The Secret Security Wiki

Categories

Home > Wikis > Network Architecture > Zero Trust

Categories

Zero Trust

Zero Trust, Zero Trust Network, or Zero Trust Architecture refer to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access. The term was coined by a security analyst at Forrester Research.

The Zero Trust model is the response to the realization that the perimeter security approach isn’t working because many data breaches happened because hackers, once they got past the corporate firewalls, were able to move through internal systems without much resistance. And also because the perimeter itself is no longer clearly defined, because applications and data stores are on-premises and in the cloud, with users accessing them from multiple devices and locations.

Zero Trust is a general approach that calls for enterprises to leverage micro-segmentation and granular perimeter enforcement based on users, their locations and other data to determine whether to trust a user, machine or application seeking access to a particular part of the enterprise.

Zero Trust draws on technologies such as multifactor authentication, IAM, orchestration, analytics, encryption, scoring and file system permissions. Zero Trust also calls for governance policies such as giving users the least amount of access they need to accomplish a specific task.

Push Notification Authentication enables user authentication by sending a push notification directly to a secure application on the user’s device, alerting them that an authentication attempt is taking place. Users can view authentication details and approve or deny access, typically via a simple press of a button.

Notifications can be sent in-band or out-of-band, using any number of communications channels.

Push notifications authenticate the user by confirming that the device registered with the authentication system – typically a mobile device – is in fact in the user’s possession. If the device is compromised by an attacker, then push notifications are compromised.

Authentication based on push notifications is gaining popularity because it provides a simple means to authenticate users, especially if used without passwords.

  • What is BeyondCorp?

    BeyondCorp is a Zero Trust security framework modeled by Google that shifts access controls from the perimeter to individual devices and users. The end result allows employees to work securely from any location without the need for a traditional VPN.

  • What is micro segmentation in networking?

    Micro-segmentation is a security technique that enables fine-grained access control policies to be assigned to individual workloads. As a result, if breaches occur, micro-segmentation limits potential lateral exploration of networks by hackers, and better attack resistance achieved.

  • What is Zero Trust architecture?

    Zero Trust Architecture, also referred to as Zero Trust Network or simply Zero Trust, refers to security concepts and threat model that no longer assumes that actors, systems or services operating from within the security perimeter should be automatically trusted, and instead must verify anything and everything trying to connect to its systems before granting access.

  • Is zero trust a form of continuous authentication?

    Zero Trust may incorporate continuous authentication concepts, but in itself is not a form of continuous authentication.