公开(公告)号：US12021888B1

公开(公告)日：2024-06-25

申请号：US18416350

申请日：2024-01-18

申请人： Lacework, Inc.

发明人： Theodore M. Reed ,  Bao Nguyen ,  Kenneth Beasley ,  Joshua L. Vertes ,  Adin Aoki ,  Brandon Maister ,  Ravi Kiran Kumar ,  Sowmya A Karmali ,  Yijou Chen

IPC分类号： H04L9/40 ,  G06F9/455 ,  G06F9/54 ,  G06F16/2455 ,  G06F16/901 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/9537 ,  G06F21/57 ,  H04L43/045 ,  H04L43/06 ,  H04L67/306 ,  H04L67/50

CPC分类号： H04L63/1425 ,  G06F9/455 ,  G06F9/545 ,  G06F16/9024 ,  G06F16/9038 ,  G06F16/9535 ,  G06F16/9537 ,  G06F21/57 ,  H04L43/045 ,  H04L43/06 ,  H04L63/10 ,  H04L67/306 ,  H04L67/535 ,  G06F16/2456

摘要： An illustrative method includes accessing data representative of a first role associated with a set of permissions with respect to resources within the compute environment and specifying a group of identities assigned to the first role, determining that a first subgroup of one or more identities included the group of identities only uses a first subset of permissions included in the set of permissions to access the resources within the compute environment without using a second subset of permissions, and performing, based on the determining that the first subgroup of one or more identities only uses the first subset of permissions, an operation to reduce permissions usable by the one or more identities.