Automated reasoning is a subfield of artificial intelligence that is as essential and advantageous as AI itself. Amazon Web Services Inc. is optimizing its use of automated reasoning to improve data security and enterprise use.

“One of the powerful things about automated reasoning, [is that] it doesn’t need data, or logs, or who has accessed things in the past,” said Neha Rungta (pictured), principal engineer of the Automated Reasoning Group at AWS. “[It] just looks at your configurations … and because of the rules we’ve encoded, it can very quickly tell you who outside your account has access.” 

Rungta spoke with John Walls (@JohnWalls21) and Jeff Frick (@JeffFrick), co-hosts of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the AWS re:Invent conference in Las Vegas. They discussed how automated reasoning works to make operations more secure and its ease of use for businesses. (* Disclosure below.)

Security benefits of automated reasoning

One important way AWS’ Automated Reasoning Group improves data security is through enhanced visibility. Machine learning and automated reasoning are subfields of AI. Machine learning allows a computer system to learn rules by observing large amounts of data. Machine-learning design factors in unknowns, things that the ML model cannot easily adapt to or predict. Automated reasoning doesn’t process data, but it examines configurations that already exist in the system. Automated reasoning doesn’t need to factor in unknowns because there are no unknowns in its case. 

“For the things [that we know] exist, there are [a] definitive set of rules; we encode them, and the system and the algorithms can reason about it. There [are] no unknowns,” Rungta explained.

One product of automated reasoning is data access control, granting a user visibility who has access to certain data-sets and deciding when to grant or remove access. 

“[It] seems like, usually, if Amazon is involved, it was some misconfiguration, some switch got left in the wrong position,” said Frick, highlighting the importance of automated reasoning in regard to security given how often data breaches occur.

The type of application Rungta described allows AWS to search for misconfigurations in advance. It gives visibility into what industry best practices are met or in violation and data sets that have not been logged out of, for example. 

To enhance security features, the Automated Reasoning Group also partnered with the AWS S3 team on public access controls. Such functionality allows administrators to do things like deny complete access to their bucket.

“We’ve been providing a lot of features to our customers to allow for them to detect and prevent misconfiguration of [resources],” Rungta stated.

Ease of use

AWS’ automated reasoning is designed with the customer’s ease of use in mind. As more capabilities come to the market, users can get overwhelmed with the new tools and practices to learn.

“Traditionally, when you talk about automated reasoning, there’s been this, oh, it’s high touch, or you need to be an expert user to do it. And [with] this offering … it’s all one click … just simple declarative statements,” Rungta pointed out.

For example, on the front-end the customer would receive a message like, “John, from the marketing team can read your resource. Do you approve access?”

Customers don’t have to be security experts, logicians, or even understand how access control works. Automated reasoning tools, like AWS’ recently launched Identity and Access Management analyzer, are designed for businesses of all verticals.

“You don’t need to be a large customer with a huge team to be able to use it. And that’s been one of the things that we pushed really hard on is to have that ease of use,” Rungta concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the AWS re:Invent event. (* Disclosure: Amazon Web Services Inc. sponsored this segment of theCUBE. Neither AWS nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE