Difference between revisions of "Zero Trust Architecture"

From MgmtWiki
Jump to: navigation, search
(Created page with "===Full Title or Meme== Zero Trust Architecture is a method that starts every interaction with no access and builds up access as the user adds proof of Identity and ...")
 
(=Full Title or Meme)
Line 1: Line 1:
===Full Title or Meme==
+
==Full Title or Meme==
 
[[Zero Trust Architecture]] is a method that starts every interaction with no access and builds up access as the user adds proof of [[Identity]] and [[Authentication]] to meet the [[Authorization]] needs of the [[Resource]] sought by the [[User]].
 
[[Zero Trust Architecture]] is a method that starts every interaction with no access and builds up access as the user adds proof of [[Identity]] and [[Authentication]] to meet the [[Authorization]] needs of the [[Resource]] sought by the [[User]].
 +
 +
==Context==
 +
* Traditionally user access was granted at the point where the user entered the network with a protocol like [[Kerberos]] which was developed by Project Athena at MIT to sort the various components of a Research University into buckets that could assign trust at the entry point that followed the user wherever they went inside the MIT network.
 +
* In [[Zero Trust Architecture]] the user is given full access to the network and then provides such attributes of [[Identity]] and [[Authentication]] as are needed at each [[Resource]] access point. In other words the Internet.
 +
* The prevailing sense of [[Identity]] experts, like Kim Cameron, is that the lack of an identity layer in the Internet is a defects.
 +
* In other words, all existing methods focus on access to [[Resource]]s rather than on [[User Experience]].
 +
==Problems==
 +
* Users have a low level of tolerance for any continued process of Identifying and Authenticating.
 +
* The US NIST has somehow convinced people that a [[Zero Trust Architecture]] is possible with a good [[User Experience]].<ref>NIST</ref><blockquote></blockquote>
  
 
==References==
 
==References==
  
 
[[Category: Glossary]]
 
[[Category: Glossary]]

Revision as of 09:29, 3 January 2021

Full Title or Meme

Zero Trust Architecture is a method that starts every interaction with no access and builds up access as the user adds proof of Identity and Authentication to meet the Authorization needs of the Resource sought by the User.

Context

  • Traditionally user access was granted at the point where the user entered the network with a protocol like Kerberos which was developed by Project Athena at MIT to sort the various components of a Research University into buckets that could assign trust at the entry point that followed the user wherever they went inside the MIT network.
  • In Zero Trust Architecture the user is given full access to the network and then provides such attributes of Identity and Authentication as are needed at each Resource access point. In other words the Internet.
  • The prevailing sense of Identity experts, like Kim Cameron, is that the lack of an identity layer in the Internet is a defects.
  • In other words, all existing methods focus on access to Resources rather than on User Experience.

Problems

  • Users have a low level of tolerance for any continued process of Identifying and Authenticating.
  • The US NIST has somehow convinced people that a Zero Trust Architecture is possible with a good User Experience.[1]

References

  1. NIST