Cloud Property Graph: Connecting Cloud Security Assessments with Static Code Analysis. (arXiv:2206.06938v1 [cs.CR])

In this paper, we present the Cloud Property Graph (CloudPG), which bridges
the gap between static code analysis and runtime security assessment of cloud
services. The CloudPG is able to resolve data flows between cloud applications
deployed on different resources, and contextualizes the graph with runtime
information, such as encryption settings. To provide a vendor- and
technology-independent representation of a cloud service's security posture,
the graph is based on an ontology of cloud resources, their functionalities and
security features. We …

analysis assessments cloud cloud security code code analysis security security assessments static code analysis