Methods and system support use of peripheral devices by workspaces operating on an Information Handling System (IHS), where the workspaces operate in isolation from the hardware and other software of the IHS. Workspaces are thus unable to interface with hardware coupled to the IHS, including peripheral devices coupled to the IHS. In embodiments, workspace issue request for use of a remote operation supported by a peripheral device. A handle is then provided for invoking the remote operation supported by the peripheral device and for providing the workspace with exclusive use of the peripheral device for the duration of a validity of the handle. One the handle is used to invoke the remote operation supported by the peripheral device, the workspace is provided with output from the remote operation conducted during exclusive use of the peripheral device by the workspace.

A method that manages sensitive data. A computer system identifies the sensitive data for a group of application containers using configuration information for the group of application containers. The computer system encrypts the sensitive data identified for the group of application containers to form encrypted sensitive data. The computer system saves the encrypted sensitive data to a shared storage used by the group of application containers when the group of application containers is deployed.

Deferred reclaiming of secure guest resources within a computing environment is provided, which includes initiating, by a host of the computing environment, removal of a secure guest from the computing environment, while leaving one or more resources of the secure guest to be reclaimed asynchronous to the removal of the secure guest. The deferring also includes reclaiming the one or more secure guest resources asynchronous to the removal of the secure guest, where the one or more secure guest resources are available for reuse as the one or more secure guest resources are reclaimed asynchronous to the removal of the secure guest.

Systems, computer program products, and methods are described herein for active detection and mitigation of unauthorized activity within a technology infrastructure. The present invention is configured to continuously monitor one or more incoming messages in one or more computing devices; detect one or more assessment vectors embedded in the one or more incoming messages; initiate an isolated virtual environment; redirect the one or more incoming messages associated with the one or more assessment vectors from the one or more computing devices to the isolated virtual environment; trigger an access routine to emulate, within the isolated virtual environment, an action of accessing the one or more incoming messages; determine, based on at least the access routine, whether the one or more incoming messages is associated with malware; and display a notification to the user indicating whether the one or more incoming messages is associated with malware.

A docker image is received. The docker image is for a container. The container contains files that allow for virtualization of applications that run within the container. The docker image is parsed to identify layer files in the docker image. Installed software components (e.g., installed files) and/or hardware components in the layer files are identified. Software application index calls are made to generate information that identifies relationships between the installed software components and/or hardware components. The relationships between the installed software components and/or hardware components are then displayed to a user.

A system and method mediate transfer of encrypted data files between local applications and external computer systems. Application containers perform cryptographic operations using stored credentials to decrypt data coming from these external systems and configurably forward them to the local applications, and to encrypt data sent from the local applications to the external systems. Access to this encryption-as-a-service (EaaS) functionality is gated by a fingerprint service that classifies requests by security level, and detects anomalous requests. Security classification is performed by a supervised machine learning algorithm, while anomalous request detection is performed by unsupervised machine learning algorithm. Stored keys are monitored, and when they near expiration or are damaged, embodiments proactively undertake key renewal and key exchange with the external computer systems. Containerization enables key storage in multiple vaults, thereby making such storage vendor-agnostic.

A system, method and computer program product for open innovation including an asset valuation device receiving asset information about tangible or non-tangible assets, and generating a valuation signal, based on the asset information; a self-executing code device receiving the valuation signal, and generating a self-executing code signal, based on the valuation signal; an air router device having both a low band radio channel, and an internet router channel for redundant internet communications, and a malicious code removal device for scrubbing malicious code from data received, receiving the valuation signal, and generating a node voting request signal, based on the valuation signal; and a mesh network having a plurality of node devices receiving the node voting request signal, and generating vote confirmation signals, based on the node voting request signal. Computing devices are connected to the node devices to perform problem solving, smart contract processing, and/or cryptocurrency mining.

Systems and methods can enable select virtual session capabilities on a user device configured to access a virtual session, which is an instance of a virtual machine. The user device can receive and forward to a gateway sever, a request to launch a virtual session. Based on the virtual session launch request, the gateway server can obtain a compliance profile determined from operational data. The gateway can permit user device access a virtual session hosted on a virtual machine (“VM”) server. The VM server can use the compliance profile and security data from the user device to determine a risk profile of the user device. The virtual session can be configured at the VM server based on the risk profile so as to allow access to a subset of available applications and functions within the applications for the virtual session.

A method for processing, by a processing entity, of an authorization to implement a service and/or access an item. The method includes: reception, from a requesting device, of a request for implementing a service and/or accessing an item; searching for an indicator of dependency from at least one piece of data of said request for implementation; when an indicator of dependency is present, obtaining an authorization from a verification device to implement said service and/or access said item.

An anti-malware device 50 includes: a risk information storage unit 51 in which risk information 510 is stored, in which there are associated a value indicating an attribution of an information processing device 60 for executing software 600, a value indicating an attribution of the software 600, and a value that indicates the degree of risk when the software 600 is executed; a subject attribution collection unit 53 for collecting the value indicating the attribution of the information processing device 60; an object attribution collection unit 54 for collecting the value indicating the attribution of the software 600; and a determination unit 55 for determining that the software 600 is malware when the value indicating the degree of risk obtained by comparing the risk information 510 and the values collected by the subject attribution collection unit 53 and object attribution collection unit 54 satisfies a criterion.