Zero Trust Architecture

@inproceedings{Rose2019ZeroTA,
  title={Zero Trust Architecture},
  author={Scott Rose and Oliver Borchert and Stu Mitchell and Sean Connelly},
  year={2019}
}
103 Zero Trust is the term for an evolving set of network security paradigms that move network 104 defenses from wide network perimeters to narrowly focusing on individual or small groups of 105 resources. A Zero Trust Architecture (ZTA) strategy is one where there is no implicit trust 106 granted to systems based on their physical or network location (i.e., local area networks vs. the 107 Internet). Access to data resources is granted when the resource is required, and authentication 108 (both… 

Security of Zero Trust Networks in Cloud Computing: A Comparative Review

TLDR
This survey compares the novel requirement-specific features used by state-of-the-art research models for zero-trust cloud networks, focusing on domain-specific issues plaguing modern cloud computing networks, which leverage choosing and implementing features necessary for future networks and incorporate intelligent security orchestration, automation and response.

Federating trust: network orchestration for cross-boundary zero trust

TLDR
It is argued that this orchestration needs to expand beyond these common enterprise boundaries in a way that trust can be guaranteed across disparate systems, networks, and servicers.

Building A Zero Trust Architecture Using Kubernetes

TLDR
‘Zero Trust’ is proved as another worldview of online protection as well as a potential for future network security by focusing on security at every OSI model layer and the advantages and disadvantages of Zero Trust Architecture.

A Survey on Zero Trust Architecture: Challenges and Future Trends

TLDR
The core technologies including identity authentication, access control, and trust assessment, which are mainly relied on in the zero trust architecture are analyzed and compared to summarize the advantages and disadvantages, as well as the current challenges and future research trends.

Zero Trust Federation: Sharing Context under User Control towards Zero Trust in Identity Federation

  • Koudai HatakeyamaDaisuke KotaniY. Okabe
  • Computer Science
    2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops)
  • 2021
TLDR
A Zero Trust Network (ZTN) is proposed as a new security model in which access control is performed by authenticating users who request access and then authorizing such requests using various information about users and devices called contexts.

Relevance of Zero Trust Network Architecture amidts and it’s rapid adoption amidts Work From Home enforced by COVID-19

TLDR
Zero Trust Network Architecture (ZTNA) has become the focus of many institutions to prevent data loss, especially from the employees working remotely due to the spread of Covid-19, requiring people to keep social distance minimize risks of an attack.

Intelligent Zero Trust Architecture for 5G/6G Tactical Networks: Principles, Challenges, and the Role of Machine Learning

TLDR
This paper presents the architectural design of an i-ZTA upon which modern artificial intelligence (AI) algorithms can be developed to provide information security in untrusted networks.

Migrating to Zero Trust Architecture: Reviews and Challenges

TLDR
The concept of ZT and ZTA is introduced, and challenges, steps, and things to consider when migrating from the legacy architecture to ZTA are presented and discussed.

Application of Data Collected by Endpoint Detection and Response Systems for Implementation of a Network Security System based on Zero Trust Principles and the EigenTrust Algorithm

TLDR
This work seeks to deploy EDR systems and build trust algorithms using tactical provenance analysis, threshold cryptography and reputation management to continuously record data, evaluate trust of a subject, and simultaneously analyze them against a database of known threat vectors to provide conditional access control.
...

References

SHOWING 1-10 OF 10 REFERENCES

I Like It, but I Hate It: Employee Perceptions Towards an Institutional Transition to BYOD Second-Factor Authentication

TLDR
This paper details a transition from a token-based, two-factor authentication system within an academic institution to an entirely digital system utilizing employee-owned mobile devices, with a specific focus on the utilization of personal devices for workplace authentication.

Using Extensible Messaging and Presence Protocol (XMPP) for Security Information Exchange

This document describes how to use the Extensible Messaging and Presence Protocol (XMPP) to collect and distribute security incident reports and other security-relevant information between network-

PRODUCTIVITY AND USABILITY EFFECTS OF USING A TWO-FACTOR SECURITY SYSTEM

TLDR
This research uses a survey to examine the effects on productivity and usability of implementing a two-factor security system for access and authentication by the military.

Zero Trust Intrusion Containment for Telemedicine

TLDR
This research project introduces a new approach to information security that is called Self-Cleansing Intrusion Tolerance (SCIT), which aims to provide increased resistance to intrusions with minimal disruption of the services provided by the overall system.

End user accesses controller. Selects desired application to access

    Zero Trust Architecture (2nd Draft)

    • 2020

    User accesses resource

      Controller connects to Identity Provider. Determines access rights

        If user permitted access, controller tells gateway to allow traffic

          Access is provisioned, and decision logged by gateway