Abstract: Securing pods in a container orchestration environment is provided. A container runtime interface command is verified to perform an orchestration action on a set of containers comprising an application workload that corresponds to a service based on matching the container runtime interface command to a rule contained in a trusted execution environment contract included in a pod sandbox virtual machine of a trusted execution environment. It is determined whether the container runtime interface command to perform the orchestration action on the set of containers is valid based finding a matching rule in the trusted execution environment contract. In response to determining that the container runtime interface command to perform the orchestration action on the set of containers is valid, the container runtime interface command is executed to perform the orchestration action on the set of containers in the pod sandbox virtual machine of the trusted execution environment.

Abstract: A computer-implemented method for securely transferring a secret from a source computing component to a target computing component, wherein the source computing component and the target computing component are part of a secure computing environment is disclosed. The method comprises upon the source computing component receiving from the target computing component a signed attestation document, verifying, by the source computing component, an authenticity and content of the attestation document, and upon a successful verification of the authenticity and the content, transferring, by the source computing component the secret to the target computing system. Thereby, the attestation document is attesting that the target computing component is compliant to an update governance rule.

Abstract: A computer-implemented method for building trusted executable software using trusted building units, wherein a path between the building units is untrusted, is disclosed. The method comprises generating, by each of the trusted building units, an identifier for identifying an output of the respective trusted building unit, wherein the respective trusted building unit also generates a signed confirmative certificate comprising the identifier. The method comprise as well utilizing, by each of the distributed trusted building units, output results of at least one of a predecessor build unit of the trusted building unit as input, validating that each of the signed confirmative certificates conforms to a predefined set of policy rules, and upon a failed validating of the signed confirmative certificate of one of the trusted building units, terminating the building of the trusted executable software.

Abstract: A computer-implemented method for managing a life-cycle of at least in parts interdependent cryptographic keys is disclosed. Each of the cryptographic keys is signed and relates to a different one of artifacts. The method comprises creating a key manifest, wherein the key manifest comprises data about determined dependencies of the cryptographic keys at a point in time when one of the artifacts is built encrypting the key manifest with a manifest key, and upon a life-cycle change happening to one out of the group comprising one of the artifacts and one of the interdependent cryptographic keys in the key manifest of the one of the artifacts, the method comprises decrypting the key manifest and invoking an action to a related one out of the group comprising the one of the artifacts and at least one of the interdependent cryptographic keys in accordance with the key manifest.

Abstract: A computer-implemented method for securely transferring a secret from a source computing component to a target computing component, wherein the source computing component and the target computing component are part of a secure computing environment is disclosed. The method comprises upon the source computing component receiving from the target computing component a signed attestation document, verifying, by the source computing component, an authenticity and content of the attestation document, and upon a successful verification of the authenticity and the content, transferring, by the source computing component the secret to the target computing system. Thereby, the attestation document is attesting that the target computing component is compliant to an update governance rule.

Abstract: A computer-implemented method for building trusted executable software using trusted building units, wherein a path between the building units is untrusted, is disclosed. The method comprises generating, by each of the trusted building units, an identifier for identifying an output of the respective trusted building unit, wherein the respective trusted building unit also generates a signed confirmative certificate comprising the identifier. The method comprise as well utilizing, by each of the distributed trusted building units, output results of at least one of a predecessor build unit of the trusted building unit as input, validating that each of the signed confirmative certificates conforms to a predefined set of policy rules, and upon a failed validating of the signed confirmative certificate of one of the trusted building units, terminating the building of the trusted executable software.

Abstract: Securing pods in a container orchestration environment is provided. A container runtime interface command is verified to perform an orchestration action on a set of containers comprising an application workload that corresponds to a service based on matching the container runtime interface command to a rule contained in a trusted execution environment contract included in a pod sandbox virtual machine of a trusted execution environment. It is determined whether the container runtime interface command to perform the orchestration action on the set of containers is valid based finding a matching rule in the trusted execution environment contract. In response to determining that the container runtime interface command to perform the orchestration action on the set of containers is valid, the container runtime interface command is executed to perform the orchestration action on the set of containers in the pod sandbox virtual machine of the trusted execution environment.

Abstract: A computer implemented method for searching resources via an application in a user interface framework that initiates a first search request via a search engine interface and receives a search result and associated resource types in response to the first search request. The method further maps the associated resource types to at least one user interface control class of a plurality of user interface control classes resulting in at least one selected class group and dynamically maps the at least one selected class group to a corresponding instance of user interface controls. The method further renders the search result and the corresponding instance into a faceted user interface, receives an input via the corresponding instance rendered into the faceted user interface, filters the search result based on the input to generate a filtered search result, and renders the filtered search result into the faceted search interface.

Abstract: A computer system for integration of content elements into a web portal application can include a portal server module for providing a web portal application to at least one user, an aggregation module, coupled to the portal server module, for integrating content nodes representing content elements into a memory tree reflecting the web portal application, a dynamic assembly module coupled to the aggregation module, a context launch transformation module coupled to the dynamic assembly module for construction of subtrees of dynamic content nodes, and a context observer module coupled to the dynamic assembly module.

Abstract: A computer implemented method for searching resources via an application in a user interface framework that initiates a first search request via a search engine interface and receives a search result and associated resource types in response to the first search request. The method further maps the associated resource types to at least one user interface control class of a plurality of user interface control classes resulting in at least one selected class group and dynamically maps the at least one selected class group to a corresponding instance of user interface controls. The method further renders the search result and the corresponding instance into a faceted user interface, receives an input via the corresponding instance rendered into the faceted user interface, filters the search result based on the input to generate a filtered search result, and renders the filtered search result into the faceted search interface.

Abstract: A computer implemented method for searching resources via an application in a user interface framework that initiates a first search request via a search engine interface and receives a search result and associated resource types in response to the first search request. The method further maps the associated resource types to at least one user interface control class of a plurality of user interface control classes resulting in at least one selected class group and dynamically maps the at least one selected class group to a corresponding instance of user interface controls. The method further renders the search result and the corresponding instance into a faceted user interface, receives an input via the corresponding instance rendered into the faceted user interface, filters the search result based on the input to generate a filtered search result, and renders the filtered search result into the faceted search interface.

Abstract: A method, system and computer program product for determining key professional skills and personality traits for a job is disclosed. A computer-implemented method is provided that comprises analyzing organization and industry data to identify one or more job-specific attributes associated with a job. A job-specific attributes profile for the job is generated comprising the one or more identified job-specific attributes. The job-specific attributes include one or more professional skills and personality traits that positively influence an outcome of the job.

Abstract: A portal server comprises memory, a profile manager, a profile selector, and a profile initiator. The profile manager is configured to manage a plurality of profile records in a profile database. The profile selector is configured to select at least one of the plurality of profile records based on context data collected at a client and context data collected at the portal server. The collected context data corresponds to particular user interaction activity with the portal server. The profile initiator is configured to adapt a user interface based on the profile selected by the profile selector.

Abstract: A computer system for integration of content elements into a web portal application can include a portal server module for providing a web portal application to at least one user, an aggregation module, coupled to the portal server module, for integrating content nodes representing content elements into a memory tree reflecting the web portal application, a dynamic assembly module coupled to the aggregation module, a context launch transformation module coupled to the dynamic assembly module for construction of subtrees of dynamic content nodes, and a context observer module coupled to the dynamic assembly module.

Abstract: A computer system for integration of content elements into a web portal application can include a portal server module for providing a web portal application to at least one user, an aggregation module, coupled to the portal server module, for integrating content nodes representing content elements into a memory tree reflecting the web portal application, a dynamic assembly module coupled to the aggregation module, a context launch transformation module coupled to the dynamic assembly module for construction of subtrees of dynamic content nodes, and a context observer module coupled to the dynamic assembly module.

Abstract: Embodiments of the present invention provide a method and system for designing a Web Portal comprising a hierarchical structure of portal pages and portlets for accessing Web contents accessible via the Portal. The method of the invention tracks the paths across which a user traverses a corresponding navigation topology of a portal in order to learn from the behavior of the user. Subsequently during future sessions in the portal when navigating at the same node of the web portal recommendations can be provided that allow the user to access links to an expected final destination page.

Abstract: The invention provides for a computer system, comprising a device register for creating and registering one or more device objects. At least one device object of the one or more device objects is configured for communicating with a network connector of a sensor appliance via a network connection. The device object is configured for exposing at least one parameter of the sensor appliance by declaring its capabilities. The computer system further comprises an aggregation model for aggregating the at least one parameter of the at least one device objects; a set of wiring definitions descriptive of raised events created by changes or updates in the at least one parameter; and a wiring broker for updating the aggregation model in accordance with the raised events.

Abstract: In one embodiment, a method for interconnecting portlets is disclosed. A first view is displayed on a computing device, wherein the first view is associated with a software application in a first state and includes a first portlet. A first event is received from the first portlet. A state model for the software application is accessed, wherein the state model includes a plurality of transitions between states of the software application, and wherein one transition of the plurality of transitions is triggered to bring the software application into a second state based on a type of the first portlet and data associated with the type of the first portlet. The one transition is executed to bring the software application into the second state, and a second view is displayed, wherein the second view is associated with the software application in the second state.

Abstract: In one embodiment, a method for interconnecting portlets is disclosed. A first view is displayed on a computing device, wherein the first view is associated with a software application in a first state and includes a first portlet. A first event is received from the first portlet. A state model for the software application is accessed, wherein the state model includes a plurality of transitions between states of the software application, and wherein one transition of the plurality of transitions is triggered to bring the software application into a second state based on a type of the first portlet and data associated with the type of the first portlet. The one transition is executed to bring the software application into the second state, and a second view is displayed, wherein the second view is associated with the software application in the second state.

Abstract: Aspects of the present invention disclose a method, computer program product, and system for managing web searching. The method includes one or more processors tracking user activity on the at least one website. The method further includes one or more processors analyzing the tracked user activity on the at least one website. The method further includes one or more processors generating a user profile based on the tracked user activity on the at least one website. The method further includes one or more processors mapping the generated user profile and corresponding user identity information between one or more of: a search service provider, an analytic service provider, and a provider of the at least one website. The method further includes one or more processors storing the generated user profile.