Abstract: Techniques for securing user data in a healthcare data management system are described. A client system receives a request to authenticate a user. A login token relating to an authenticated user is maintained at the client system. A role is selected for the user, and an authorization token relating to the selected role is maintained at the client system. A session for the user is initiated. This includes generating an encrypted session cookie relating to the user and the session, storing the encrypted session cookie at the client system, and periodically updating a timestamp for the session cookie.

Abstract: Techniques for securing user data in a healthcare data management system are described. A client system receives a request to authenticate a user. The user is associated with applications and roles. The user is authenticated, at the client system, for all applications and all roles. A login token relating to the authenticated user is maintained at the client system. A role is selected for the user, and an authorization token relating to the selected role is maintained at the client system. A session for the user is initiated. This includes generating an encrypted session cookie relating to the user and the session, storing the encrypted session cookie at the client system, and periodically updating a timestamp for the session cookie.

Abstract: Embodiments provide techniques for authenticating and configuring a care plan device in a care plan environment. Embodiments receive, from the care plan device, a care plan device identifier written to a memory of the care plan device by a manufacturer. The care plan device is authenticated with a remote server, based on matching a reference identifier within a patient care plan with the care plan device identifier. Upon authenticating the care plan device, embodiments receive, from the remote server, the configuration information for the care plan device. The care plan device is configured in accordance with the patient care plan, based on the received configuration information.

Abstract: Techniques for securing user data in a healthcare data management system are described. A client system receives a request to authenticate a user. The user is associated with applications and roles. The user is authenticated, at the client system, for all applications and all roles. A login token relating to the authenticated user is maintained at the client system. A role is selected for the user, and an authorization token relating to the selected role is maintained at the client system. A session for the user is initiated. This includes generating an encrypted session cookie relating to the user and the session, storing the encrypted session cookie at the client system, and periodically updating a timestamp for the session cookie.

Abstract: Embodiments provide techniques for authenticating and configuring a care plan device in a care plan environment. Embodiments receive, from the care plan device, a care plan device identifier written to a memory of the care plan device by a manufacturer. The care plan device is authenticated with a remote server, based on matching a reference identifier within a patient care plan with the care plan device identifier. Upon authenticating the care plan device, embodiments receive, from the remote server, the configuration information for the care plan device. The care plan device is configured in accordance with the patient care plan, based on the received configuration information.

Abstract: A method and apparatus for installing an application on a computer are disclosed. Following receipt of a request to install an application, a software state, comprising the new application and several of the applications installed on the computer, is derived. Then, the method determines whether the software state can be implemented on the computer. If the software state cannot be implemented on the computer, then the method derives another software state. This is repeated until the derived software state can be implemented on the computer system, or until determining that no software state exists which can be implemented on the computer system.

Abstract: A method and apparatus for installing an application on a computer are disclosed. Following receipt of a request to install an application, a software state, comprising the new application and several of the applications installed on the computer, is derived. Then, the method determines whether the software state can be implemented on the computer. If the software state cannot be implemented on the computer, then the method derives another software state. This is repeated until the derived software state can be implemented on the computer system, or until determining that no software state exists which can be implemented on the computer system.

Abstract: Systems, methods and articles of manufacture are disclosed for identifying and resolving port conflicts during application deployment. The port conflicts may be identified based on application documentation and active port information. The port conflicts may be resolved by identifying an available port and providing information about the available port to a conflicting application. The port conflicts may also be resolved by identifying an available IP address and providing a port on the available IP address to a conflicting application. Further, if conflicting applications allow port sharing, the port conflicts may be resolved by providing port sharing information to the conflicting applications.

Abstract: A method and apparatus for managing distribution and use of software applications. An application manager at an administrator computer may be configured to receive requests for registering an application from a client computer. The application manager may determine whether the request should be approved based on historical responses to similar registration requests. A response to the request may accordingly be sent automatically to the requesting client computer.

Abstract: A method and apparatus for installing an application on a computer are disclosed. Following receipt of a request to install an application, a software state, comprising the new application and several of the applications installed on the computer, is derived. Then, the method determines whether the software state can be implemented on the computer. If the software state cannot be implemented on the computer, then the method derives another software state. This is repeated until the derived software state can be implemented on the computer system, or until determining that no software state exists which can be implemented on the computer system.

Abstract: A computer-implemented method includes receiving, at a configuration server, requirements data identifying computing requirements of a customer. The computer-implemented method includes receiving, at the configuration server, inventory information descriptive of a computing inventory of the customer. The computer-implemented method also includes accessing compatibility rules that specify hardware and software to enable particular computing requirements. The computer-implemented method further includes determining a plurality of configuration options to implement the computing requirements of the customer based on at least one of the requirements data, the computing inventory, and the compatibility rules. The plurality of configuration options include at least one customer premises equipment (CPE)-based configuration, at least one cloud computing-based configuration, and at least one hybrid CPE-cloud computing-based configuration.

Abstract: In a first aspect, a first method of improving security of a network system is provided. The first method includes the steps of (1) providing a plurality of devices coupled via a network, wherein one or more of the devices are adapted to execute at least one client and one or more of the devices are adapted to execute at least one server in a client-server relationship; and (2) employing software, functionality of which is based on client-specific criteria or operational condition criteria of the system, to reduce a number of times a user of a client of the system must provide first authentication data to access data from one or more servers of the system. Numerous other aspects are provided.

Abstract: A method and apparatus for managing distribution and use of software applications. An application manager at an administrator computer may be configured to receive requests for registering an application from a client computer. The application manager may determine whether the request should be approved based on historical responses to similar registration requests. A response to the request may accordingly be sent automatically to the requesting client computer.

Abstract: Systems, methods and articles of manufacture are disclosed for identifying and resolving port conflicts during application deployment. The port conflicts may be identified based on application documentation and active port information. The port conflicts may be resolved by identifying an available port and providing information about the available port to a conflicting application. The port conflicts may also be resolved by identifying an available IP address and providing a port on the available IP address to a conflicting application. Further, if conflicting applications allow port sharing, the port conflicts may be resolved by providing port sharing information to the conflicting applications.

Abstract: A method, apparatus and program product manages application entitlement data by storing entitlement data received from a plurality of application providers. Inventory data associated with a networked computing device or an application executable on the networked computing device is monitored. Delivery of the entitlement data to the networked computing device is enabled according to the inventory data.

Abstract: In a first aspect, a first method of improving security of a network system is provided. The first method includes the steps of (1) providing a plurality of devices coupled via a network, wherein one or more of the devices are adapted to execute at least one client and one or more of the devices are adapted to execute at least one server in a client-server relationship; and (2) employing software, functionality of which is based on client-specific criteria or operational condition criteria of the system, to reduce a number of times a user of a client of the system must provide first authentication data to access data from one or more servers of the system. Numerous other aspects are provided.