icannwiki

Zero Trust

Revision as of 14:39, 10 August 2021 by Jessica (talk | contribs) (Created page with "'''Zero Trust''' (ZT) is a set of cybersecurity paradigms that focuses on users, assets, and resources instead of static perimeters. Zero trust is a response to trends such as...")
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)

Zero Trust (ZT) is a set of cybersecurity paradigms that focuses on users, assets, and resources instead of static perimeters. Zero trust is a response to trends such as including remote users, bringing one's own device, and cloud-based assets not within an enterprise-owned network boundary. The network location is no longer the prime component of a resource's security.[1]

Principles

  1. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location or asset ownership.
  2. Zero trust focuses on protecting resources (assets, services, workflows, and network accounts), not network segments.

Zero Trust Architecture

Zero Trust Architecture (ZTA) uses zero trust principles to guide industrial and enterprise infrastructure and workflow. Authentication and authorization are discrete functions performed before a session to an enterprise resource is established.

References

  1. SP 800-27, NIST
Retrieved from "https://icannwiki.org/index.php?title=Zero_Trust&oldid=1331732"