公开(公告)号：US12132735B1

公开(公告)日：2024-10-29

申请号：US17855302

申请日：2022-06-30

Applicant: Amazon Technologies, Inc.

Inventor： Niloofar Razavi ,  Oksana Tkachuk ,  Zhixing Xu ,  Saeed Nejati ,  Meng Li

IPC: H04L29/06 ,  G06F16/33 ,  G06F16/36 ,  H04L9/40

CPC classification number: H04L63/10 ,  G06F16/334 ,  G06F16/367 ,  H04L63/1433 ,  H04L63/20

Abstract: Techniques are described for a domain-specific language and associated framework for implementing analyses of security, operational, or functional properties involving computing resources. The specification language enables users to readily define the semantics of a set of cross-resource relations of interest using a human-readable language. For example, the language enables users to express properties over computing resources based on a user-defined set of cross-resource relations. The specification language is human-readable, allowing users to easily add new cross-resource relations or to modify existing relations and properties, thereby enabling users to readily modify existing analyses or to create new ones entirely. The specification language is also machine-readable such that a compiler and other tools can automatically generate an ontology model based on local resource configurations, augment the graph with the cross-resource relations defined in the specifications, and perform graph reachability analyses based on defined properties of interest.