine another security attribute. The proxy service is enabled to employ the security attribute, and the security attribute to determine if the client is authorized access to the server.

Abstract: Methods and systems are directed to authenticating a client over a network. The client generates a certificate and sends it to a server through a trusted mechanism. The server is configured to store the received certificate. When the client requests authentication over the network, it provides the certificate again, along with a parameter associated with a secure session. The server verifies the parameter associated with the secure session and determines if the certificate is substantially the same as the stored certificate. The server authenticates the client over the network, if the certificate is determined to be stored. In another embodiment, the client transmits the certificate that is generated by a third party Certificate Authority (CA) based, in part, on the client's public key.