CPC H04L 63/1416 (2013.01) [G06F 9/451 (2018.02); G06F 16/211 (2019.01); G06F 16/24569 (2019.01); G06F 16/355 (2019.01); G06F 16/95 (2019.01); G06F 21/577 (2013.01); G06F 21/6227 (2013.01); H04L 63/083 (2013.01); H04L 63/102 (2013.01); H04L 63/104 (2013.01); H04L 63/1433 (2013.01); H04L 63/18 (2013.01); H04L 63/205 (2013.01); G06F 2221/034 (2013.01); G06F 2221/2141 (2013.01)] | 18 Claims |
1. A system for streamlined analysis of access sub-networks in a cloud environment, comprising: memory storing access sub-networks in a cloud environment between a plurality of resources and a plurality of users, wherein a subject access sub-network makes a subject resource accessible to one or more users; memory storing user-to-role mappings for roles assigned to the plurality of users, wherein the roles are defined at a resolution of the cloud environment; and accumulation logic, having access to the access sub-networks and to the user-to-role mappings, and configured to traverse the access sub-networks to build a number U user-to-resource mappings between the plurality of users and the plurality of resources, and to evaluate the number U user-to-resource mappings against the user-to-role mappings to accumulate a number R role-to-resource mappings between the roles and the plurality of resources, wherein R<<U.
|