Abstract: A technique for establishing security in a publish/subscribe data processing broker network is presented. The technique includes providing a security extension module from a publisher to a broker of the network, wherein the security extension module is for a topic asset of the publisher. The broker employs the security extension module, responsive to receipt of a request from a subscriber for the topic asset, to authenticate the request at the broker before pushing the topic asset of the publisher to the subscriber. In addition to authenticating the request, the security mode extension can be employed to authorize the request, and to automatically forward messages to the publisher providing information on when topic asset access by a subscriber begins and ends.

Abstract: A technique for establishing security in a publish/subscribe data processing broker network is presented. The technique includes providing a security extension module from a publisher to a broker of the network, wherein the security extension module is for a topic asset of the publisher. The broker employs the security extension module, responsive to receipt of a request from a subscriber for the topic asset, to authenticate the request at the broker before pushing the topic asset of the publisher to the subscriber. In addition to authenticating the request, the security mode extension can be employed to authorize the request, and to automatically forward messages to the publisher providing information on when topic asset access by a subscriber begins and ends.

Abstract: A computing environment security agent is provided for automatically determining whether to grant access to an asset, deny access to the asset, or grant access to a transformed asset responsive to an asset request by a user of the computing environment. The security agent includes logic for authenticating a user for computing environment access, for receiving a request from the authenticated user to access an asset, and for determining whether the authenticated user is authorized to access the asset, and if so, for determining whether to transform the asset responsive to the request to access the asset by the authenticated user. The security agent can further include logic for transparently transforming the requested asset or for defining at least one transformation rule for the requested asset and saving the at least one transformation rule in a transformation list accessible by the authenticated user.

Abstract: Method, system and computer program product are provided for facilitating transport of program code between computer processes in an object-oriented computing environment. An object is provided which includes a hashtable having at least one set of elements integrated therein. One element of the at least one set of elements of the hashtable is program code. The program code is logic which employs as data input the hashtable itself. The object can be serialized at a sender computer process and transported to a receiver computer process, where the serialized data object is received and deserialized to retrieve the hashtable. The receiver computer process can add relevant data to the hashtable prior to invoking program code within the hashtable using as data input thereto only the hashtable. A technique for merging multiple hashtables from different computer processes into a common hashtable is also provided.

Abstract: A technique for establishing security in a publish/subscribe data processing broker network is presented. The technique includes providing a security extension module from a publisher to a broker of the network, wherein the security extension module is for a topic asset of the publisher. The broker employs the security extension module, responsive to receipt of a request from a subscriber for the topic asset, to authenticate the request at the broker before pushing the topic asset of the publisher to the subscriber. In addition to authenticating the request, the security mode extension can be employed to authorize the request, and to automatically forward messages to the publisher providing information on when topic asset access by a subscriber begins and ends.

Abstract: A message-based approach is presented for propagating a digital certificate state change notification throughout a data processing network. The approach includes registering at least one interested party with a certificate authority for state change information relating to the digital certificate; and automatically sending a state change notification message from the certificate authority to the at least one interested party responsive to the certificate authority noting a state change in the digital certificate. The at least one interested party can be registered by the certificate authority in a subscription list with initial forwarding of the digital certificate to the certificate authority for confirmation as part of an initial authentication process. The automatically sending results in sending the state change notification to only the at least one interested party registered with the certificate authority to receive the state change information for the digital certificate at issue.

Abstract: A user identification capability for network environrnents. A user's identity is created using information provided by a user, as well as information provided by a third party, such as an internet service provider, a business, a service, an access device, etc. The identity is used to determine the context in which a user is accessing a process, such as a server, application, network entity, firewall, router, etc.

Abstract: A technique for establishing security in a publish/subscribe data processing broker network is presented. The technique includes providing a security extension module from a publisher to a broker of the network, wherein the security extension module is for a topic asset of the publisher. The broker employs the security extension module, responsive to receipt of a request from a subscriber for the topic asset, to authenticate the request at the broker before pushing the topic asset of the publisher to the subscriber. In addition to authenticating the request, the security mode extension can be employed to authorize the request, and to automatically forward messages to the publisher providing information on when topic asset access by a subscriber begins and ends.

Abstract: Method, system and computer program product are provided for facilitating transport of program code between computer processes in an object-oriented computing environment. An object is provided which includes a hashtable having at least one set of elements integrated therein. One element of the at least one set of elements of the hashtable is program code. The program code is logic which employs as data input the hashtable itself. The object can be serialized at a sender computer process and transported to a receiver computer process, where the serialized data object is received and deserialized to retrieve the hashtable. The receiver computer process can add relevant data to the hashtable prior to invoking program code within the hashtable using as data input thereto only the hashtable. A technique for merging multiple hashtables from different computer processes into a common hashtable is also provided.

Abstract: A message-based approach is presented for propagating a digital certificate state change notification throughout a data processing network. The approach includes registering at least one interested party with a certificate authority for state change information relating to the digital certificate; and automatically sending a state change notification message from the certificate authority to the at least one interested party responsive to the certificate authority noting a state change in the digital certificate. The at least one interested party can be registered by the certificate authority in a subscription list with initial forwarding of the digital certificate to the certificate authority for confirmation as part of an initial authentication process. The automatically sending results in sending the state change notification to only the at least one interested party registered with the certificate authority to receive the state change information for the digital certificate at issue.

Abstract: A system and method is provided that enables a postal customer to order a shipping label on-line via the internet. The label may be a mailing label to be placed on letters or parcels. The label includes information such as postage, delivery address, return address, and a barcode for tracking delivery information. A user may request both a label and postage in what, to the user, appears to be a single computerized connection on a single internet web-page. A postage indicia is provided through a postage provider with whom the user has a deposit or credit. The label itself may be generated through a label-generating application hosted or generated by an entity separate from the postage provider.

Abstract: A system and method is provided that enables a postal customer to order a shipping label on-line via the internet. The label may be a mailing label to be placed on letters or parcels. The label includes information such as postage, delivery address, return address, and a barcode for tracking delivery information. A user may request both a label and postage in what, to the user, appears to be a single computerized connection on a single internet web-page. A postage indicia is provided through a postage provider with whom the user has a deposit or credit. The label itself may be generated through a label-generating application hosted or generated by an entity separate from the postage provider.

Abstract: A channel for a data processing system is provided with a time of day clock that is synchronized with the time of day clock of the associated central processor. Both the central processor and the channel processor record times of particular events, and the channel uses these times to calculate two times called Function Pending and Function Active. Both times begin when the central processor executes an instruction to begin an I/O operation. Function Pending ends when the channel has made successful initial selection. This time shows delays by the channel processor in scheduling the channel control unit, and device resources for I/O operations. Function Active ends at Channel End. A new instruction, Set Channel Monitor, enables or disables these measurements. An information block for each subchannel defines one of several measurement modes for a subchannel or disables the subchannel from measurement.

Abstract: Multiprocessing systems having changeable CPU configurations generate unique changeable identifications (ID's). These are presented by I/O channels over various I/O connection paths, in association with special path defining commands and function data. Related path state indications are stored peripherally in path map tables and define path group associations for sustaining path-independent I/O operations. When a device is reserved via one path in a path group the reserve affiliation is extended automatically (in the path tables ) to each path in the group, thereby rendering each path accessible in a reserved mode. The path defining commands are used for adding paths to, resigning paths from and disbanding groups. Special sensing commands are used for sensing path reservation and grouping states. When a command for adding or resigning a path is presented to a reserved device via one path in a group the reserve is automatically realigned to the enlarged or reduced group.