CPC H04L 63/20 (2013.01) [H04L 63/10 (2013.01); H04L 63/1433 (2013.01)] | 20 Claims |
1. A method for generating a security graph utilizing a unified model based on multiple cloud computing environments, comprising:
receiving data from a first cloud computing environment pertaining to: a plurality of resources, a plurality of principals, and a plurality of permissions;
generating for each resource of the plurality of resources a corresponding resource node in the security graph based on the unified model, the corresponding resource node including an identifier of the resource, wherein the resource is a cloud entity deployed in the first cloud computing environment;
generating for each principal of the plurality of principals a corresponding principal node in the security graph based on the unified model, the corresponding principal node including an identifier of the principal, wherein the principal is a cloud entity in the first cloud computing environment that generates a request for an operation in the first cloud computing environment; and
generating a connection between at least a principal node and at least a resource node in the security graph based on the unified model, in response to detecting a permission indicating that a principal corresponding to the at least a principal node can access a resource corresponding to the at least a resource node.
|