Abstract: Methods, systems and computer program products are provided for prefetching based on historical use and real-time signals. Forecast models may be configured to forecast whether to prefetch information (e.g. keys responsive to queries) for future time intervals based on historical use and internal or external signals that may influence forecasts, such as prevailing conditions. Historical use of keys may be analyzed for patterns and trends with multiple seasonalities per category and/or per key. Time series data and forecasts may be indexed by cache categories and time intervals. Forecast models may be trainable, optimizable, configurable and/or auto-correcting on a per-category and/or a per-key basis. Forecast precision indicators, confidence indicators and configurable thresholds may be used to optimize performance. Operations may be distributed among multiple servers. Tasks may be time-distributed by offsets. Cached information may be assigned a time to live (TTL) independent of other cached information.

Abstract: Methods for hardening security between web services using protected forwarded access tokens are implemented via systems and devices. User applications receive user tokens with user information from an identity provider and provide the user tokens to first services with data requests. Each first service extracts and transforms a portion of a user token to validate a user token signature, and determines a target service for the data request. The first services acquire actor tokens from the identity provider that uniquely identify the first services using public keys, and then generate authentication tokens, signed with corresponding private keys, that encapsulate the actor tokens and the transformed user tokens. The signed authentication tokens are provided to target services which validate the authentication tokens as well as the encapsulated tokens and their respective signatures. Upon validation, requested data is retrieved and provided back for the user applications from the target services.

Abstract: Methods, systems and computer program products are provided for prefetching based on historical use and real-time signals. Forecast models may be configured to forecast whether to prefetch information (e.g. keys responsive to queries) for future time intervals based on historical use and internal or external signals that may influence forecasts, such as prevailing conditions. Historical use of keys may be analyzed for patterns and trends with multiple seasonalities per category and/or per key. Time series data and forecasts may be indexed by cache categories and time intervals. Forecast models may be trainable, optimizable, configurable and/or auto-correcting on a per-category and/or a per-key basis. Forecast precision indicators, confidence indicators and configurable thresholds may be used to optimize performance. Operations may be distributed among multiple servers. Tasks may be time-distributed by offsets. Cached information may be assigned a time to live (TTL) independent of other cached information.

Abstract: Methods for hardening security between web services using protected forwarded access tokens are implemented via systems and devices. User applications receive user tokens with user information from an identity provider and provide the user tokens to first services with data requests. Each first service extracts and transforms a portion of a user token to validate a user token signature, and determines a target service for the data request. The first services acquire actor tokens from the identity provider that uniquely identify the first services using public keys, and then generate authentication tokens, signed with corresponding private keys, that encapsulate the actor tokens and the transformed user tokens. The signed authentication tokens are provided to target services which validate the authentication tokens as well as the encapsulated tokens and their respective signatures. Upon validation, requested data is retrieved and provided back for the user applications from the target services.

Abstract: Network services may include data associated with one or more entities. An aggregator service may host respective application programming interfaces (APIs) of the services at a single endpoint of the network such that the entities, including associations and relationships between entities, may be federated. For example, the services may register the entities of which the data of each of the services is associated with through a declarative entity model to establish an API schema for each of the services, which may be published at the aggregator service. In response to receipt of a request for entity related data from a client, the aggregator service may employ the declarative entity model to determine which of the services are associated with the entity related data such that a query may be submitted to the services, and how to aggregate responses to the query received from the services for transmission to the client.

Abstract: Non-limiting examples of the present disclosure describe mapping between vertical and horizontal application programming interface (API) construct data. An exemplary mapping is utilized to automatically generate and implement an API for a developer without the need for the developer to code a full implementation of the API. In one example, an API for implementation is a vertical API, where the vertical API is being integrated to work within the framework of a horizontal API. Vertical API construct data is accessed, where the vertical API construct data is domain-specific. The vertical API construct data is mapped, in a same data layer, with horizontal API construct data for a horizontal API. A vertical API may be automatically implemented for a developer based on the mapping of the vertical API construct data and the horizontal API construct data, without requiring the developer to code the vertical API for integration into the horizontal API.

Abstract: Network services may include data associated with one or more entities. An aggregator service may host respective application programming interfaces (APIs) of the services at a single endpoint of the network such that the entities, including associations and relationships between entities, may be federated. For example, the services may register the entities of which the data of each of the services is associated with through a declarative entity model to establish an API schema for each of the services, which may be published at the aggregator service. In response to receipt of a request for entity related data from a client, the aggregator service may employ the declarative entity model to determine which of the services are associated with the entity related data such that a query may be submitted to the services, and how to aggregate responses to the query received from the services for transmission to the client.

Abstract: Aspects of the subject matter described herein relate to test-ready virtual environments. In aspects, a lab environment may be configured that includes multiple virtual machines. The virtual machines may be configured with deployment agents that can be used to install and configure programs on the virtual machines. The virtual machines may also be configured with test agents that can engage in testing activities with respect to the virtual machines. Lab agents may be installed in the virtual machines that manage and monitor the health of the deployment and test agents. Components are described that control configuring the virtual machines of the lab environment into a known state that is ready for development or testing. Various applications of the above are also described.