An apparatus includes a processor operatively coupled to a memory. The processor detects a software application installed on a client computing device, and/or usage data. Detected usage data is associated with a current user of the client computing device and with the software application. The processor identifies a user role for the current user based on the software application and/or usage data. The processor applies a security configuration to the client computing device based on the user role. The security configuration limits access by the current user to a portion of the software application. The processor sends an identifier of the user role to an administrative server for storage in an Active Directory (AD) database.

Disclosed in various examples are methods, systems, and machine-readable media for exposing a Representational State Transfer (RESTful) interface to users whereby management commands on a datacenter may be issued remotely from the users' workstations for secure, remote management of the datacenter. An application task automation command (e.g., a POWERSHELL® command) is executed remotely by creating a proxy command (e.g., based on a POWERSHELL® cmdlet code) to cause the application task automation command to be executed when the proxy command is remotely invoked and deploying the proxy command to a remote computer, such as the user's workstation. The remote computer issues a request including a user identifier and any parameters for the application task automation command when the corresponding proxy command has been invoked by the remote computer. The datacenter determines whether the user is authorized to execute the application task automation command invoked by the proxy command, and upon authorization of the user, the datacenter computer runs the application task automation command with any parameters provided in the request to control configuration of, or data stored on, at least one computer in the datacenter.

Methods, systems, and computer storage media for providing access to computing environments based on a multi-environment policy are provided. The a multi-environment policy is configurable to define rules that have provider-controlled and customer-controlled computing environment parameters for approving access to provider-controlled computing environments and customer-controlled computing environments. In operation, a request associated a computing environment are received. The computing environment is associated with a multi-environment policy. The multi-environment policy is configurable to define the rules based on access vectors having grouped computing environment aspects for control and visibility associated with accessing computing environments. Based on the request, a determination whether the request is for a provider-controlled or a customer-controlled computing environment is made. Based on the multi-environment policy, approval-request parameters of an approval-request are communicated to receive approval-request response values. And, based on receiving the approval-request response values, a request response indicating approval or denial of the request is communicated.

A system is disclosed for pre-registering authentication devices. A security key provider system may receive a request to pre-register a security key with identified applications from an enterprise. Responsive to receiving the request, the security key provider system instructs the security key to generate a unique authentication code for each of the applications. The security key provider system may generate pre-registration information based on the authentication codes and pre-register the authentication codes of the security key to the applications by providing the pre-registration information to the applications on behalf of the enterprise. The security key provider system may instead provide the pre-registration information to the enterprise to allow the enterprise to pre-register the authentication codes.

Embodiments of the present disclosure provide methods, apparatus, systems, computer program products for transferring a performance of a procedure found in technical documentation for an item via an interactive electronic technical manual system (IETM) configured to provide electronic and credentialed access to the technical documentation. In one embodiment, a method is provided comprising: providing the steps of the procedure in an order in which the steps are to be carried out; and while a user is participating in the performance of the procedure: causing a particular step that is being carried out to be highlighted; receiving input of a selection of a transfer mechanism and in response: causing an indication to be displayed between the particular step and a next step to be carried out identifying where the performance has been suspended; providing a transfer window displaying transfer information; and recording the transfer information and an identifier for the indication.

An apparatus includes a memory and a processor. The memory stores a machine learning algorithm configured to classify telemetry data into a set of categories. The processor implements a communication synchronization scheme to receive a first set of telemetry data associated with a first user and a second set of telemetry data associated with a second user. The processor applies the machine learning algorithm to each of the first and second sets of telemetry data, to classify the data. The processor transmits, to a server, training data that includes at least the classified data or a set of parameters derived from the classified data. The server uses the training data to refine a reinforcement learning algorithm that is configured to generate a recommendation of computational resources to provision to a new user.

A system and method for managing implementation of policies in an information technologies system receives at least one policy function, at least one refinement template and at least one available policy function from the at least one memory, receives a policy input indicating a high-level policy for the IT system where the policy input is compliant with the at least one policy function and is received in a format that is not machine-enforceable at an enforcement entity of the IT system, based on the received policy input, automatically or semi-automatically generates a machine-enforceable rule and/or configuration by filling the at least one refinement template, where the machine-enforceable rule and/or configuration includes the at least one available policy function and being compliant with the received policy input, and distributes the machine-enforceable rule and/or configuration to the at least one memory of the IT system or another at least one memory to thereby enable implementation of the policies.

Various mechanisms can be used for authorizing access between entities in a computing environment. Configuring such access may involve configuration data stored on one or more of the computing devices or stored externally to the computing devices. Various aspect are disclosed herein for collecting, analyzing, correlating, organizing, storing, using and/or displaying such information, for example in the form of pre-analyzed access relationships between entities in the computing environment. In accordance with an aspect access-related configuration information is collected from a plurality of entities and an access relationship between two or more entities is determined based on the configuration information. Information about the determined access relationship is stored in a non-volatile storage. The information identifies a source entity and a destination entity and the determined access relationship defines a user account associated with the source entity and authorized to log into a user account associated with the destination entity.

An information processing apparatus includes a processor configured to: display a process reception screen in which plural processes included in a workflow are displayed in order of execution and that receives selection of at least one of the plural displayed processes; receive, for the at least one process received by the process reception screen, disclosure information indicating whether to disclose workflow-related information relating to the workflow; and set whether to disclose the workflow-related information in accordance with the received disclosure information.

This disclosure describes methods, non-transitory computer readable media, and systems that can facilitate execution of external workflows for diagnostic analysis of nucleotide sequencing data utilizing a container orchestration engine. For example, the disclosed systems can utilize a container orchestration engine to allow external systems (e.g., third-party systems) to generate and implement workflows for analyzing sequencing data. In executing individual workflow containers of a sequencing diagnostic workflow, the disclosed systems can isolate the workflow containers to prevent access to, or corruption of, other data while also orchestrating allocation of computing resources available at a genomic sequence processing device to execute the workflow containers.