US 12,170,693 B2
Correlation of security policy input and output changes
Toan Van Nguyen, Singapore (SG)
Assigned to Salesforce, Inc., San Francisco, CA (US)
Filed by salesforce.com, inc., San Francisco, CA (US)
Filed on Jan. 21, 2021, as Appl. No. 17/248,347.
Application 17/248,347 is a continuation in part of application No. 16/948,399, filed on Sep. 16, 2020.
Prior Publication US 2022/0086190 A1, Mar. 17, 2022
Int. Cl. G06F 16/00 (2019.01); G06F 16/21 (2019.01); G06F 16/22 (2019.01); H04L 9/40 (2022.01)
CPC H04L 63/20 (2013.01) [G06F 16/219 (2019.01); G06F 16/2246 (2019.01)] 17 Claims
OG exemplary drawing
 
1. A system comprising:
a server system comprising one or more processors in communication with one or more memory devices, the server system configurable to cause:
obtaining a system input comprising:
a first version of a policy input and a corresponding first version of a policy output,
a second version of a policy input and a corresponding second version of a policy output,
each version of the policy input comprising a respective version of a set of security policies indicating network access permissions and/or restrictions,
each version of the policy output being a cloud-specific conversion of the corresponding version of the policy input;
converting each version of the policy input and each version of the policy output to a respective internal representation comprising a tree-based data structure;
computing:
one or more input differences between the first version of the policy input and the second version of a policy input, and
one or more output differences between the first version of the policy output and the second version of a policy output, wherein the one or more input differences and the one or more output differences are computed based at least in part on traversing the tree-based data structure;
correlating at least one input difference with an output difference;
generating a database record identifying the correlation; and
storing the database record in a database.