| CPC H04L 63/1433 (2013.01) [G06F 16/285 (2019.01)] | 20 Claims |
|
1. A computer-implemented method comprising:
for each dataset in a computing system, identifying at least one stack of hierarchically-dependent system components on which a dataset is dependent;
communicating with one or more compliance monitoring applications to obtain local compliance scores for the hierarchically-dependent system components, within the scope of a scan, wherein data for populating a system graph is obtained by placing calls to an Application Programming Interfaces (API) and represented by a node;
generating the system graph having nodes interconnected by directed edges based on the calls to the API, wherein each dataset, and each component in the at least one stack, is represented by a corresponding node of the graph and dependency of each dataset on the at least one stack, and between successive components in each stack of the at least one stack, is represented by a directed edge between nodes of the graph;
storing the compliance scores for respective nodes corresponding to system components, the compliance score for a node relating to the corresponding system component;
for each dataset, calculating a stack-dependent compliance score as a function of the compliance scores for a set of nodes reached by traversing directed edges in the graph from the node corresponding to the dataset; and
generating an alert if the stack-dependent compliance score for a dataset breaches a predetermined risk threshold for the dataset.
|