Abstract: Exposure of sensitive information to users and other servers is controlled by using a first security token which contains a user identity and one or more user credentials associated with a first user; a second security token which contains an identity of a token issuer and an identity of a first owning process; and at least a first trusted server which accesses a downstream computing service on behalf of the first user by substituting or combining the first security token and the second security token, while preventing the second security token from being exposed to the first user. This establishes a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service.

Abstract: Exposure of sensitive information to users and other servers is controlled by using a first security token which contains a user identity and one or more user credentials associated with a first user; a second security token which contains an identity of a token issuer and an identity of a first owning process; and at least a first trusted server which accesses a downstream computing service on behalf of the first user by substituting or combining the first security token and the second security token, while preventing the second security token from being exposed to the first user. This establishes a first security sensitivity level for the first user and a second security sensitivity level for the first trusted server, wherein the first security sensitivity level is a lower access level than the second security sensitivity level for the downstream service.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.

Abstract: A construct having a plurality of distributed resources can include a portion of a second rack having a plurality of computing devices controlled by a second management node. The second management node can determine it contains insufficient construct data such as user data, group data, resource data, or authorization policy data to execute an operation associated with the construct. The second management node can synchronize at least a portion of construct data with a first management node. The first management node can be associated with the construct and a mutual trust relationship can exist between the first management node and the second management node. The first management node and the second management node can comprise autonomous management nodes capable of functioning independent of the network.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.

Abstract: An approach is provided that authenticates, at an on-line distributor, an end user that has connected to the distributor over a communications network. One or more sets of rules are sent from the distributor to one or more vendor sites. The distributor receives vendor product data pertaining to the vendor sites. The vendor product data received from the vendor sites is based on the sets of rules sent to the respective vendors. A product request is received at the distributor from the authenticated end user. The vendor product data received at the distributor is queried using a query that is based on the product request with the query resulting in a search result that is returned to the end user.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.

Abstract: A new management node associated with a new rack sends at least a public key of the new management node to a first management node associated with a first rack and a plurality of autonomous management nodes. The first management node sends the new management node an access token trusted by at least a portion of the plurality of autonomous management nodes and a set of public keys corresponding to at least a portion of the plurality of autonomous management nodes. The new management node can send its public key and the access token to at least a portion of the plurality of autonomous management nodes. In response, the new management node can establish a mutual trust relationship with at least a portion of the plurality of autonomous management nodes.

Abstract: A first management node of a first rack can be registered to a shared file storage system by establishing a mutual trust relationship between the first management node and the shared file storage system. The first management node can access a plurality of respective public keys and a plurality of respective certificates of authority that are stored in the shared file storage system and associated with a plurality of respective registered management nodes. The first management node can store a public key and a certificate of authority in the shared file storage system. The first management node can form mutual trust relationships with other registered management nodes. The first management node can validate authenticity of messages received from registered management nodes of the plurality of registered management nodes using a respective public key and a respective certificate of authority associated with a respective registered management node sending a message.

Abstract: A construct having a plurality of distributed resources can include a portion of a second rack having a plurality of computing devices controlled by a second management node. The second management node can determine it contains insufficient construct data such as user data, group data, resource data, or authorization policy data to execute an operation associated with the construct. The second management node can synchronize at least a portion of construct data with a first management node. The first management node can be associated with the construct and a mutual trust relationship can exist between the first management node and the second management node. The first management node and the second management node can comprise autonomous management nodes capable of functioning independent of the network.

Abstract: Exposure of sensitive information to users is controlled using a first security token containing user identity and user credentials to represent the user who requests services, and a second security token containing two other identities, one identifying the token issuer and the other identifying the owning process. When requesting services, the token-owning process sends a security token to indicate who is making the request, and uses its key to digitally sign the request. The token-owning process signs the request to indicate that it endorses the request.

Abstract: A mechanism is provided for establishing a trust relationship between two products. A resource device receives a registration request from an application device to access a resource on the resource device by an application and users of the application on the application device. The resource device sends a registration response using a redirection uniform resource identifier (URI) provided with the registration request, where the registration response includes an authorization code and a symmetric key in response to authenticating the registration request. The resource device receives an access token request that includes the symmetric key, verifiable authentication data, and the redirection URI. The resource device sends an access token to the application device in response to validating the access token request, where the access token allows for access to the resource on the resource device thereby establishing the trust relationship between the resource device and the application device.

Abstract: A mechanism is provided for establishing a trust relationship between two products. A resource device receives a registration request from an application device to access a resource on the resource device by an application and users of the application on the application device. The resource device sends a registration response using a redirection uniform resource identifier (URI) provided with the registration request, where the registration response includes an authorization code and a symmetric key in response to authenticating the registration request. The resource device receives an access token request that includes the symmetric key, verifiable authentication data, and the redirection URI. The resource device sends an access token to the application device in response to validating the access token request, where the access token allows for access to the resource on the resource device thereby establishing the trust relationship between the resource device and the application device.

Abstract: A method, system and apparatus for selective macro event recording. In accordance with the present invention, events can be selectively included in a macro recording process, even where the events occur across different contexts such as different application windows in different applications. Specifically, once a macro recording session has been initiated for a particular application or application window, events occurring in different applications or application windows can be selected for inclusion in the macro through an append recording operation. Notably, the selective macro recording facility can be included as part of an operating environment, or as part of the individual applications executing within the operating environment.

Abstract: A feeder nipple system removably mounted on a container and has a nipple body with a nipple, and a detachable valve which prevents leakage from the nipple body. The detachable feature of the valve also permits proper sanitization of the feeder nipple system. The valve has a toroidal shaped top portion integrally joined by a truncated trapezoidal shaped neck of the valve to a toroidal shaped bottom portion of the valve which has a circular central portion having a slightly concave shape with slits which form a plurality of flaps. When the flaps are opened in the direction of a sucking force applied to the nipple, fluid flows out of the nipple body. However, when the flaps are closed, upon cessation of the applied sucking force, the fluid is prevented from leaking through the detachable valve and out of the nipple body. The nipple body, nipple, and detachable valve are made of pliable material which allows them to be easily deformable.