Abstract:
An approach for optimizing security token exchange. The approach receives a first request from a client. The approach extracts a first security token and an API reference. The approach validates the first security token. If the security token is valid, then the approach, calls the API and retrieves a second security token, embeds the second security token in the API and sends a second request with a third security token and the reference to the API to another application in a different domain.
Abstract:
Mechanisms are provided for salted password protection of computing resources. An entity identifier and password for authenticating an entity to access a protected computing resource are received. A salt value is generated as a random value that is combined with the password to generate a salted password. A hash value is generated based on a hash function and the salted password as an input to the hash function. Based on the password, an encryption key is generated for encrypting the salt value. The salt value is encrypted based on the encryption key and an encryption algorithm to generate an encrypted salt value. The entity identifier, hash value, and encrypted salt value are stored in a secured database for later retrieval to validate subsequent access requests specifying the entity identifier.
Abstract:
Arrangements described herein relate to collaborative environments and, more particularly, to use of a microblog to enhance communication in an organization. The present arrangements can include receiving from a first user a first microblog entry into a microblog, identifying at least one keyword associated with the first microblog entry, and assigning to the at least one keyword a tag creating an association between the at least one keyword and at least one data repository. The arrangements further can include establishing bidirectional integration between the microblog and the at least one data repository of information related to the tag creating the association between the at least one keyword and the at least one data repository.
Abstract:
An identity provider (IdP) discovery service operative at a service provider (SP) is described. In operation, and as valid requests are received by the SP via normal IdP-initiated flows, the SP builds-up knowledge about the relationship between the IdP (that redirected the request) and the initiator of the request. The IdP instance typically is inferred from an HTTP referrer field, and information about the initiator may be ascertained from client-specific information, such as client system IP address, client DNS domain, a domain of a user e-mail address, a target URL for the incoming request, or the value associated with a particular HTTP header field. This knowledge is maintained in one or more mapping table(s) that associate request attributes-to-IdP instance data. The mappings are then used to facilitate IdP discovery for a new incoming request to the SP that has been determined to originate from other than an IdP.
Abstract:
Arrangements described herein relate to collaborative environments and, more particularly, to use of a microblog to enhance communication in an organization. The present arrangements can include receiving from a first user a first microblog entry into a microblog, identifying at least one keyword associated with the first microblog entry, and assigning to the at least one keyword a tag creating an association between the at least one keyword and at least one data repository. The arrangements further can include establishing bidirectional integration between the microblog and the at least one data repository of information related to the tag creating the association between the at least one keyword and the at least one data repository.
Abstract:
Arrangements described herein relate to collaborative environments and, more particularly, to use of a microblog to enhance communication in an organization. The present arrangements can include receiving from a first user a first microblog entry into a microblog, identifying at least one keyword associated with the first microblog entry, and assigning to the at least one keyword a tag creating an association between the at least one keyword and at least one data repository. The arrangements further can include establishing bidirectional integration between the microblog and the at least one data repository of information related to the tag creating the association between the at least one keyword and the at least one data repository.
Abstract:
Protection against an attack which exploits an eXtensible Markup Language (XML) Encryption vulnerability includes receiving a ciphertext request utilizing an EncryptedKey element and detecting either a failure to decrypt the cipher value in the EncryptedData element or a failure to parse the resulting decrypted XML. Upon detecting the failure, a count of failures associated with the EncryptedKey element is incremented, and when the count exceeds a threshold number of failures, subsequent usage of the EncryptedKey element and delivery of the request to an application service are prevented. Optionally, a rejection message is returned to the requester.