Patent · US Active

Techniques for analyzing security in computing environments with privilege escalation

US11483317B1 · kind B1 · utility

37Cited by

5References

20Claims

0Family size

Assignee

AMAZON TECHNOLOGIES, INC. · US

Inventors

Pauline Virginie Bolignano · London, GB
John Cook · Brooklyn, US
Andrew Jude Gacek · Maple Grove, US
Kasper Søe Luckow · Sunnyvale, US
Neha Rungta · San Jose, US
Cole Nathan Schlesinger · Mountain View, US
Ian Sweet · College Park, US
Carsten Varming · Brooklyn, US

Key dates

Filing date	Nov 30, 2018
Grant date	Oct 25, 2022
Priority date	—
Expiry date	Nov 30, 2038

Classification

Technology area (CPC H)Electricity
CPC primaryH04L63/20
WIPO fieldComputer technology
WIPO sectorElectrical engineering

Abstract

A policy auditing service can be implemented, in accordance with at least one embodiment that obtains a set of parameters that indicates a snapshot of a policy configuration for an account, a query, and a security policy. The security policy may encode a security requirement or invariant. The policy auditing system may determine states that can be reached via mutative operations (e.g., role assumption) and use a policy analyzer service to determine whether assuming a role results in a grant of access that is at least as permissive as the security policy of the set of parameters.

Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.