Abstract: A method of data storage and retrieval using a relational database can include defining a first table in a relational database including a plurality of entries having a first value for a first field. A second table in the relational database including a plurality of entries can be defined. Each of the plurality of entries in the second table can specify an additional value for the first field of a corresponding entry in the first table. Responsive to a query, a data item selected from at least one of the plurality of entries in the first table can be presented.

Abstract: A system and method for providing third party secure hosting of an application. The system and method includes providing a host system with a main memory and a third party secured memory, the third party secured memory storing third party information; encrypting the third party information stored on the third party secured memory upon access by a user, the encrypting being via a security key, the security key being held at a customer location; and, enabling access to the third party information only to users having the security key.

Abstract: A data set typically does not stagnate and remain the same size over time. The capabilities of hardware (e.g., servers and storage devices) also do not stagnate and remain the same. A date set is often repartitioned to accommodate changes in size of the data set and/or changes in hardware capability. Hundreds or thousands of writes may be performed on the data set (e.g., database, directory, etc.) every second. So, even a few seconds of downtime are unacceptable. Instead of taking the data set offline, the data set can be repartitioned while still allowing access to the data set (“repartitioning live data”). Live data can be repartitioned by establishing update or replication queues for the new partitions while servicing write requests and read requests with the old partitions. After the data has been migrated, the update queues are drained to ensure data integrity.

Abstract: A client is impersonalized to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

Abstract: A client is impersonalized to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

Abstract: A data set typically does not stagnate and remain the same size over time. The capabilities of hardware (e.g., servers and storage devices) also do not stagnate and remain the same. A date set is often repartitioned to accommodate changes in size of the data set and/or changes in hardware capability. Hundreds or thousands of writes may be performed on the data set (e.g., database, directory, etc.) every second. So, even a few seconds of downtime are unacceptable. Instead of taking the data set offline, the data set can be repartitioned while still allowing access to the data set (“repartitiong live data”). Live data can be repartitioned by establishing update or replication queues for the new partitions while servicing write requests and read requests with the old partitions. After the data has been migrated, the update queues are drained to ensure data integrity.

Abstract: A system and method for providing third party secure hosting of an application. The system and method includes providing a host system with a main memory and a third party secured memory, the third party secured memory storing third party information; encrypting the third party information stored on the third party secured memory upon access by a user, the encrypting being via a security key, the security key being held at a customer location; and, enabling access to the third party information only to users having the security key.

Abstract: A client is impersonalized to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

Abstract: A client is impersonalized to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

Abstract: A client is impersonated to a plurality of servers using a middle-tier server. A common nonce associated with each of the plurality of servers is obtained and the common nonce is provided to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

Abstract: A method of data storage and retrieval using a relational database can include defining a first table in a relational database including a plurality of entries having a first value for a first field. A second table in the relational database including a plurality of entries can be defined. Each of the plurality of entries in the second table can specify an additional value for the first field of a corresponding entry in the first table. Responsive to a query, a data item selected from at least one of the plurality of entries in the first table can be presented.

Abstract: Methods, systems and computer program products are provided for authenticating a message from a client using a first authentication protocol and a resource manager using a second authentication protocol different from the first authentication protocol by generating a second message from the message from the client. The second message may include information from the client which has been authenticated using the first authentication protocol. The second message is authenticated using the second authentication protocol and the authenticated second message is provided to the resource manager.

Abstract: Changed information is provided to multiple masters of a multi-master environment. In order to facilitate the providing of the changed information to the various masters, at least one replication data structure is used. This data structure is managed in such a way that conflicts are avoided in updating the data structure, and thus, in communicating the changed information to the masters.

Abstract: Methods, systems and computer program products for management of application programs on a network including a server supporting client stations are provided. The server provides applications on-demand to a user logging in to a client supported by the server. Mobility is provided to the user and hardware portability is provided by establishing a user desktop interface responsive to a login request which presents to the user a desktop screen through a web browser interface which accesses and downloads selected application programs from the server responsive to a request from the user on the user desktop screen at the client. The application program is then provided from the server and executed at the client. The application program may further be customized to conform to the user's preferences and may also provide for license use management by determining license availability before initiating execution of the application program.

Abstract: Changed information is provided to multiple masters of a multi-master environment. In order to facilitate the providing of the changed information to the various masters, at least one replication data structure is used. This data structure is managed in such a way that conflicts are avoided in updating the data structure, and thus, in communicating the changed information to the masters.

Abstract: Methods, systems and computer program products provide for a middle-tier server to impersonate a client to a plurality of servers. A common nonce associated with each of the plurality of servers is obtained and the common nonce to the client. The common nonce signed by the client is received at the middle-tier server and provided as a signature for transactions from the client to the plurality of servers so as to authenticate the client to the plurality of servers.

Abstract: Methods, systems, and computer program products for improving installation of software packages using a directory (such as a Lightweight Directory Access Protocol, or “LDAP”, directory). A model and framework are described, where the objects of the data model may be uncoupled from the framework, allowing individual objects to be separately stored and retrieved in the directory is association with access rights or privileges. Multiple versions of each object may therefore be created and stored, and may be easily retrieved using the built-in mechanisms of the directory, when access rights which are appropriate for a particular requester are known. Optionally, built-in authentication mechanisms of the directory may be used to authenticate the requester.

Abstract: Methods, systems and computer program products for management of application programs on a network including a server supporting client stations are provided. The server provides applications on-demand to a user logging in to a client supported by the server. Mobility is provided to the user and hardware portability is provided by establishing a user desktop interface responsive to a login request which presents to the user a desktop screen through a web browser interface which accesses and downloads selected application programs from the server responsive to a request from the user on the user desktop screen at the client. The application program is then provided from the server and executed at the client. The application program may further be customized to conform to the user's preferences and may also provide for license use management by determining license availability before initiating execution of the application program.

Abstract: Methods, systems and computer program products are provided for authenticating a message from a client using a first authentication protocol and a resource manager using a second authentication protocol different from the first authentication protocol by generating a second message from the message from the client. The second message may include information from the client which has been authenticated using the first authentication protocol. The second message is authenticated using the second authentication protocol and the authenticated second message is provided to the resource manager.

Abstract: Methods, systems and computer program products for management of application programs on a network including a server supporting client stations are provided. The server provides applications on-demand to a user logging in to a client supported by the server. Mobility is provided to the user and hardware portability is provided by establishing a user desktop interface responsive to a login request which presents to the user a desktop screen through a web browser interface which accesses and downloads selected application programs from the server responsive to a request from the user on the user desktop screen at the client. The application program is then provided from the server and executed at the client. The application program may further be customized to conform to the user's preferences and may also provide for license use management by determining license availability before initiating execution of the application program.