In general, we may divide these Zero-Trust Architecture principles into three security categories. Using the NIST SP 800-207 article as a reference, we’ll examine how these seven pillars of zero trust architecture integrate into these domains, as well as why each tenet is vital for sustaining successful Zero Trust security.
The Zero-Trust Architecture Domain 1 is giving access.
What criteria are we using to provide access? How can an accessor’s identity, integrity, and state likely to established and verified? The three pillars in this category address these critical challenges; if you don’t appropriately implement these principles, unauthorized or compromised persons or devices may get access when they should not.
The first principle is authentication and authorization.
According to the National Institute of Standards and Technology, ” before your access gets a permit all resource authentication and authorization must be rigorously dynamic and strongly enforce.”
The second principle is integrity.
According to the National Institute of Standards and Technology, “the company monitors and measures the integrity and security posture of all owned and connected assets.” Hacking can happen at any time, that’s why vulnerabilities, patch levels, and other potential corruptions that could threaten asset integrity, asset integrity need a regular review.
The third principle is observable.
According to NIST, “access to services remains determined by flexible policy, which incorporates the observable state of the client identity, application/service, and requesting asset, as well as other behavioral and environmental characteristics.”
This principle appears to be similar to the previous “Integrity” precept; however, “Observable State” concentrates on the qualities and behavioral attributes that an organization should examine before granting access. Location, device kind, measured deviations, and unusual usage behaviors are all options.
Access Control is the ZTA’s second domain.
In terms of both time and activity, how much and how long do we grant access? This element of Zero Trust Architecture is connected to the concept of least privilege. A little compromise can result in a major breach if you don’t implement it correctly and we offer too much access.
The fourth principle is little access is feasible
According to NIST, “all data sources and computer services recognized as considered resources.”
Even if they have a modest footprint, vessels, programs, services, IoT controllers, files, DB tables, and data records are all economies of scale. Depending on the need, it must be possible to restrict access to the smallest resource with the highest granularity possible.
The fifth principle is “minimal time access.”
Based on the National Institute of Standards and Technology, “access to individual company resources is strictly permitted on a per-session basis.”
Access remains restricted to a single resource, for the duration specified, and for a single transaction. Every fresh transaction or after even the shortest period of time remains necessary. Access is also necessary for re-evaluation.
The ZTA’s third domain is Access Control and Monitoring.
Once a Zero Trust decision is executed, access is continually monitored and protected. If this part remains ineffectively deployed, we may be unable to defend our Zero Trust Architecture against the network, infrastructure, and environment threats, and must compromise to secure access for confidentiality or integrity or adapt to changes in the threat environment.
