Abstract: A system is provided for environment validation. The system includes a user interface, a repository, and a validation tool. The repository includes environment component information. The validation tool accesses environment component information in the repository and validates each keystore associated with an environment. The validation tool also validates each port associated with the environment and validates each database associated with the environment. Additionally, the validation tool validates each message service associated with the environment and validates each interface associated with the environment. Furthermore, the validation tool outputs results of validating each environment component to the user interface.

Abstract: Method, device, and storage medium to receive a request to authorize a release of protected resource data, wherein the request includes a device identifier that identifies a requesting device of the request and one or more indicators that indicate one or more instances of the protected resource data being requested; identify a sensitivity level for each indicator of the protected resource data; identify, based on the device identifier, contextual information that indicates a preferred type of consent of the requesting device in response to a determination that at least one of the one or more indicators require consent from a resource owner of the protected resource data; select a type of consent based on the contextual information and the one or more sensitivity levels; and transmit a request, to a user device associated with the resource owner, for consent from the resource owner according to the type of consent.

Abstract: Method, device, and storage medium to receive a request to authorize a release of protected resource data, wherein the request includes one or more indicators that indicate one or more instances of the protected resource data being requested; identify a sensitivity level for each indicator of the protected resource data; determine whether the one or more indicators of the protected resource data require consent from a resource owner of the protected resource data; transmit a request, to a user device associated with the resource owner, for consent from the resource owner in response to a determination that at least one of the one or more indicators require consent from the resource owner; generate an authorization code in response to receiving consent from the resource owner; and transmit, to the sending device of the request, the authorization code.

Abstract: A system is provided comprising at least one processor, a memory, and an application stored in the memory that, when executed, receives a first request from a client device for access to a first web service and accesses a policy associated with the first web service. The system also selects a second plurality of data elements from a first plurality of data elements based on the first request and based on the policy wherein the second plurality of data elements is associated with the first web service. The system also provides the second plurality of data elements to the client device and receives a second request from the client device for a first set of data values associated with the second plurality of data elements. The system also authenticates the second request and provides the first set of data values in response to the second request.

Abstract: A system is provided. The system comprises a processor, a memory, and an authorization application stored in the memory that, when executed by the processor, receives a first message from a first client device associated with a first domain, the first message containing a request to emulate a second client device associated with a second domain. The system also determines authorization for the first device to emulate the second device in the second domain. The system also associates an electronic cookie with a browser session initiated by the first device, the electronic cookie associated with access to the second domain. The system also provides the first device authorization to emulate the second device in the second domain using a generic login account wherein the second domain provides the first device limited cross-domain access based on the electronic cookie to targeted information associated with the second device.

Abstract: Method, device, and storage medium to receive a request to authorize a release of protected resource data, wherein the request includes one or more indicators that indicate one or more instances of the protected resource data being requested; identify a sensitivity level for each indicator of the protected resource data; determine whether the one or more indicators of the protected resource data require consent from a resource owner of the protected resource data; transmit a request, to a user device associated with the resource owner, for consent from the resource owner in response to a determination that at least one of the one or more indicators require consent from the resource owner; generate an authorization code in response to receiving consent from the resource owner; and transmit, to the sending device of the request, the authorization code.

Abstract: Method, device, and storage medium to receive a request to authorize a release of protected resource data, wherein the request includes a device identifier that identifies a requesting device of the request and one or more indicators that indicate one or more instances of the protected resource data being requested; identify a sensitivity level for each indicator of the protected resource data; identify, based on the device identifier, contextual information that indicates a preferred type of consent of the requesting device in response to a determination that at least one of the one or more indicators require consent from a resource owner of the protected resource data; select a type of consent based on the contextual information and the one or more sensitivity levels; and transmit a request, to a user device associated with the resource owner, for consent from the resource owner according to the type of consent.

Abstract: A system is provided for managing digital certificates. The system includes a host system, which includes a user interface, a plurality of disparate host certificate stores, and a management tool. The plurality of disparate host certificate stores includes a plurality of host server certificates. The management tool retrieves a copy of one of the plurality of host server certificates from any of the plurality of disparate host certificate stores, provides the copy of the one of the plurality of host server certificates to a partner system for loading in a partner certificate store, communicates with the partner system to validate the one of the plurality of host server certificates, and outputs a host server certificate message to the user interface.

Abstract: A password generation and validation system is provided. The system comprises a server system and an at least one memory. The system also comprises a password component stored in the at least one memory that, when executed by the server system, receives a plurality of inputs, generates a first password for a computer system based on the plurality of inputs contemporaneously with receiving the plurality of inputs, receives a second password, generates at least one candidate password based on some of the plurality of inputs, and validates the second password when the second password matches the at least one candidate password.

Abstract: A computer implemented method for providing enhanced customer support is provided. The method comprises a replication server selecting a plurality of first entries in a source lightweight directory access protocol (LDAP) data store based on at least one attribute of the selected entries matching a predefined criteria, wherein a structure of the first entries is defined by a first schema. The method also comprises the replication server copying a plurality of attributes of each of the selected entries into a target lightweight directory access protocol data store, wherein the target lightweight directory access protocol data store contains a plurality of second entries, wherein a structure of the second entries is defined by a second schema, wherein the first schema is different from the second schema, and wherein the plurality of attributes copied do not include all of the attributes defined by the first schema.

Abstract: A system for directory replication and integration is provided. The system comprises a computer system and an application, that when executed on the computer system, analyzes a first structure of a first directory services database and generates a plurality of configuration files based on the analysis of the first structure of the first directory services database. The system also creates a second structure using the configuration files and tests the second structure using load and performance profiles and adjusts the second structure based on the results of the tests. The system also replicates entries in first directory services database to a second directory services database according to the second structure.

Abstract: A computer-implemented system for managing security using a SOAP message is provided. The system includes a SOAP message that has a security portion. The security portion of the SOAP message has at least one security component. The system includes a custom class and a handler. The custom class identifies the web services security version or draft of the security component within the SOAP message. The handler is operable based on the web services security version or draft related to the at least one security component promote processing of a security aspect of the SOAP message.

Abstract: A system to validate a request for web services which includes a digital certificate is provided. The system includes a first certification authority that provides a public encryption key and a certificate revocation list in response to requests. The system also includes a certification revocation list component that determines whether a digital certificate is named in the certification revocation list, a certificate verification component that determines whether a digital certificate is valid, a plurality of verifier components that determine the validity of a request for web services and each of which operates in accordance with a different one of a plurality of OASIS Web Services Security versions. The system also includes a management component to determine the version of the OASIS Web Service Security version of the web services request and to select an appropriate verifier component.

Abstract: Disclosed herein is a Directory Extension Service (DES) system and method for generating a count of a number of entries in a node or a number of entries in a node and any nested nodes in one or more directory databases. The Directory Extension Service may parse a count requests to generate one or more sets of commands to be sent to the one or more directory databases. The generated sets of commands may be particularly tailored according to proprietary operational attributes or controls supported by each vendor that implements a directory database. The count values retrieved from each of the directory databases may then be combined by the Directory Extension Service system and the resultant count value may be transparently presented to the application that has requested the count.

Abstract: A system for secure communication over a computer network. The system includes a web server, a component, and a service gateway. The web server is operable to receive a message from a customer application via a transport layer and validate a digital certificate associated with the message. The component, which may be a software component, receives the digital certificate from the web server at the transport layer and provides the digital certificate at an application layer. The service gateway receives the digital certificate at the application layer and identifies the customer application associated with the digital certificate. The service gateway promotes validation of the digital certificate and wherein the digital certificate is valid, the service gateway promotes communication of the message from the customer application to a supplier application.