A key concept of zero trust security is that it assess security dynamically.
Zero Trust Network (ZTN)
Zero Trust Architecture (ZTA)
Zero Trust Network Access (ZTNA) is an IT security solution that provides secure remote access to an organization’s applications, data, and services based on clearly defined access control policies.
ZTNA may be seen as an evolution or substitution of VPN, and provide access not to all internal resources as default, but only to those the endpoint need access.
Zero Trust is achieved through these elements (not extensible list):
- Network Access Control (NAC)
- Microsegmentation
Zero Knowledge Proof (ZKP) is a protocol in which one party (the prover) can convince another party (the verifier) that some given statement is true, without conveying to the verifier any information beyond the mere fact of that statement’s truth.
Zero Trust Standards
Zero trust standards featured on this post:
- NIST SP 800-207
NIST SP 800-207
NIST SP 800-207 is a NIST document with the title “Zero Trust Architecture”.
Cloud Zero Trust
Examples of zero trust cloud service modules include AWS Zero Trust, Azure Zero Trust and Google Cloud Zero Trust.