CPC H04L 63/20 (2013.01) [G06F 16/219 (2019.01); G06F 16/2246 (2019.01)] | 17 Claims |
1. A system comprising:
a server system comprising one or more processors in communication with one or more memory devices, the server system configurable to cause:
obtaining a system input comprising:
a first version of a policy input and a corresponding first version of a policy output,
a second version of a policy input and a corresponding second version of a policy output,
each version of the policy input comprising a respective version of a set of security policies indicating network access permissions and/or restrictions,
each version of the policy output being a cloud-specific conversion of the corresponding version of the policy input;
converting each version of the policy input and each version of the policy output to a respective internal representation comprising a tree-based data structure;
computing:
one or more input differences between the first version of the policy input and the second version of a policy input, and
one or more output differences between the first version of the policy output and the second version of a policy output, wherein the one or more input differences and the one or more output differences are computed based at least in part on traversing the tree-based data structure;
correlating at least one input difference with an output difference;
generating a database record identifying the correlation; and
storing the database record in a database.
|