&#xfeff;<html>
  <head>
    <META http-equiv="Content-Type" content="text/html; charset=utf-8">
<link rel="stylesheet" type="text/css" href="html_style_eog.css"/>
<script type="text/javascript">
          function printpage()
          {
          window.print()
          }
        </script>
<script type="text/javascript" src="https://components.uspto.gov/js/ais/40-patentsgazette.js"></script></head>
  <body bgcolor='#FFFFFF' onload='javascript: if ((navigator.appName.indexOf("Netscape")!=-1) && parent.leftFrame!=null) parent.leftFrame.location.reload();'>
    <basefont face="Times New Roman, Times New Roman, Times New Roman " size="2">
      <div style="margin-left: +10pt">
        <table width="90%" border="0" rules="none" align="center">
          <tr align="center">
            <td width="20%" colspan="1" rowspan="2" align="left" valign="top"><a href="https://ppubs.uspto.gov/pubwebapp/external.html?q=12229311.pn.&amp;db=USPAT" target="popup"><input type="button" class="button" value="   Full Text   "></a></td>
            <td class="table_data"><b>US 12,229,311 B2</b></td>
            <td width="20%" colspan="1" rowspan="2" align="right" valign="top">
              <form><input type="button" value="Print this page" onclick="printpage()"></form>
            </td>
          </tr>
          <tr align="center">
            <td colspan="1" class="table_data" style="text-transform: uppercase"><b>Identifying sensitive data risks in cloud-based enterprise deployments based on graph analytics</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b> Julian James Stephen,  Yorktown Heights, NY (US);  Ted Augustus Habeck,  Hopewell Junction, NY (US); and  Arjun Natarajan,  Old Tappan, NJ (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Assigned to  International Business Machines Corporation,  Armonk, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed by  International Business Machines Corporation,  Armonk, NY (US)</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Filed on Apr.  5, 2023, as Appl. No. 18/131,049.</b></td>
          </tr>
          <tr>
            <td colspan="3" class="table_data" align="center"><b>Application 18/131,049 is a continuation of application No. 17/225,745, filed on Apr.  8, 2021, granted, now 11,727,142.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Prior Publication US 2023/0244812 A1, Aug.  3, 2023</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>This patent is subject to a terminal disclaimer.</b></td>
          </tr>
          <tr align="center">
            <td colspan="3" class="table_data"><b>Int. Cl. </b><i><b>G06F 21/62</b></i> (2013.01); <i><b>H04L 41/0604</b></i> (2022.01); <i><b>H04L 41/22</b></i> (2022.01); <i><b>H04L 67/02</b></i> (2022.01)</td>
          </tr>
        </table>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="75%">
            <col width="15%">
          </colgroup>
          <tr align="left">
            <td class="table_data" align="left"><b>CPC </b><i><b>G06F 21/6245</b></i> (2013.01)&#xa0;[<i><b>G06F 21/6227</b></i> (2013.01); <i><b>H04L 41/0627</b></i> (2013.01); <i><b>H04L 41/22</b></i> (2013.01); <i><b>H04L 67/02</b></i> (2013.01)]</td>
            <td class="table_data" align="right"><b>19 Claims</b></td>
          </tr>
        </table>
        <center><img src="US12229311-20250218-D00000.gif" alt="OG exemplary drawing"></center>
        <table width="90%" border="0" rules="none" align="center">
          <colgroup>
            <col width="90%">
          </colgroup>
          <tr>
            <td class="table_data" align="center">&#xa0;</td>
          </tr>
          <tr>
            <td valign="top" class="para_text">
              <div class="claim_text_root">1. A method, in a data processing system, for identifying sensitive data risks in cloud-based deployments, the method comprising:<div class="claim_text">building a knowledge graph based on data schema information for a cloud-based computing environment, a set of parsed infrastructure logs, and a set of captured application queries;</div>
                <div class="claim_text">identifying a set of sensitive flows in the knowledge graph representing paths from a sensitive data element to an endpoint in the knowledge graph;</div>
                <div class="claim_text">scoring the set of sensitive flows based on a scoring algorithm, wherein the scoring algorithm determines, for each sensitive flow, a score along a centrality dimension at least by generating, for each vertex in the set of sensitive flows, a ranking score based on a propagation of a rank value from one vertex to another connected vertex in the set of sensitive flows; and</div>
                <div class="claim_text">issuing an alert to an administrator in response to a score of a sensitive flow within the set of sensitive flows exceeding a threshold, wherein the scoring algorithm further determines, for each sensitive flow, a score along the centrality dimension at least by, for vertices that do not have outgoing edges, performing a teleportation operation that teleports propagation of the rank value to a randomly selected vertex using a damping factor to model a probability that data read from one data element is not propagated further, wherein the teleportation operation is limited to vertices in the set of sensitive flows, and wherein vertices with a higher concentration of sensitive data have a higher relative ranking score.</div>
              </div>
            </td>
          </tr>
        </table>
      </div>
    
  </body>
</html>