Abstract
The described technology provides an automated platform for translating security policies from a source container orchestration system to a target container orchestration system. A universal intermediate representation, structured as a directed multigraph, captures security intents which are mapped to target-native primitives. Formal mathematical methods verify that the generated policies are equivalent to the original intents. Additional features include regulatory compliance validation utilizing a compliance knowledge graph, attack surface quantification across four distinct axes, the generation of cryptographic audit certificates, and parallel processing to avoid state explosion. Keywords: Automated Policy Translation, Formal Verification, Container Orchestration, Cloud Migration, Directed Multigraph, Satisfiability Modulo Theories, State Explosion, Cryptographic Guarantee.
Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.
Recommended Citation
; Bhardwaj, Utkarsh; and Awasthi, Shivank, "Mathematical Verification and Automated Translation of Security Policies Across Container Orchestration Platforms", Technical Disclosure Commons, ()
https://www.tdcommons.org/dpubs_series/10345