Services for Zero Trust Architectures - A Research Roadmap

被引：12

作者：

Bertino, Elisa ^{[1
]}

Brancik, Kenneth ^{[1
]}

机构：

[1] Purdue Univ, Dept Comp Sci, W Lafayette, IN 47907 USA

来源：

2021 IEEE INTERNATIONAL CONFERENCE ON WEB SERVICES, ICWS 2021 | 2021年

关键词：

Networks; Access Control; Security; SYSTEM;

D O I：

10.1109/ICWS53863.2021.00016

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

The notion of Zero Trust Architecture (ZTA) has been introduced as a fine-grained defense approach. It assumes that no entities outside and inside the protected system can be trusted and therefore requires articulated and high-coverage deployment of security controls. However, ZTA is a complex notion which does not have a single design solution; rather it consists of numerous interconnected concepts and processes that need to be assessed prior to deciding on a solution. In this paper, we outline a ZTA design methodology based on cyber risks and the identification of known high security risks. We then discuss challenges related to the design and deployment of ZTA and related solutions. We also discuss the role that service technology can play in ZTA.

引用

页码：14 / 20

页数：7

共 26 条

[1]

[Anonymous], 2018, J DATA INFORM QUALIT

[2]

[Anonymous], 2013, Executive Order --Improving Critical Infrastructure Cybersecurity

[3]

Aorato, UNT STOR TARG TTACK

[4]

Bertino E., 2021, ABS210101279 CORR

[5] A System for Profiling and Monitoring Database Access Patterns by Application Programs for Anomaly Detection [J].

Bossi, Lorenzo ;

Bertino, Elisa ;

Hussain, Syed Rafiul .

IEEE TRANSACTIONS ON SOFTWARE ENGINEERING, 2017, 43 (05) :415-431

[6]

Center for Internet Security, CIS CONTR VERS 8

[7]

Cotrini C., 2018, P 2018 IEEE EUR S SE

[8]

Department of Defense, 2021, ZER TRUST REF ARCH

[9] Justin Richer on OAuth [J].

Henry, Gavin .

IEEE SOFTWARE, 2020, 37 (01) :98-100

[10]

Internet Engineering Task Force Network Working Group, SYST CROSS DOM ID MA

← 1 2 3 →