Abstract: A computer-implemented method for monitoring and auditing secure software builds is disclosed. The computer-implemented includes receiving a build file containing a sequence of build instructions. The computer-implemented method further includes, for each build instruction being executed: determining an indicator value corresponding to a monitoring level associated with a build instruction; and modifying logging of trace information associated with a computing system executing the build instruction based, at least in part, on the indicator value corresponding to the monitoring level.

Abstract: A computer implemented method for replacing components of a data processing system, comprising in response to a detection of a newly added component at a specific location; reading its customization data from a data storage and querying a persistent database to determine if functional capabilities according to customization data are specified for this specific location; depending on a result of determining the functional capabilities and of querying the database if it contains customization data either: disabling the component; or enabling the component and storing in the database the customization data; or enabling the component and replacing the customization data in the database; or storing the customization data in the data storage of the component and enabling the component.

Abstract: A computer-implemented method for monitoring and auditing secure software builds is disclosed. The computer-implemented includes receiving a build file containing a sequence of build instructions. The computer-implemented method further includes, for each build instruction being executed: determining an indicator value corresponding to a monitoring level associated with a build instruction; and modifying logging of trace information associated with a computing system executing the build instruction based, at least in part, on the indicator value corresponding to the monitoring level.

Abstract: A computer-implemented method for distributing computing tasks to individual computer systems from a first pool of first computer systems, characterized by controllers executing a specific firmware with a gateway to receive commands via a network and an orchestration unit, whereby in response to a request to perform a computing task, an available and suitable first computer system is selected. An available second computer system is selected from a second pool. A firmware image corresponding to a requested controller firmware level is selected, using a gateway connector to send commands to the gateways. A network connection is established between the gateway in the controller of the first computer system and the gateway connector in the second computer system. Execution of the firmware image is triggered.

Abstract: A computer-implemented method for distributing computing tasks to individual computer systems from a first pool of first computer systems, characterized by controllers executing a specific firmware with a gateway to receive commands via a network and an orchestration unit, whereby in response to a request to perform a computing task, an available and suitable first computer system is selected. An available second computer system is selected from a second pool. A firmware image corresponding to a requested controller firmware level is selected, using a gateway connector to send commands to the gateways. A network connection is established between the gateway in the controller of the first computer system and the gateway connector in the second computer system. Execution of the firmware image is triggered.

Abstract: A computer implemented method for replacing components of a data processing system, comprising in response to a detection of a newly added component at a specific location; reading its customization data from a data storage and querying a persistent database to determine if functional capabilities according to customization data are specified for this specific location; depending on a result of determining the functional capabilities and of querying the database if it contains customization data either: disabling the component; or enabling the component and storing in the database the customization data; or enabling the component and replacing the customization data in the database; or storing the customization data in the data storage of the component and enabling the component.

Abstract: A method and a related system for a protection against unauthorized file encryption in a file system may be provided. The method may comprise providing an anti-ransomware file access unit, determining, by the anti-ransomware file access unit, an entropy value for a portion of a file to be written to the file system, and upon determining that the entropy value is equal or above a threshold value, performing a copy-on-write process to the file to be written, whereby the file is written to a copy-on-write storage area.

Abstract: A method is provided for suspending and resuming virtual machines in a network in dependence of network activity. The method includes providing a virtual machine manager. The virtual machine manager monitors network traffic of the virtual machines on a network bridge in a network layer using data packet analysis to detect dedicated network protocol traffic. More particularly, the monitoring of network traffic of the virtual machines may include: logging network addresses of the virtual machines of the network; combining logged network addresses with information about suspending or resuming virtual machines based on filtering rules being provided for such combination; and sending information about the network addresses of active and suspended virtual machines for virtual network adapters assigned to the virtual machines to the virtual machine manager.

Abstract: A method and a system for establishing a communication session between a first communication device in a main communication network and a second communication device in a local communication network comprising a wireless network, the second communication device being located in the vicinity of a mobile device, the first communication device contacting an external phone number, wherein the external phone number is assigned to a unique identifier of the mobile device. The method comprises (i) the mobile device sending the unique identifier detectable on the wireless network; (ii) providing the unique identifier of the mobile device) and a local communication identifier to a service provider adapter; (iii) determining the location of the mobile device, associating the mobile device to the second communication device in dependence of its location.

Abstract: A method and a system for establishing a communication session between a first communication device in a main communication network and a second communication device in a local communication network comprising a wireless network, the second communication device being located in the vicinity of a mobile device, the first communication device contacting an external phone number, wherein the external phone number is assigned to a unique identifier of the mobile device. The method comprises (i) the mobile device sending the unique identifier detectable on the wireless network; (ii) providing the unique identifier of the mobile device) and a local communication identifier to a service provider adapter; (iii) determining the location of the mobile device, associating the mobile device to the second communication device in dependence of its location.

Abstract: A method and a related system for a protection against unauthorized file encryption in a file system may be provided. The method may comprise providing an anti-ransomware file access unit, determining, by the anti-ransomware file access unit, an entropy value for a portion of a file to be written to the file system, and upon determining that the entropy value is equal or above a threshold value, performing a copy-on-write process to the file to be written, whereby the file is written to a copy-on-write storage area.

Abstract: A method is provided for suspending and resuming virtual machines in a network in dependence of network activity. The method includes providing a virtual machine manager. The virtual machine manager monitors network traffic of the virtual machines on a network bridge in a network layer using data packet analysis to detect dedicated network protocol traffic. More particularly, the monitoring of network traffic of the virtual machines may include: logging network addresses of the virtual machines of the network; combining logged network addresses with information about suspending or resuming virtual machines based on filtering rules being provided for such combination; and sending information about the network addresses of active and suspended virtual machines for virtual network adapters assigned to the virtual machines to the virtual machine manager.

Abstract: A method for de-duplicating updates in virtual machines (VMs) is provided that may be executed on a host computer u a hypervisor. Client VMs are derived from a base image, and the method includes: creating a temporary virtual machine, updating the temporary virtual machine, identifying modified blocks of the updated temporary virtual machine, and identifying files associated with the modified blocks. Moreover, the method includes determining block identifiers of matching files of a VM corresponding to identified files of the updated temporary VM, moving block content of blocks relating to the determined block identifiers from its initial location to a free location within the client VM if the block content and the matching files are not identical in the client virtual machine and the temporary VM, and de-duplicating content within the client VM, generating a complete bootable image, and replacing the base image by the temporary VM.

Abstract: A method is provided for suspending and resuming virtual machines in a network in dependence of network activity. The method includes providing a virtual machine manager. The virtual machine manager monitors network traffic of the virtual machines on a network bridge in a network layer using data packet analysis to detect dedicated network protocol traffic. More particularly, the monitoring of network traffic of the virtual machines may include: logging network addresses of the virtual machines of the network; combining logged network addresses with information about suspending or resuming virtual machines based on filtering rules being provided for such combination; and sending information about the network addresses of active and suspended virtual machines for virtual network adapters assigned to the virtual machines to the virtual machine manager.

Abstract: Stateful network connections between a first virtual machine and at least a second virtual machine are preserved during a suspend and resume cycle. The virtual machines are interconnected by a network. A control instance is provided to manage a routing of network traffic of the virtual machines to the network. In case of a suspend operation, the control instance tracks network addresses of each virtual machine, whereas in case of a resume operation, the control instance sets up a router for each virtual machine and requests new network addresses for each router. The control instance configures a network address translation on the router assigned to each virtual machine to map the new network addresses to the network addresses used before suspending the virtual machines.

Abstract: A method and a system for establishing a communication session between a first communication device in a main communication network and a second communication device in a local communication network comprising a wireless network, the second communication device being located in the vicinity of a mobile device, the first communication device contacting an external phone number, wherein the external phone number is assigned to a unique identifier of the mobile device. The method comprises (i) the mobile device sending the unique identifier detectable on the wireless network; (ii) providing the unique identifier of the mobile device) and a local communication identifier to a service provider adapter; (iii) determining the location of the mobile device, associating the mobile device to the second communication device in dependence of its location.

Abstract: A method and a system for establishing a communication session between a first communication device in a main communication network and a second communication device in a local communication network comprising a wireless network, the second communication device being located in the vicinity of a mobile device, the first communication device contacting an external phone number, wherein the external phone number is assigned to a unique identifier of the mobile device. The method comprises (i) the mobile device sending the unique identifier detectable on the wireless network; (ii) providing the unique identifier of the mobile device) and a local communication identifier to a service provider adapter; (iii) determining the location of the mobile device, associating the mobile device to the second communication device in dependence of its location.

Abstract: Embodiments of the present invention disclose a method, computer program product, and system for applying a plurality of program patch sets on a plurality of computer programs. Virtual machines are prepared to be patchable, in response to a suspended computer program. Synchronized snapshots of the virtual machines are created. A plurality of binary code sections of each of the synchronized snapshots are determined. Symbol data information of each of the synchronized snapshots are analyzed, based on the program patch sets. The determined binary code sections are replaced with a set of patch data, based on the plurality of program patch sets, resulting in patched snapshots for each of the synchronized snapshots. Dependencies of the patch data are adjusted, based on the replaced plurality of binary code sections and the execution of the computer program on each of the virtual machines are resumed using the plurality of patched snapshots.

Abstract: Embodiments of the present invention disclose a method, computer program product, and system for applying a plurality of program patch sets on a plurality of computer programs. Virtual machines are prepared to be patchable, in response to a suspended computer program. Synchronized snapshots of the virtual machines are created. A plurality of binary code sections of each of the synchronized snapshots are determined. Symbol data information of each of the synchronized snapshots are analyzed, based on the program patch sets. The determined binary code sections are replaced with a set of patch data, based on the plurality of program patch sets, resulting in patched snapshots for each of the synchronized snapshots. Dependencies of the patch data are adjusted, based on the replaced plurality of binary code sections and the execution of the computer program on each of the virtual machines are resumed using the plurality of patched snapshots.

Abstract: A method and a system for establishing a communication session between a first communication device in a main communication network and a second communication device in a local communication network comprising a wireless network, the second communication device being located in the vicinity of a mobile device, the first communication device contacting an external phone number, wherein the external phone number is assigned to a unique identifier of the mobile device. The method comprises (i) the mobile device sending the unique identifier detectable on the wireless network; (ii) providing the unique identifier of the mobile device) and a local communication identifier to a service provider adapter; (iii) determining the location of the mobile device, associating the mobile device to the second communication device in dependence of its location.