CPC G06F 21/54 (2013.01) [G06F 21/554 (2013.01); G06F 21/566 (2013.01); G06F 2221/033 (2013.01)] | 20 Claims |
1. A computer-implemented method comprising:
receiving a security policy for a container that is part of a microservice architecture;
obtaining a first effect graph of the security policy, resulting in a security model for the container;
identifying execution behavior of the container;
generating a second effect graph of the execution behavior of the container, wherein the generating comprises summarizing operations and interactions between entities in the execution behavior and results in a behavioral model for the container;
comparing the behavioral model to the security model;
determining whether the container has deviated from the security policy based on the comparing; and
enforcing the security policy against the container.
|