Cloud intelligence data model and framework

US 10,728,307 B2
Filed: 07/08/2019
Issued: 07/28/2020
Est. Priority Date: 10/08/2018
Status: Active Grant

First Claim

Patent Images

1. A computing system accessible over a network, comprising:

a processor;

computer memory holding computer program instructions executed by the processor to provide a service to one or more subscribers, the computer program instructions configured, with respect to each of the one or more subscribers, to;

receive a subscriber-specific data set from each of a set of cloud computing infrastructures, wherein each of the cloud computing infrastructures has cloud-specific service types or action types, the cloud-specific service types or action types conforming to a unified classification model common to all of the cloud computing infrastructures, wherein the subscriber-specific data set comprises identities of subscriber users and their associated permissions with respect to resources in the cloud computing infrastructure;

initialize a data model conforming to a schema model;

store the data model and the subscriber-specific data set within a knowledge graph, the knowledge graph including, collectively, the associated permissions of the subscriber users for the set of cloud computing infrastructures;

as changes in the set of cloud computing infrastructures occur, dynamically update the data model and knowledge graph responsive to the changes; and

responsive to one or more queries structured according to a query language, the query language being dynamically-generated at least in part from the schema model, selectively retrieve information from the knowledge graph.

View all claims

0 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

A network-accessible service provides an enterprise with a view of all identity and data activity in the enterprise'"'"'s cloud accounts. The service enables distinct cloud provider management models to be normalized with centralized analytics and views across large numbers of cloud accounts. The service enables an enterprise to model all activity and relationships across cloud vendors, accounts and third party stores. Display views of this information preferably can pivot on cloud provider, country, cloud accounts, application or data store. Using a domain-specific query language, the system enables rapid interrogation of a complete and centralized data model of all data and identity relationships. User reports may be generated showing all privileges and data to which a particular identity has access. Similarly, data reports shown all entities having access to an asset can be generated. Using the display views, a user can pivot all functions across teams, applications and data, geography, provider and compliance mandates, and the like.

25 Citations

View as Search Results

20 Claims

1. A computing system accessible over a network, comprising:
- a processor;
  
  computer memory holding computer program instructions executed by the processor to provide a service to one or more subscribers, the computer program instructions configured, with respect to each of the one or more subscribers, to;
  
  receive a subscriber-specific data set from each of a set of cloud computing infrastructures, wherein each of the cloud computing infrastructures has cloud-specific service types or action types, the cloud-specific service types or action types conforming to a unified classification model common to all of the cloud computing infrastructures, wherein the subscriber-specific data set comprises identities of subscriber users and their associated permissions with respect to resources in the cloud computing infrastructure;
  
  initialize a data model conforming to a schema model;
  
  store the data model and the subscriber-specific data set within a knowledge graph, the knowledge graph including, collectively, the associated permissions of the subscriber users for the set of cloud computing infrastructures;
  
  as changes in the set of cloud computing infrastructures occur, dynamically update the data model and knowledge graph responsive to the changes; and
  
  responsive to one or more queries structured according to a query language, the query language being dynamically-generated at least in part from the schema model, selectively retrieve information from the knowledge graph.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16)
- - 2. The computing system as described in claim 1 wherein querying of data against the unified classification model returns normalized pathing analytics.
  - 3. The computing system as described in claim 1 wherein the data model comprises a set of definitions, the set of definitions comprising property, interface, entity, connection and index definitions.
  - 4. The computing system as described in claim 3 wherein the computer program instructions comprise a dynamic entity generation code module configured to read property, interface, entity and connection definitions from the data model to produce one or more reporters.
  - 5. The computing system as described in claim 4 wherein the one or more reporters include entity reporter code, cloud reporter code, account reporter code and service reporter code that comprise a Software Development Kit (SDK) reporting framework embedded in a respective cloud computing infrastructure.
  - 6. The computing system as described in claim 1 wherein the computer program instructions comprise one or more code frameworks.
  - 7. The computing system as described in claim 6 wherein the one or more code frameworks dynamically adjust according to changes to the data model.
  - 8. The computing system as described in claim 6 wherein the one or more code frameworks comprise a data bootstrap framework configured to bootstrap the knowledge graph according to specifications defined in the schema model.
  - 9. The computing system as described in claim 6 wherein the one or more code frameworks comprise a data processing framework configured to process intelligence reported in the data model.
  - 10. The computing system as described in claim 6 wherein the one or more code frameworks comprise a dynamic data access framework configured to receive queries directed to the data model, and to return responses to the queries.
  - 11. The computing system as described in claim 1 wherein the computer program instructions comprise system components to process and store intelligence received from the set of cloud compute infrastructures, report the intelligence, and enable query and analysis of the intelligence.
  - 12. The computing system as described in claim 1 wherein the data model models activities and relationships across the set of cloud compute infrastructures.
  - 13. The computing system as described in claim 12 wherein the one or more queries are configured according to a domain-specific query language.
  - 14. The computer system as described in claim 13 wherein the computer program instructions are configured to output a display view.
  - 15. The computer system as described in claim 14 wherein the display view identifies all privileges and data to which a particular identity has access.
  - 16. The computer system as described in claim 14 wherein the display view identifies all entities having access to a particular resource.

17. A method for monitoring a set of cloud deployments associated with an enterprise, comprising:
- generating a unified classification model common to the set of cloud deployments;
  
  dynamically-generating, from the unified classification model, a set of one or more reporting code components;
  
  receiving a data set generated by execution of the one or more reporting code components, the one or more reporting code components having been instantiated within each cloud deployment, the data set comprising comprises identities of subscriber users and their associated permissions with respect to resources in the respective cloud deployment;
  
  generating a knowledge graph that embeds data from the data set and the unified classification model, the knowledge graph instantiating, collectively, the associated permissions of the enterprise for the cloud deployments; and
  
  responsive to receipt of an information request structured according to a query language, the query language being dynamically-generated at least in part from a schema associated with the unified classification model, querying the knowledge graph and returning a response to the information request.
- View Dependent Claims (18, 19, 20)
- - 18. The method as described in claim 17 wherein the query language is a domain-specific query language based on information derived from the unified classification model.
  - 19. The method as described in claim 17 further including updating the one or more code reporting components as the unified classification model changes.
  - 20. The method as described in claim 17 wherein the knowledge graph is specific to the enterprise.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Sonrai Security, Inc.
Original Assignee
Sonrai Security, Inc.
Inventors
Wuest, Ben, Bird, William, Peters, Brad, Lockett, Albert
Primary Examiner(s)
Zhang, Shirley X

Application Number

US16/505,038
Publication Number

US 20200112602A1
Time in Patent Office

386 Days
Field of Search
US Class Current
CPC Class Codes

G06F 11/34   Recording or statistical ev...

G06F 16/2457   with adaptation to user needs

G06F 16/9024   Graphs; Linked lists G06F16...

G06F 16/906   Clustering; Classification

G06N 5/00   Computing arrangements usin...

G06N 5/025   Extracting rules from data

H04L 63/105   Multiple levels of security

H04L 67/025   for remote control or remot...

H04L 67/10   in which an application is ...

H04L 67/1097   for distributed storage of ...

H04L 67/306   User profiles

H04L 67/51   Discovery or management the...

H04L 67/535   Tracking the activity of th...

H04L 67/75   Indicating network or usage...

Cloud intelligence data model and framework

First Claim

0 Assignments

0 Petitions

Accused Products

Abstract

25 Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

Cloud intelligence data model and framework

First Claim

0 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

25 Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links