Access Millions of academic & study documents

Zero Trust Architecture Manuscript

Content type
User Generated
Subject
Writing
Type
Homework
Showing Page:
1/5
1
Zero Trust Architecture
Slide 2
Zero trust architecture (ZTA) is a more secure approach to implementing IT systems.
Previous security models approached the issue by trusting those entities which were previously
verified. ZTA, on the other hand, allowed no trust to those entities, and, instead considers every
entity to be a threat until they have been verified (Rose et al., 2020, p. 4).
Slide 3
The concept of ZTA was originally developed by Stephen Paul Marsh in 1999. Marsh
differentiated between the concepts of no trust and distrust, which he then applied to network
security. According to Marsh (1999, p. 56), zero trust is different from distrust because distrust
implies that there was trust that was previously given while zero trust implies that no trust was
given from the start.
Slide 4
The concept was further developed by John Kindervag, who played a role in defining the
principles that would be used to create ZTA systems. An example is BeyondCorp, which was
created by Google (Ward & Beyer, 2014, p. 7). Another example is Software-Defined Perimeter
(SDP), which was the first system to incorporate circuit firewalls to fight against potential virus
attacks (Garbis & Chapman, 2020a, p. 60). This lead to the Location Independent Security
Approach (LISA), which goes beyond zero trust by not trusting entities even after they were
verified (Zimmer, 2018).
Slide 5
In 2020, the NIST released special publication 800-207 entitled Zero Trust Architecture.
In this publication, the NIST standardized the definition of ZTA and zero trust (ZT). According

Sign up to view the full document!

lock_open Sign Up
Showing Page:
2/5
2
to the NIST, ZT refers to a series of concepts that, when applied, lead to better security
decisions. This lays the foundation for ZTA, which is the framework for applying ZT.
Slide 6
ZTA includes the following ZT concepts: data segmentation, paralleled switching cores,
and central management (Kindervag, 2010, p. 7-8). These components are meant to increase the
level of security by abiding by different policies that require real-time verification for use. They
are applied via the following architectural components: segmentation gateways, paralleled
network segments, central management, and data acquisition (Kindervag, 2010, p. 7-8).
Slide 7
ZTA offers organizations a variety of benefits, the most significant being the constant
verification of data, devices, people, networks, and workloads. This significantly decreases the
chances of internal breaches, unlike the previous model which left room for internal breaches by
not constantly verifying all of the entities involved (Kindervag, 2010, p. 6).
Slide 8
Central management is a core component of the ZTA system. It involves a variety of
verification tactics including multi-factor authentication and biometrics to verified entities. Once
verified, data is only available to those who need it. It is properly segmented to ensure this
occurs. Furthermore, data is encrypted to ensure security when it is benign moved.
Slide 9
Other benefits include agnostic platforms, reduced costs, cybersecurity, scalability, the
augmentation of existing networks, and control over the level of sensitivity assigned to data
(Teerakanok, 2021). The aspects regarding scalability and cost are particularly important because
the system is simpler than other models, thus allowing it to be used across time.

Sign up to view the full document!

lock_open Sign Up
Showing Page:
3/5

Sign up to view the full document!

lock_open Sign Up
End of Preview - Want to read all 5 pages?
Access Now
Unformatted Attachment Preview
1 Zero Trust Architecture Slide 2 Zero trust architecture (ZTA) is a more secure approach to implementing IT systems. Previous security models approached the issue by trusting those entities which were previously verified. ZTA, on the other hand, allowed no trust to those entities, and, instead considers every entity to be a threat until they have been verified (Rose et al., 2020, p. 4). Slide 3 The concept of ZTA was originally developed by Stephen Paul Marsh in 1999. Marsh differentiated between the concepts of no trust and distrust, which he then applied to network security. According to Marsh (1999, p. 56), zero trust is different from distrust because distrust implies that there was trust that was previously given while zero trust implies that no trust was given from the start. Slide 4 The concept was further developed by John Kindervag, who played a role in defining the principles that would be used to create ZTA systems. An example is BeyondCorp, which was created by Google (Ward & Beyer, 2014, p. 7). Another example is Software-Defined Perimeter (SDP), which was the first system to incorporate circuit firewalls to fight against potential virus attacks (Garbis & Chapman, 2020a, p. 60). This lead to the Location Independent Security Approach (LISA), which goes beyond zero trust by not trusting entities even after they were verified (Zimmer, 2018). Slide 5 In 2020, the NIST released special publication 800-207 entitled Zero Trust Architecture. In this publication, the NI ...
Purchase document to see full attachment
User generated content is uploaded by users for the purposes of learning and should be used following Studypool's honor code & terms of service.
Studypool
4.7
Indeed
4.5
Sitejabber
4.4

Similar Documents