The user can specify IDB entries for applications and store those in a specific folder (e.g. /home). UNICORE loads the specific IDB entries and publish them only to the user at the client side. The user is then able to use his specific applications. This should also work with the service orchestrator.