From Wikipedia, the free encyclopedia
Jump to navigation Jump to search

BeyondCorp is an implementation, by Google, of zero-trust computer security concepts creating a zero trust network.[1][2][3][4][5][6] It was created in response to the 2009 Operation Aurora.[7] An open source implementation inspired by Google's research paper on an access proxy is known as "transcend".[8]

Security mechanisms[edit]

Unlike traditional VPNs, BeyondCorp's access policies are based on information about a device, its state, and its associated user. BeyondCorp considers both internal networks and external networks to be completely untrusted, and gates access to applications by dynamically asserting and enforcing levels, or “tiers,” of access.[9]

See also[edit]


  1. ^ "BeyondCorp: A New Approach to Enterprise Security - USENIX".
  2. ^ "BeyondCorp: Design to Deployment at Google - USENIX".
  3. ^ Spear, Batz; Beyer, Betsy (Adrienne Elizabeth); Cittadini, Luca; Saltonstall, Max (2 September 2018). "Beyond Corp: The Access Proxy". {{cite journal}}: Cite journal requires |journal= (help)
  4. ^ "Google BeyondCorp Breaks With Enterprise Security Tradition - InformationWeek". 7 April 2016.
  5. ^ "The perimeterless, ever-shifting enterprise: What would a real, red-blooded IT team do?". The Register.
  6. ^ Rose, Scott; Borchert, Oliver; Mitchell, Stu; Connelly, Sean (23 September 2019). "NIST Special Publication, Zero Trust Architecture (2nd Draft)". doi:10.6028/NIST.SP.800-207-draft. S2CID 240898264. {{cite journal}}: Cite journal requires |journal= (help)
  7. ^ "BeyondCorp: The BeyondCorp Story". Retrieved 22 April 2020.
  8. ^ transcend github, accessed: 2019-04-22.
  9. ^ "Design to Deployment at Google" (PDF). Retrieved 23 April 2020.