| CPC H04L 63/105 (2013.01) [H04L 63/102 (2013.01); H04L 63/20 (2013.01)] | 20 Claims |
|
1. A method operative to identify cloud identities in an enterprise that are propagating permissions within a public cloud environment, the public cloud environment associated with a set of cloud deployments, and wherein the enterprise has an associated set of cloud accounts hosted in the set of cloud deployments, comprising:
receiving identity and audit data from a set of cloud deployments;
for each identity in set of one or more identities, and according to a cloud intelligence model, determining a set of permissions;
determining, for each identity, and based on a set of identity chains extracted from the cloud intelligence model, a set of identity account action paths (IAAPs), wherein an IAAP of the set defines how the identity obtains an ability to perform a given action in a given account;
using the identity account action paths for the set of one more identities to identify one or more cloud identities in the enterprise that are propagating permissions within the public cloud environment; and
responsive to identification of the one or more cloud identities, taking a given action.
|