Difference between revisions of "Zero Trust Architecture"

Revision as of 22:20, 16 May 2021

Full Title or Meme

Zero Trust Architecture is a method that starts every interaction with no access and builds up access as the user adds proof of Identity and Authentication to meet the Authorization needs of the Resource sought by the User.

Context

• Traditionally user access was granted at the point where the user entered the network with a protocol like Kerberos which was developed by Project Athena at MIT to sort the various components of a Research University into buckets that could assign trust at the entry point that followed the user wherever they went inside the MIT network.
• In Zero Trust Architecture the user is given full access to the network and then provides such attributes of Identity and Authentication as are needed at each Resource access point. In other words the Internet.
• The DoD released the 170 page zero trust architecture in 2021-02, but did not make it publicly accessible until 2021-05-13^[1] after they remove CV-3 for security reasons.
• The prevailing sense of Identity experts, like Kim Cameron^[2], is that the lack of an identity layer in the Internet is a defect.
• In other words, all existing methods focus on access to Resources rather than on User Experience.

Problems

• Users have a low level of tolerance for any continued process of Identifying and Authenticating.
• The US NIST has somehow convinced people that a Zero Trust Architecture is possible with a good User Experience.^[3]

  A zero trust architecture leans heavily on components and capabilities for identity management, asset management, application authentication, network segmentation, and threat intelligence. Architecting for zero trust should enhance cybersecurity without sacrificing the user experience. The NCCoE is researching ongoing industry developments in zero trust and its component technologies that support the goals and objectives of a practical, secure, and standards-based zero trust architecture.

Solutions

1. Abandon the impossible dream of any trust system that requires no effort by the user and the organization that support that user. Only hard and on-going effort will provide the trusted access that secure resources require.
2. Equip the User with a device that can secure store one or more credentials which identify a Subject and authenticate the presence of a trusted user that is Authorized to assume that Subject Identifier. In this definition the Subject ID might, or might now, be unique to that user.

7 Tenets by NIST

These are further described in SP-800-207

1. Authentication and Authorization - All resource authentication and authorization are dynamic and strictly enforced before access is allowed.
2. Integrity - The enterprise monitors and measures the integrity and security posture of all owned and associated assets.
3. Observable State - Access to resources is determined by dynamic policy—including the observable state of client identity, application/service, and the requesting asset—and may include other behavioral and environmental attributes.
4. Minimal Access in Size - All data sources and computing services are considered resources.
5. Minimal Access in Time - Access to individual enterprise resources is granted on a per-session basis.
6. Encrypt All Access - All communication is secured regardless of network location.
7. Monitor All Access - The enterprise collects as much information as possible about the current state of assets, network infrastructure and communications and uses it to improve its security posture

References

1. ↑ DISA and NSA, Department of Defense (DOD) Zero Trust Reference Architecture Version 1.0 dated 2021-02 https://dodcio.defense.gov/Portals/0/Documents/Library/(U)ZT_RA_v1.1(U)_Mar21.pdf
2. ↑ Kim Cameron Identity Blog https://www.identityblog.com/
3. ↑ NIST and NCCoE Zero Trust Architecture https://www.nccoe.nist.gov/projects/building-blocks/zero-trust-architecture

Other material

• See the wiki page on Domains.
• NIST SP 800-207 Zero Trust Architecture 2020-08-11
• Duo zero trust