Abstract: According to one example, a method performed by a computing system includes determining that a size of key data to be stored within a kernel memory is greater than a threshold value. The threshold value is based on a size value associated with maintaining the key data outside of the kernel memory. The method further includes allocating a block of memory within a volatile memory store, the block of memory being outside the kernel memory, storing the key data within the block of memory, and storing, within the kernel memory, a pointer to the key data.

Abstract: A method and apparatus for maintaining in a Lightweight Directory Access Protocol (LDAP) repository entries that are managed by an LDAP directory server. An LDAP directory server receives a client request to add a specified entry to an LDAP repository, determines, based on a managed entry configuration, that the specified entry requires a managed entry operation, and adds the specified entry to the LDAP repository. The LDAP directory server further adds a managed entry to the LDAP repository in accordance with the managed entry operation, where the managed entry is added to the LDAP repository without receiving any client request specifying the managed entry.

Abstract: According to one example, a method performed by a computing system includes determining that a size of key data to be stored within a kernel memory is greater than a threshold value. The threshold value is based on a size value associated with maintaining the key data outside of the kernel memory. The method further includes allocating a block of memory within a volatile memory store, the block of memory being outside the kernel memory, storing the key data within the block of memory, and storing, within the kernel memory, a pointer to the key data.

Abstract: In one embodiment, a mechanism for providing a trusted environment for provisioning a virtual machine is disclosed. In one embodiment, a method includes beginning an initialization process of a virtual machine (VM) hosted by a VM host server, obtaining by the VM as part of the initialization process a one-time password from the VM host server, the one-time password provided to the VM host server from a management server that created the one-time password, and authenticating the VM with an identity server using the one-time password.

Abstract: A system and method for allocating an interval to each of multiple locations within a network topology, where each interval indicates a range of Internet Protocol (IP) addresses associated with the corresponding location. Each allocated interval is associated with a computing service that provides information about network services near the location associated with the allocated interval. The intervals are allocated into intermediate nodes, where each intermediate node includes at least two of the intervals. The intervals, associated computing services, and intermediate nodes are then organized into a modified B+ tree structure that facilitates the discovery of one of the network services near the allocated interval.

Abstract: A method and apparatus for maintaining in a Lightweight Directory Access Protocol (LDAP) repository entries that are managed by an LDAP directory server. An LDAP directory server receives a client request to add a specified entry to an LDAP repository, determines, based on a managed entry configuration, that the specified entry requires a managed entry operation, and adds the specified entry to the LDAP repository. The LDAP directory server further adds a managed entry to the LDAP repository in accordance with the managed entry operation, where the managed entry is added to the LDAP repository without receiving any client request specifying the managed entry.

Abstract: A method and system for automatic extension of a distributed numeric range in a multi-master system are described. In one embodiment, each of a plurality of master servers is provided with a unique range of numeric values that can be assigned to clients. Each master server can dynamically extend its associated range when the range is about to be exhausted. For example, a first master server can send a range request to a second master server to obtain additional numeric values when the number of values in its associated range is below a threshold. After receipt of the additional numeric values from the second master server, the first master server updates its associated range and assigns the additional numeric values to the clients.

Abstract: A system and method for enabling a client to query a DNS server for location information that is associated with the client's IP address. The client receives the location information which identifies a list of sub-locations and a location IP address space encompassing the sub-locations listed. The client selects a network service located nearest to the client based on the location information, and then accesses the network service.

Abstract: A system and method for enabling a client to query a DNS server for location information that is associated with the client's IP address. The client receives the location information which identifies a list of sub-locations and a location IP address space encompassing the sub-locations listed. The client selects a network service located nearest to the client based on the location information, and then accesses the network service.

Abstract: A system and method for allocating an interval to each of multiple locations within a network topology, where each interval indicates a range of Internet Protocol (IP) addresses associated with the corresponding location. Each allocated interval is associated with a computing service that provides information about network services near the location associated with the allocated interval. The intervals are allocated into intermediate nodes, where each intermediate node includes at least two of the intervals. The intervals, associated computing services, and intermediate nodes are then organized into a modified B+ tree structure that facilitates the discovery of one of the network services near the allocated interval.

Abstract: In one embodiment, a mechanism for providing a trusted environment for provisioning a virtual machine is disclosed. In one embodiment, a method includes beginning an initialization process of a virtual machine (VM) hosted by a VM host server, obtaining by the VM as part of the initialization process a one-time password from the VM host server, the one-time password provided to the VM host server from a management server that created the one-time password, and authenticating the VM with an identity server using the one-time password.

Abstract: A method and system for automatic extension of a distributed numeric range in a multi-master system are described. In one embodiment, each of a plurality of master servers is provided with a unique range of numeric values that can be assigned to clients. Each master server can dynamically extend its associated range when the range is about to be exhausted. For example, a first master server can send a range request to a second master server to obtain additional numeric values when the number of values in its associated range is below a threshold. After receipt of the additional numeric values from the second master server, the first master server updates its associated range and assigns the additional numeric values to the clients.