Aspects of the present disclosure relate generally to data storage and data replication. For example, a computer-implemented method includes creating, by a computing device, a mapping that associates a plurality of block identifiers with a plurality of binary combinations of data for a block size; generating from the mapping that associates the plurality of block identifiers with the plurality of binary combinations of data for the block size, by the computing device, a list of block identifiers representing a list of data blocks in a storage; sending, by the computing device, the list of block identifiers to a backup storage to replicate the list of data blocks in the storage; and storing on a computer readable storage media the mapping that associates the plurality of block identifiers with the plurality of binary combinations of data for the block size and the list of block identifiers in the storage.
A computer-implemented method for providing a secure data access service that encrypts data is disclosed. The method includes: wrapping a data encryption key by at least two customer root keys, wherein the at least two customer root keys are assigned to different user identifiers, and wherein the at least two customer root keys are stored in different hardware security modules, and wherein a wrapping structure for the at least two customer root keys is applied according to an access policy that defines which of the assigned user identifiers must concur to enable a data access to the encrypted data by the secure data access service; and encrypting the data by the secure data access service using the unwrapped data encryption key.
Embodiments of the present invention provide concepts for identifying an edge computing environment location as a target for workload migration. For example, embodiments may provide for a machine-learning algorithm to be trained to predict or suggest the most appropriate edge location for migrating a workload. Using a description of a workload, the machine-learning algorithm may predict/ suggest one or more edge locations.
Methods, computer program products, and systems can include obtaining a first computing environment specific application deployment software code instance associated to a first computing environment, the first computing environment specific application deployment software code instance for deployment of a certain application on the first computing environment; parsing the first computing environment specific application deployment software code instance, wherein the parsing includes determining attributes of the first computing environment specific application deployment software code instance and generating, using the determined attributes of the first computing environment specific application deployment software code instance, a computing environment agnostic semantic tree data structure that expresses a workflow pattern for deployment of the certain application; and composing, with use of the computing environment agnostic semantic tree data structure, a second computing environment specific application deployment software code instance associated to a second computing environment for deployment of the certain application on the second computing environment.
A method, computer system, and a computer program product for operating at least one storage server. The present invention may include receiving an access request for at least one storage volume of at least one storage server. The present invention may include collecting data for the at least one storage volume, wherein the at least one storage volume has a corresponding unique volume identifier. The present invention may include storing at least the data for the at least one storage volume and the unique volume identifier in a database, the data being comprised of metadata and subset data, wherein the metadata is comprised of configuration and status information for the at least one storage volume, and wherein the subset data is a set of predefined selection criteria based on a respective computer server.
A method and related apparatus adaptively control snapshot replication of a plurality of server snapshots in a multi-tenant public cloud using snapshot service. A plurality of snapshot requests are received from a plurality of clients in the multi-tenant public cloud and are each associated with a service level agreement (SLA). The SLA includes a corresponding completion deadline and a slippage penalty. A probabilistic model calculates, for active snapshot flows, a completion time for each of the snapshot requests. If any of the predicted completion times exceed their corresponding completion deadlines, a possible MISS event is produced for an associated first snapshot. The snapshot controller component, in response to producing the possible MISS event, minimizes a probability of breaching fulfilment times for the multi-tenant cloud. The slippage penalty is calculated for each of the plurality of snapshot requests. A second snapshot is identified from among the plurality of snapshot requests.
A method for providing protection of a computing resource constrained device against cyberattacks may include collecting threat intelligence data in form of indicators of compromise (IoC). The indicators may include cyberattack chain related data. The method may also include determining a relevance of the cyberattack chain for the device, measuring a utilization of security measures in terms of their detection of the respective IoCs and their respective responses to the IoCs, measuring a resource consumption of the security measures, and determining a benefit value for at least one the security measure expressed by its utilization and a relevance value of the IoCs detected with it.
The exemplary embodiments disclose a system and method, a computer program product, and a computer system for encryption. The exemplary embodiments may include receiving an encryption request from a first smart device, preparing a response to the encryption request and generating a key, encrypting the prepared response with the generated key, sending the encrypted response to the first smart device, splitting the key into two or more pieces, sending the two or more key pieces to a second smart device, sending the two or more key pieces from the second smart device to the first smart device, assembling the two or more key pieces into the key on the first smart device, and decrypting the encrypted response on the first smart device using the assembled key.
A method, computer program product, and system for detecting a malicious process by a selected instance of an anti-malware system are provided. The method includes one or more processors examining a process for indicators of compromise to the process. The method further includes one or more processors determining a categorization of the process based upon a result of the examination. In response to determining that the categorization of the process does not correspond to a known benevolent process and a known malicious process, the method further includes one or more processors executing the process in a secure enclave. The method further includes one or more processors collecting telemetry data from executing the process in the secure enclave. The method further includes one or more processors passing the collected telemetry data to a locally trained neural network system.
G06F 21/53 - Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems during program execution, e.g. stack integrity, buffer overflow or preventing unwanted data erasure by executing in a restricted environment, e.g. sandbox or secure virtual machine
PREVENTING DEPLOYMENT FAILURES OF INFORMATION TECHNOLOGY WORKLOADS
A method for orchestrating a provisioning of a computer workload includes determining characteristics of a computing pattern, determining health data of a computing environment based on the characteristics of the computing pattern, determining a confidence score based on the health data, and determining whether to proceed with provisioning the computer workload based on the confidence score.
A method for controlling a mouse pointer on at least two displays is provided. A virtual display layout defines a mutual relative positioning of display areas relating to the at least two displays. The method comprises creating the virtual display area and tracking a position of the mouse pointer within it. Upon the mouse pointer being positioned within an area of any of the display areas, the mouse pointer is displayed. Upon the mouse pointer being positioned outside the area of any of the display areas, but within the virtual display area, a first marker is displayed on a side border of the display in a direction the mouse pointer is positioned within the virtual display area, and a second marker is displayed on at least one other side border of another display in a direction the mouse pointer is positioned within the virtual display area.
G06F 3/0481 - Interaction techniques based on graphical user interfaces [GUI] based on specific properties of the displayed interaction object or a metaphor-based environment, e.g. interaction with desktop elements like windows or icons, or assisted by a cursor's changing behaviour or appearance
G06F 1/16 - Constructional details or arrangements
IDENTIFYING A DISTRIBUTED THREAT IN A SECURITY ZONE
A method for identification of a distributed prohibited item across various dimensions as well as spatial and/or temporal spaces is provided. The method includes one or more processors assigning an identifier to each container of a plurality of containers entering a defined area. The method further includes determining one or more subcomponents of the plurality of containers entering the defined area that correspond to one or more prohibited items. The method further includes generating a set of subcomponents corresponding to a first prohibited item of the one or more prohibited items based at least in part on the plurality of containers. The method further includes determining whether the set of subcomponents corresponding to the first prohibited item exceeds a prohibited item threshold of the defined area based on a weighted sum of the set of subcomponents, which is a score related to the set of subcomponents.
Methods, computer program products, and systems are provided. In response to receiving a request associated with a data transfer, the method dynamically determines a first device to facilitate the data transfer. The method automatically creates a link between the first device that contains data to be transferred and a second device that is an intended recipient for the data.
A user can wear a device which emits a visual and/or audible output. The output changes over time. A system is capable of predicting the output. Thus, the system can analyze a video and determine, based on observed output of the device, whether the video has been modified. The output can be particularly difficult for humans to modify, detect, understand, or recreate, further impeding attempts to disguise edits to the video.
A system for determining the optimal backup and restore location for lightweight applications is provided. A computer device identifies a set of training data, wherein the training data identifies a lightweight container, a corresponding backup lightweight container, and an optimization score for the lightweight container and the corresponding backup lightweight container. The computing device trains a machine learning model utilizing the identified training data. The computing device identifies a new lightweight container for backup. The computing device determines an optimal backup lightweight container for the new lightweight container utilizing the trained machine learning model.
An embodiment of the invention may include a method, computer program product and system for deployment of microservices within a shared pool of configurable computing resources. An embodiment may include creating a dependency map for a plurality of microservices of an application deployed on the shared pool of configurable computing resources. An embodiment may include identifying attributes, with associated values, for each microservice of the plurality of microservices and identifying eligible deployment locations within the shared pool of configurable computing resources. An embodiment may include creating a bipartite graph based on the plurality of microservices and the identified eligible deployment locations. An embodiment may include applying bipartite matching to the shared pool of configurable computing resources based on the created bipartite graph. An embodiment may include, based on the applied bipartite matching, relocating one or more microservices within the shared pool of configurable computing resources.
A plurality of blocks of a first storage device are monitored. The first storage device is related to a computer system. A subset of blocks of the plurality a compared to a first storage signature of the first storage device. Based on the comparing of the subset of blocks to the first storage signature, a security anomaly is determined on the computer system. In response to the security anomaly, a security action is performed. The security action is related to the computer system.
One or more computer processors intercept one or more network inputs entering or existing an internal network; synthesize one or more network input images from a random noise vector sampled from a normal distribution of textually embedded network inputs utilizing a trained generative adversarial network; classify one or more synthesized network input images by identifying contained objects utilizing a trained convolutional neural network with rectified linear units, wherein the objects include patterns, sequences, trends, and signatures; predict a security profile of the one or more classified network input images and associated one or more network inputs, wherein the security profiles includes a set of rules and associated mitigation actions, analogous historical network traffic, a probability of infection, a probability of signature match with historical malicious network inputs, and a harm factor; apply one or more mitigation actions based on the predicted security profile.
In an approach to defining and symphonizing serverless functions ofhybrid multi-cloud services, a mapping table that contains quality of service (QoS) attributes for applications and service providers is created. Responsive to receiving a request from a runtime application to access specific serverless functions, specific QoS attributes for the runtime application are determined. Supporting service providers that provide the specific serverless functions and the specific QoS attributes for the runtime application are determined. A supporting service provider is selected from the supporting service providers. The specific serverless functions for the runtime application are bound to the supporting service provider.