Saved in:
Bibliographic Details
Main Author: Parisel, Christophe
Format: Recurso digital
Language:
Published: Zenodo 2026
Online Access:https://doi.org/10.5281/zenodo.18768824
Tags: Add Tag
No Tags, Be the first to tag this record!
Table of Contents:
  • <p>Non-human identities (NHIs) in cloud environments may form strongly connected components (SCCs) that defeat existing automated policy analysis tools and require costly manual review. We introduce the primorial invariant: a canonical encoding of SCC cycle structure that enables automated classification of cyclic privilege patterns into three actionable categories: reduction (benign cycles that can be collapsed), fusion (structurally equivalent cycles that share a single analyst decision), and fusion-reduction (approximate variants that can be jointly reviewed and simplified). Unlike attack-graph or black-box learning approaches, the method is lightweight, tolerant to bounded collisions, and designed explicitly for operational scalability rather than perfect discrimination.</p>