Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.

Abstract: A method, program product, and apparatus for managing profiles in an access management domain. In an embodiment, attribute field mapping rules are generated for an identity profile schema applied to a plurality of identity profiles and an account profile schema applied to a plurality of account profiles. Each of the identity profiles includes one or more identity attribute fields and each of the plurality of account profiles includes one or more account attribute fields. As part of generating attribute field mapping rules, a synchronization manager iteratively compares, using an edit distance function, data in each of the identity attribute fields with data in one or more of each of the account attribute fields. In response to detecting a match between data in a given identity attribute field and data in a given account attribute field, the synchronization manager increments an attribute correlation value that is associated with the given identity attribute field and the given account attribute field.

Abstract: A method, program product, and apparatus for managing profiles in an access management domain. In an embodiment, attribute field mapping rules are generated for an identity profile schema applied to a plurality of identity profiles and an account profile schema applied to a plurality of account profiles. Each of the identity profiles includes one or more identity attribute fields and each of the plurality of account profiles includes one or more account attribute fields. As part of generating attribute field mapping rules, a synchronization manager iteratively compares data in each of the identity attribute fields with data in one or more of each of the account attribute fields. In response to detecting a match between data in a given identity attribute field and data in a given account attribute field, the synchronization manager increments an attribute correlation value that is associated with the given identity attribute field and the given account attribute field.

Abstract: A registry is utilized to identify personally identifiable information (PII) that has been breached. The registry is a distributed database shared by multiple organizations to track which PII has been breached in other organizations. A first service provider initially receives PII and corresponding signed descriptor from a user. The PII is used to verify an identity of the user and the signed descriptor describes the type of PII that is received. The first service provider queries the registry to determine if the signed descriptor of the user has been written to the registry by a second service provider, indicating that it has been breached at a service provided by the second service provider. If the first service provider uses the breached PII, the breached PII is invalidated by the first service provider.

Abstract: A password breach registry is utilized to secure a service provided by a service provider. The password breach registry is a publicly accessible registry and includes password tokens written by breached service providers. The password tokens indicate passwords used to access breached service providers that may have been breached. A service provider can subscribe to the password breach registry and periodically query the password breach registry to determine if a password token corresponding to a user of a service provided by the service provider has been written to the password breach registry. This may indicate that the user of the service utilizes the same password on other services that have been breached. Upon determining that the password token has been written to the password breach registry, the user can be locked out from the service to prevent a malicious actor from gaining access to the account of the user.

Abstract: A long-distance fiber optic monitoring system having a sensing unit and an analyzer that is remotely located from the sensing unit is provided. The sensing unit comprises a source of optical energy for injecting optical energy into the fiber optical cable and an optical detector configured to detect an optical return signal from the optical fiber. The detected optical return signal is associated with an acoustic signal impinging on the optical fiber. The analyzer receives a signal from the remote sensing unit via the optical fiber that is representative of the optical return signal, and determines a location of a disturbance based at least on the received signal. The representative signal can be transmitted from the remote sensing unit to the analyzer as an optical signal or via a metallic wired included with the optical fiber.

Abstract: The present invention includes a system and process to visualize an event. The event visualization includes one or more physical entities that generate data experienced thereby and generate executable files related to their vantage points. A file manipulation engines normalizes data both existing in pure data form as well as data within the executable files. A visual display renders a representation of the data along with executable files that are correlated to the data. A relationship between two or more physical entities may be determined, and multimedia files of one entity that includes the other may be determined. Entities with no relationship between them, other than physical proximity (or other relationship) at a particular time, may offer multimedia files to the other entity that includes that entity.

Abstract: A submersible mixing and sampling apparatus with submersible supply systems (12, 14) for first and second liquid components such as a thermoset resin and a curing agent is disclosed. Each supply system has a respective submersible tank (24) for holding a respective one of the liquid components. Submersible mixers (46, 48, 50) downstream of the supply systems mix the liquid components underwater to form a curable mixture for injection into a subsea chamber such as a tee (102). Submersible sampling devices downstream of the mixers take samples (94) of the mixture underwater before, during and after injection, and optionally also at the surface. The samples may be cured and tested underwater or may be lifted to the surface for testing. The apparatus may be mounted on a subsea skid (100) or basket.

Abstract: The present invention includes a system and process to visualize an event. The event visualization includes one or more physical entities that generate data experienced thereby and generate executable files related to their vantage points. A file manipulation engines normalizes data both existing in pure data form as well as data within the executable files. A visual display renders a representation of the data along with executable files that are correlated to the data. A relationship between two or more physical entities may be determined, and multimedia files of one entity that includes the other may be determined. Entities with no relationship between them, other than physical proximity (or other relationship) at a particular time, may offer multimedia files to the other entity that includes that entity.

Abstract: In a method of managing a computing network, an expected behavior of a host is determined. The host is associated with a network resource, and is configured to be switched between active and inactive states. When the host is in the inactive state, a message is transmitted via the network on behalf of the host based on the expected behavior thereof such that the host appears to be in the active state. Related computer systems and computer program products are also discussed.

Abstract: A method, program product, and apparatus for managing profiles in an access management domain. In an embodiment, attribute field mapping rules are generated for an identity profile schema applied to a plurality of identity profiles and an account profile schema applied to a plurality of account profiles. Each of the identity profiles includes one or more identity attribute fields and each of the plurality of account profiles includes one or more account attribute fields. As part of generating attribute field mapping rules, a synchronization manager iteratively compares data in each of the identity attribute fields with data in one or more of each of the account attribute fields. In response to detecting a match between data in a given identity attribute field and data in a given account attribute field, the synchronization manager increments an attribute correlation value that is associated with the given identity attribute field and the given account attribute field.

Abstract: In a service emulation method, a transaction library storing a plurality of messages communicated between a system under test and a target system upon which the system under test depends is accessed responsive to receiving a request from the system under test. One of the messages stored in the transaction library is identified as corresponding to the received request based on different weightings assigned to respective sections of the messages, and a response to the received request is generated using the one of the messages that was identified. Related systems and computer program products are also discussed.

Abstract: The present invention includes a system and process to visualize an event. The event visualization includes one or more physical entities that generate data experienced thereby and generate executable files related to their vantage points. A file manipulation engines normalizes data both existing in pure data form as well as data within the executable files. A visual display renders a representation of the data along with executable files that are correlated to the data.

Abstract: In a computer-implemented method for endpoint management, a plurality of messages communicated between a target endpoint and a client are recorded, in a computer-readable memory. Ones of the messages are clustered into respective groups, where the respective groups correspond to respective operation types of the ones of the messages included therein. For the respective operation types, respective message structures used by the target endpoint are determined based on commonalities among the ones of the messages of the respective groups corresponding to the operation types. For one of the respective operation types, a request to the target endpoint is generated in accordance with a corresponding one of the respective message structures used by the target endpoint. Related computer systems and computer program products are also discussed.

Abstract: In a method of managing a computing network, an expected behavior of a host is determined. The host is associated with a network resource, and is configured to be switched between active and inactive states. When the host is in the inactive state, a message is transmitted via the network on behalf of the host based on the expected behavior thereof such that the host appears to be in the active state. Related computer systems and computer program products are also discussed.

Abstract: In a service emulation method, a transaction library storing a plurality of messages communicated between a system under test and a target system upon which the system under test depends is accessed responsive to receiving a request from the system under test. One of the messages stored in the transaction library is identified as corresponding to the received request based on different weightings assigned to respective sections of the messages, and a response to the received request is generated using the one of the messages that was identified. Related systems and computer program products are also discussed.

Abstract: A long-distance fiber optic monitoring system having a sensing unit and an analyzer that is remotely located from the sensing unit is provided. The sensing unit comprises a source of optical energy for injecting optical energy into the fiber optical cable and an optical detector configured to detect an optical return signal from the optical fiber. The detected optical return signal is associated with an acoustic signal impinging on the optical fiber. The analyzer receives a signal from the remote sensing unit via the optical fiber that is representative of the optical return signal, and determines a location of a disturbance based at least on the received signal. The representative signal can be transmitted from the remote sensing unit to the analyzer as an optical signal or via a metallic wired included with the optical fiber.

Abstract: A long-distance fiber optic monitoring system having a sensing unit and an analyzer that is remotely located from the sensing unit is provided. The sensing unit comprises a source of optical energy for injecting optical energy into the fiber optical cable and an optical detector configured to detect an optical return signal from the optical fiber. The detected optical return signal is associated with an acoustic signal impinging on the optical fiber. The analyzer receives a signal from the remote sensing unit via the optical fiber that is representative of the optical return signal, and determines a location of a disturbance based at least on the received signal. The representative signal can be transmitted from the remote sensing unit to the analyzer as an optical signal or via a metallic wired included with the optical fiber.

Abstract: A long-distance fiber optic monitoring system having a sensing unit and an analyzer that is remotely located from the sensing unit is provided. The sensing unit comprises a source of optical energy for injecting optical energy into the fiber optical cable and an optical detector configured to detect an optical return signal from the optical fiber. The detected optical return signal is associated with an acoustic signal impinging on the optical fiber. The analyzer receives a signal from the remote sensing unit via the optical fiber that is representative of the optical return signal, and determines a location of a disturbance based at least on the received signal. The representative signal can be transmitted from the remote sensing unit to the analyzer as an optical signal or via a metallic wired included with the optical fiber.

Abstract: A long-distance fiber optic monitoring system having a sensing unit and an analyzer that is remotely located from the sensing unit is provided. The sensing unit comprises a source of optical energy for injecting optical energy into the fiber optical cable and an optical detector configured to detect an optical return signal from the optical fiber. The detected optical return signal is associated with an acoustic signal impinging on the optical fiber. The analyzer receives a signal from the remote sensing unit via the optical fiber that is representative of the optical return signal, and determines a location of a disturbance based at least on the received signal. The representative signal can be transmitted from the remote sensing unit to the analyzer as an optical signal or via a metallic wired included with the optical fiber.