Zero trust security model
The zero trust security model (also, zero trust architecture, zero trust network architecture, zero trust network access, ZTA, ZTNA), sometimes known as perimeterless security, describes an approach to the design and implementation of IT systems. The main concept behind the zero trust security model is "never trust, always verify,” which means that devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified. Most modern corporate networks consist of many interconnected zones, cloud services and infrastructure, connections to remote and mobile environments, and connections to non-conventional IT, such as IoT devices. The reasoning for zero trust is that the traditional approach — trusting devices within a notional "corporate perimeter", or devices connected via a VPN — is not relevant in the complex environment of a corporate network. The zero trust approach advocates mutual authentication, including checking the identity and integrity of devices without respect to location, and providing access to applications and services based on the confidence of device identity and device health in combination with user authentication.
In 1994 (April ) the term "zero trust" was coined by Stephen Paul Marsh in his doctoral thesis on computer security at the University of Stirling. Marsh's work studied trust as something finite that can be described mathematically, asserting that the concept of trust transcends human factors such as morality, ethics, lawfulness, justice, and judgement.
In 2003 the challenges of defining the perimeter to an organisation's IT systems was highlighted by the Jericho Forum of this year, discussing the trend of what was then coined "de-perimiterisation".
However, it would take almost a decade for zero trust architectures to become prevalent, driven in part by increased adoption of mobile and cloud services.
In 2019 the United Kingdom National Cyber Security Centre (NCSC) recommended that network architects consider a zero trust approach for new IT deployments, particularly where significant use of cloud services is planned.
Principles and definitions
In 2018, work undertaken in the United States by cybersecurity researchers at NIST and NCCoE led to the publication of SP 800-207, Zero Trust Architecture. The publication defines zero trust (ZT) as a collection of concepts and ideas designed to reduce the uncertainty in enforcing accurate, per-request access decisions in information systems and services in the face of a network viewed as compromised. A zero trust architecture (ZTA) is an enterprise's cyber security plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a zero trust architecture plan.
- Single strong source of user identity
- User authentication
- Machine authentication
- Additional context, such as policy compliance and device health
- Authorization policies to access an application
- Access control policies within an application
- "Mutual TLS: Securing Microservices in Service Mesh". The New Stack. 2021-02-01. Retrieved 2021-02-20.
- Stephen Marsh, Google Scholar, 2021-03-03, retrieved 2021-03-03
- "Akamai Bets on 'Zero Trust' Approach to Security". www.wsj.com. Retrieved 2022-02-17.
- "Forrester Pushes 'Zero Trust' Model For Security". www.darkreading.com. Archived from the original on 26 August 2021. Retrieved 2022-02-17.
- "Zero Trust Architecture | NCCoE". www.nccoe.nist.gov. Retrieved 2020-08-25.
- Rose, Scott; Borchert, Oliver; Mitchell, Stu; Connelly, Sean. "Zero Trust Architecture" (PDF). nvlpubs.nist.gov. NIST. Retrieved 17 October 2020.
- "Network architectures". www.ncsc.gov.uk. Retrieved 2020-08-25.