Zero Trust: Unterschied zwischen den Versionen
Keine Bearbeitungszusammenfassung |
Keine Bearbeitungszusammenfassung |
||
Zeile 1: | Zeile 1: | ||
= TMP = | |||
{{Short description|Systems security model}} | |||
The '''zero trust security model''', also known as '''zero trust architecture''' ('''ZTA'''), and sometimes known as '''perimeterless security''', describes an approach to the strategy, design and implementation of [[IT system]]s. The main concept behind the zero trust security model is [[trust but verify|"never trust, always verify,”]] which means that users and devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate [[Local area network|LAN]] and even if they were previously verified. ZTA is implemented by establishing strong identity verification, validating device compliance prior to granting access, and ensuring least privilege access to only explicitly authorized resources. Most modern corporate networks consist of many interconnected zones, [[Cloud computing|cloud services]] and infrastructure, connections to remote and mobile environments, and connections to non-conventional IT, such as [[Internet of things|IoT]] devices. The reasoning for zero trust is that the traditional approach — trusting users and devices within a notional "corporate perimeter", or users and devices connected via a [[Virtual private network|VPN]] — is not relevant in the complex environment of a corporate network. The zero trust approach advocates [[mutual authentication]], including checking the identity and integrity of users and devices without respect to location, and providing access to applications and services based on the confidence of user and device identity and device health in combination with user [[authentication]].<ref>{{Cite web|date=2021-02-01|title=Mutual TLS: Securing Microservices in Service Mesh|url=https://thenewstack.io/mutual-tls-microservices-encryption-for-service-mesh/|access-date=2021-02-20|website=The New Stack|language=en-US}}</ref> The zero trust architecture has been proposed for use in specific areas such as supply chains.<ref>{{Cite journal |last1=Collier |first1=Zachary A. |last2=Sarkis |first2=Joseph |date=2021-06-03 |title=The zero trust supply chain: Managing supply chain risk in the absence of trust |url=https://doi.org/10.1080/00207543.2021.1884311 |journal=International Journal of Production Research |volume=59 |issue=11 |pages=3430–3445 |doi=10.1080/00207543.2021.1884311 |s2cid=233965375 |issn=0020-7543}}</ref><ref>{{Cite journal |last1=do Amaral |first1=Thiago Melo Stuckert |last2=Gondim |first2=João José Costa |date=November 2021 |title=Integrating Zero Trust in the cyber supply chain security |url=https://ieeexplore.ieee.org/abstract/document/9626299 |journal=2021 Workshop on Communication Networks and Power Systems (WCNPS) |pages=1–6 |doi=10.1109/WCNPS53648.2021.9626299|isbn=978-1-6654-1078-6 |s2cid=244864841 }}</ref> | |||
The principles of zero trust can be applied to data access, and to the management of data. This brings about zero trust [[data security]] where every request to access the data needs to be authenticated dynamically and ensure [[Principle of least privilege|least privileged access]] to resources. In order to determine if access can be granted, policies can be applied based on the attributes of the data, who the user is, and the type of environment using [[Attribute-based access control|Attribute-Based Access Control (ABAC)]]. This zero-trust data security approach can protect access to the data.<ref>{{Cite journal |last1=Yao |first1=Qigui |last2=Wang |first2=Qi |last3=Zhang |first3=Xiaojian |last4=Fei |first4=Jiaxuan |date=2021-01-04 |title=Dynamic Access Control and Authorization System based on Zero-trust architecture |url=https://doi.org/10.1145/3437802.3437824 |journal=Proceedings of the 2020 1st International Conference on Control, Robotics and Intelligent System |series=CCRIS '20 |location=New York, NY, USA |publisher=Association for Computing Machinery |pages=123–127 |doi=10.1145/3437802.3437824 |isbn=978-1-4503-8805-4|s2cid=230507437 }}</ref> | |||
== History == | |||
In April 1994, the term "zero trust" was coined by Stephen Paul Marsh in his doctoral thesis on computer security at the [[University of Stirling]]. Marsh's work studied trust as something finite that can be described mathematically, asserting that the concept of trust transcends human factors such as [[morality]], [[ethics]], [[lawful]]ness, [[justice]], and [[judgement]].<ref>{{Citation|first=Stephen|last=Marsh|title=Formalising Trust as a Computational Concept|date=1994|url=https://scholar.google.co.uk/citations?view_op=view_citation&hl=en&user=Qz73wh4AAAAJ&citation_for_view=Qz73wh4AAAAJ:u5HHmVD_uO8C|access-date=2022-07-22|page=56}}</ref> | |||
The problems of the '[[Smarties|Smartie]]' or '[[M&M's|M&M]]' model of the network was described by a [[Sun Microsystems]] engineer in a [[Network World]] article in May 1994, who described fire walls perimeter defence, as a hard shell around a soft centre, "like a [[Cadbury Creme Egg|Cadbury Egg]]”. | |||
In 2001 the first version of the OSSTMM (Open Source Security Testing Methodology Manual) was released and this had some focus on trust. Version 3 which came out around 2007 has a whole chapter on Trust which says "Trust is a Vulnerability" and talks about how to apply the OSSTMM 10 controls based on Trust levels. | |||
In 2003 the challenges of defining the perimeter to an organisation's IT systems was highlighted by the [[Jericho Forum]] of this year, discussing the trend of what was then coined "[[de-perimeterisation]]". | |||
In 2009, [[Google]] implemented a zero trust architecture referred to as [[BeyondCorp]]. | |||
In 2010 the term zero trust model was used by analyst John Kindervag of [[Forrester Research]] to denote stricter cybersecurity programs and access control within corporations.<ref name=":1">{{Cite web|last=Loten|first=Angus|date=2019-05-01|title=Akamai Bets on 'Zero Trust' Approach to Security|url=https://www.wsj.com/articles/akamai-bets-on-zero-trust-approach-to-security-11556748454|access-date=2022-02-17|publisher=[[Wall Street Journal]]|language=en}}</ref><ref name=":2">{{Cite web |last=Higgins|first=Kelly Jackson|title=Forrester Pushes 'Zero Trust' Model For Security |url=https://www.darkreading.com/perimeter/forrester-pushes-zero-trust-model-for-security |access-date=2022-02-17 |publisher=[[Informa]]|work=Dark Reading |language=en |archive-url=https://web.archive.org/web/20210826012501/https://www.darkreading.com/perimeter/forrester-pushes-zero-trust-model-for-security |archive-date=26 August 2021 |url-status=dead}}</ref><ref>{{cite web|url=https://www.virtualstarmedia.com/downloads/Forrester_zero_trust_DNA.pdf|title=Build Security Into Your Network's DNA: The Zero Trust Network Architecture|first=John|last=Kindervag|publisher=[[Forrester Research]]|date=2010-11-05|accessdate=2022-07-22}}</ref> | |||
However, it would take almost a decade for zero trust architectures to become prevalent, driven in part by increased adoption of mobile and cloud services. {{Citation needed|date=February 2022}} | |||
In 2018, work undertaken in the [[United States]] by cybersecurity researchers at [[NIST]] and [[National Cybersecurity Center of Excellence|NCCoE]] led to the publication of ''SP 800-207, Zero Trust Architecture''.<ref name=":3">{{Cite web|author=[[National Cybersecurity Center of Excellence]]|title=Implementing a Zero Trust Architecture|url=https://www.nccoe.nist.gov/projects/implementing-zero-trust-architecture|access-date=2022-07-22|publisher=[[NIST]]}}</ref><ref name=":4">{{cite web |last1=Rose |first1=Scott |last2=Borchert |first2=Oliver |last3=Mitchell |first3=Stu |last4=Connelly |first4=Sean |title=Zero Trust Architecture |url=https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-207.pdf |website=nvlpubs.nist.gov |publisher=NIST |access-date=17 October 2020}}</ref> The publication defines zero trust (ZT) as a collection of concepts and ideas designed to reduce the uncertainty in enforcing accurate, per-request access decisions in information systems and services in the face of a network viewed as compromised. A zero trust architecture (ZTA) is an enterprise's cyber security plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a zero trust architecture plan. | |||
There are several ways to implement all the tenets of ZT; a full ZTA solution will include elements of all three: | |||
* Using enhanced identity governance and policy-based access controls. | |||
* Using micro-segmentation | |||
* Using overlay networks and software-defined perimeters | |||
In 2019 the United Kingdom [[National Cyber Security Centre (United Kingdom)|National Cyber Security Centre (NCSC)]] recommended that network architects consider a zero trust approach for new IT deployments, particularly where significant use of cloud services is planned.<ref name=":0">{{Cite web|title=Network architectures|url=https://www.ncsc.gov.uk/collection/mobile-device-guidance/infrastructure/network-architectures-for-remote-access|access-date=2020-08-25|website=www.ncsc.gov.uk|language=en}}</ref> An alternative but consistent approach is taken by [[National Cyber Security Centre (United Kingdom)|NCSC]], in identifying the key principles behind zero trust architectures: | |||
* Single strong source of user identity | |||
* User authentication | |||
* Machine authentication | |||
* Additional context, such as policy compliance and device health | |||
* Authorization policies to access an application | |||
* Access control policies within an application | |||
== See also == | |||
* [[Trust, but verify]] ''(Russian proverb)'' | |||
* [[Blast radius#Use in software security|Blast radius]] | |||
* [[Password fatigue]] | |||
* [[Secure access service edge]] | |||
== References == | |||
<references /> | |||
[[Category:Information technology]] | |||
[[Category:Computer network security]] | |||
[[Kategorie:Informationssicherheit]] | [[Kategorie:Informationssicherheit]] |
Version vom 13. Juli 2023, 12:44 Uhr
TMP
Vorlage:Short description The zero trust security model, also known as zero trust architecture (ZTA), and sometimes known as perimeterless security, describes an approach to the strategy, design and implementation of IT systems. The main concept behind the zero trust security model is "never trust, always verify,” which means that users and devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified. ZTA is implemented by establishing strong identity verification, validating device compliance prior to granting access, and ensuring least privilege access to only explicitly authorized resources. Most modern corporate networks consist of many interconnected zones, cloud services and infrastructure, connections to remote and mobile environments, and connections to non-conventional IT, such as IoT devices. The reasoning for zero trust is that the traditional approach — trusting users and devices within a notional "corporate perimeter", or users and devices connected via a VPN — is not relevant in the complex environment of a corporate network. The zero trust approach advocates mutual authentication, including checking the identity and integrity of users and devices without respect to location, and providing access to applications and services based on the confidence of user and device identity and device health in combination with user authentication.[1] The zero trust architecture has been proposed for use in specific areas such as supply chains.[2][3]
The principles of zero trust can be applied to data access, and to the management of data. This brings about zero trust data security where every request to access the data needs to be authenticated dynamically and ensure least privileged access to resources. In order to determine if access can be granted, policies can be applied based on the attributes of the data, who the user is, and the type of environment using Attribute-Based Access Control (ABAC). This zero-trust data security approach can protect access to the data.[4]
History
In April 1994, the term "zero trust" was coined by Stephen Paul Marsh in his doctoral thesis on computer security at the University of Stirling. Marsh's work studied trust as something finite that can be described mathematically, asserting that the concept of trust transcends human factors such as morality, ethics, lawfulness, justice, and judgement.[5]
The problems of the 'Smartie' or 'M&M' model of the network was described by a Sun Microsystems engineer in a Network World article in May 1994, who described fire walls perimeter defence, as a hard shell around a soft centre, "like a Cadbury Egg”.
In 2001 the first version of the OSSTMM (Open Source Security Testing Methodology Manual) was released and this had some focus on trust. Version 3 which came out around 2007 has a whole chapter on Trust which says "Trust is a Vulnerability" and talks about how to apply the OSSTMM 10 controls based on Trust levels.
In 2003 the challenges of defining the perimeter to an organisation's IT systems was highlighted by the Jericho Forum of this year, discussing the trend of what was then coined "de-perimeterisation".
In 2009, Google implemented a zero trust architecture referred to as BeyondCorp.
In 2010 the term zero trust model was used by analyst John Kindervag of Forrester Research to denote stricter cybersecurity programs and access control within corporations.[6][7][8]
However, it would take almost a decade for zero trust architectures to become prevalent, driven in part by increased adoption of mobile and cloud services. Vorlage:Citation needed
In 2018, work undertaken in the United States by cybersecurity researchers at NIST and NCCoE led to the publication of SP 800-207, Zero Trust Architecture.[9][10] The publication defines zero trust (ZT) as a collection of concepts and ideas designed to reduce the uncertainty in enforcing accurate, per-request access decisions in information systems and services in the face of a network viewed as compromised. A zero trust architecture (ZTA) is an enterprise's cyber security plan that utilizes zero trust concepts and encompasses component relationships, workflow planning, and access policies. Therefore, a zero trust enterprise is the network infrastructure (physical and virtual) and operational policies that are in place for an enterprise as a product of a zero trust architecture plan.
There are several ways to implement all the tenets of ZT; a full ZTA solution will include elements of all three:
- Using enhanced identity governance and policy-based access controls.
- Using micro-segmentation
- Using overlay networks and software-defined perimeters
In 2019 the United Kingdom National Cyber Security Centre (NCSC) recommended that network architects consider a zero trust approach for new IT deployments, particularly where significant use of cloud services is planned.[11] An alternative but consistent approach is taken by NCSC, in identifying the key principles behind zero trust architectures:
- Single strong source of user identity
- User authentication
- Machine authentication
- Additional context, such as policy compliance and device health
- Authorization policies to access an application
- Access control policies within an application
See also
- Trust, but verify (Russian proverb)
- Blast radius
- Password fatigue
- Secure access service edge