Zero Trust
Zero Trust (ZT) is a set of cybersecurity paradigms that focuses on users, assets, and resources instead of static perimeters. Zero trust is a response to trends such as including remote users, bringing one's own device, and cloud-based assets not within an enterprise-owned network boundary. The network location is no longer the prime component of a resource's security.[1]
Principles
- Never trust, always verify.[2]
- No assumptions about assets or user accounts based solely on their physical or network location or asset ownership.
- Protect resources (assets, services, workflows, and network accounts), not network segments.
- Trust is a vulnerability.
History
Zero Trust was created by John Kindervag, while he was vice president and principal analyst at Forrester Research.[3]
Zero Trust Architecture
Zero Trust Architecture (ZTA) uses zero trust principles to guide industrial and enterprise infrastructure and workflow. Authentication and authorization are discrete functions performed before a session to an enterprise resource is established.[4]
Components
The following components do not make a system trusted; they work together to eliminate trust:[5]
- Protect Surfaces generally includes the most important data, assets, applications, and services (DAAS) in an organization;
- Attack Surfaces;
- A microperimeter goes anywhere the protect surface goes;
- A segmentation gateway, aka a next-generation firewall, allows traffic or legitimate applications to access the protect surface;
- The Kipling Method defines a zero trust policy based on who, what, when, where, why, and how; and
- A Zero Trust policy determines who can cross the microperimeter, stops access to protect surfaces by unauthorized users, and prevents sensitive data exfiltration. More specifically,
- the policy engine grants, revokes, or denies user access to requested enterprise resources;
- the policy enforcement point (PEP) enables, terminates, and monitors connections between users and enterprise resources; and
- the policy administrator sends commands to the PEP based on policy engine decisions to allow or deny users’ connections to a requested resource.[6]
Pillars
The seven pillars in the DOD Zero Trust Architecture include:[7]
User
Securing, limiting, and enforcing person, non-person, and federated entities’ access to DAAS encompasses the use of ICAM capabilities such as multi-factor authentication and continuous multi-factor authentication.
Device
The capacity to identify, authenticate, authorize, inventory, isolate, secure, remediate, and control all devices is essential. Real-time attestation and patching of devices in an enterprise are critical. Possible options include Mobile Device Managers or Comply to Connect programs and assessments for every access request: examinations of compromise state, anomaly detection, software versions, protection status, and encryption enablement.
Network/Environment
logically and physically segment everything in order to isolate and control organizations with granular access and policy restrictions.
Applications/Workload
This category spans the complete application stack from the application layer to the hypervisor.
Data
Zero Trust protects critical DAAS. Thus, organizations must categorize their DAAS in terms of mission criticality.
Visibility & Analytics
Details are needed on performance, behavior, and activity baselines across other Zero Trust pillars to detect anomalous behavior and make dynamic changes to security policy and real-time access decisions.
Automation & Orchestration
Enterprises needed to automate manual security processes to take policy-based actions fast and at scale.
Advantages & Complications
Zero trust is possible, but implemented incorrectly, it can disenfranchise users.[8][9]
Pros | Cons |
---|---|
Increased resource access visibility | Configuration challenges |
Decreased attack surface | Insider threats |
Improved monitoring | Dependence on the policy decision point |
References
- ↑ SP 800-27, NIST
- ↑ What is a Zero Trust Architecture, Palo Alto Networks
- ↑ What is a Zero Trust Architecture, Palo Alto Networks
- ↑ SP 800-27, NIST
- ↑ What is a Zero Trust Architecture, Palo Alto Networks
- ↑ Zero Trust Security Model, Ekran
- ↑ Zero Trust Reference Architecture V.1 Feb 2021, DOD, pgs 27-28
- ↑ Zero trust: The good, the bad and the ugly, Tech Republic
- ↑ Zero Trust Security Model, Ekran