Zero Trust Architecture

@inproceedings{Rose2019ZeroTA,
  title={Zero Trust Architecture},
  author={Scott Rose and Oliver Borchert and Stu Mitchell and Sean Connelly},
  year={2019}
}
103 Zero Trust is the term for an evolving set of network security paradigms that move network 104 defenses from wide network perimeters to narrowly focusing on individual or small groups of 105 resources. A Zero Trust Architecture (ZTA) strategy is one where there is no implicit trust 106 granted to systems based on their physical or network location (i.e., local area networks vs. the 107 Internet). Access to data resources is granted when the resource is required, and authentication 108 (both… 

Security of Zero Trust Networks in Cloud Computing: A Comparative Review

This survey compares the novel requirement-specific features used by state-of-the-art research models for zero-trust cloud networks, focusing on domain-specific issues plaguing modern cloud computing networks, which leverage choosing and implementing features necessary for future networks and incorporate intelligent security orchestration, automation and response.

Federating trust: network orchestration for cross-boundary zero trust

It is argued that this orchestration needs to expand beyond these common enterprise boundaries in a way that trust can be guaranteed across disparate systems, networks, and servicers.

Building A Zero Trust Architecture Using Kubernetes

‘Zero Trust’ is proved as another worldview of online protection as well as a potential for future network security by focusing on security at every OSI model layer and the advantages and disadvantages of Zero Trust Architecture.

A Survey on Zero Trust Architecture: Challenges and Future Trends

The core technologies including identity authentication, access control, and trust assessment, which are mainly relied on in the zero trust architecture are analyzed and compared to summarize the advantages and disadvantages, as well as the current challenges and future research trends.

Zero Trust Federation: Sharing Context under User Control towards Zero Trust in Identity Federation

  • Koudai HatakeyamaDaisuke KotaniY. Okabe
  • Computer Science
    2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops)
  • 2021
A Zero Trust Network (ZTN) is proposed as a new security model in which access control is performed by authenticating users who request access and then authorizing such requests using various information about users and devices called contexts.

Relevance of Zero Trust Network Architecture amidts and it’s rapid adoption amidts Work From Home enforced by COVID-19

Zero Trust Network Architecture (ZTNA) has become the focus of many institutions to prevent data loss, especially from the employees working remotely due to the spread of Covid-19, requiring people to keep social distance minimize risks of an attack.

ZT&T: Secure blockchain-based tokens for service session management in Zero Trust Networks

This work proposes a mechanism for assuring secure service session management with the use of blockchain capabilities, and proposes non-Fungible-Tokens (NFT) are applied to access and provider tokens representing a policy agreement for service consumption.

Software Defined Perimeter Monitoring and Blockchain-Based Verification of Policy Mapping

A method for understanding the normal behavior of deployed polices by mapping network usage behavior to the policy, and comparing the legitimacy of policy hash is compared to the actual polices hash that is obtained from blockchain.

Secure Access Service Edge: A Zero Trust Based Framework For Accessing Data Securely

By the end of this paper, you will understand how those techniques mentioned before work together under the SASE framework to improve organizations' network connections and security.

Partially Trusting the Service Mesh Control Plane

This work is enhancing the Service Mesh to allow the de-signing and reinforcement of a Verifiable Conflguration that is de-signed and signed off by the Application Owner, ensuring that the Cluster Administrator cannot change the state of the application in a way that was not intended by the application Owner.
...

References

SHOWING 1-10 OF 10 REFERENCES

Zero Trust Intrusion Containment for Telemedicine

This research project introduces a new approach to information security that is called Self-Cleansing Intrusion Tolerance (SCIT), which aims to provide increased resistance to intrusions with minimal disruption of the services provided by the overall system.

I Like It, but I Hate It: Employee Perceptions Towards an Institutional Transition to BYOD Second-Factor Authentication

This paper details a transition from a token-based, two-factor authentication system within an academic institution to an entirely digital system utilizing employee-owned mobile devices, with a specific focus on the utilization of personal devices for workplace authentication.

Using Extensible Messaging and Presence Protocol (XMPP) for Security Information Exchange

This document describes how to use the Extensible Messaging and Presence Protocol (XMPP) to collect and distribute security incident reports and other security-relevant information between network-

PRODUCTIVITY AND USABILITY EFFECTS OF USING A TWO-FACTOR SECURITY SYSTEM

This research uses a survey to examine the effects on productivity and usability of implementing a two-factor security system for access and authentication by the military.

End user accesses controller. Selects desired application to access

    Zero Trust Architecture (2nd Draft)

    • 2020

    User accesses resource

      Controller connects to Identity Provider. Determines access rights

        If user permitted access, controller tells gateway to allow traffic

          Access is provisioned, and decision logged by gateway