Cloud data attack surface tracking using graph-based excessive privilege detection
US12231434B1 · kind B1 · utility
Assignee
Inventors
Key dates
| Filing date | Jul 26, 2024 |
| Grant date | Feb 18, 2025 |
| Priority date | — |
| Expiry date | Jul 26, 2044 |
Classification
- Technology area (CPC H)Electricity
- CPC primaryH04L63/1425
- WIPO fieldDigital communication
- WIPO sectorElectrical engineering
Abstract
A computer-implemented method includes detecting occurrence of an event in a cloud environment, obtaining an indication of an identity associated with the event, obtaining an indication of a usage time stamp representing usage time of a privilege in association with the identity for the event, and classifying the privilege into a classification group selected from a plurality of predefined classification groups. Each respective classification group groups a respective set of privileges defined in the cloud environment. The method includes obtaining a grant time stamp representing a grant time of at least one privilege, in the respective set of privileges in the classification group, to the identity and, based on the usage time stamp and the grant time stamp, generating an excessive privilege determination that indicates the classification group includes at least one excessive privilege. The method includes performing a computing action based on the excessive privilege determination.
Source: USPTO / EPO open patent data. Objective bibliographic and citation counts.