Migrating to Zero Trust Architecture: Reviews and Challenges

Teerakanok, Songpon; Uehara, Tetsutaro; Inomata, Atsuo

doi:10.1155/2021/9947347

Cited by 59 publications

(30 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…In heterogeneous environments like MEC, the infrastructure needs to examine the pertinent aspects of access requests instead of assuming trust based on a point-in-time assurance, that is, admission control or network location. Trust management for MEC introduces challenges as identified in [7,[26][27][28][29]. In the ZTS approach, the security posture of applications, users, and UE [11,24] will be continually reassessed.…”

Section: Zero-trust Securitymentioning

confidence: 99%

“…Adversaries know that the MEC environment has multiple entry points through the functional layers [2]. Adopting the ZTS fundamentals would implement various security controls across the MEC ecosystem lifecycle to continuously verify trust [29]. Security controls would collaborate and constantly feed the ZTS enablers to maintain visibility across the known threats and become aware of emerging vulnerabilities.…”

Section: Securing the Trust Pillarsmentioning

confidence: 99%

See 1 more Smart Citation

A Maturity Framework for Zero-Trust Security in Multiaccess Edge Computing

Ali

Hijjawi

Campbell

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

Multiaccess Edge Computing (MEC) has been adopted to provide an environment that supports cloud computing capabilities and IT services at the network edge. The open architecture of cloud computing and network access at the edge provides malicious actors with many attack vectors. The MEC system entities cannot be permanently trusted due to the dynamic and shareable nature of MEC deployments. This paper presents a classification of MEC entities that can be used to define security controls based on the Zero-Trust Security approach. The security controls are organised into a maturity framework that can be used to guide the systematic development of trust and security in an MEC environment. In this framework, a Minimum Viable Security posture defines the first operational step towards full implementation of Zero-Trust Security in an MEC environment.

show abstract

Section: Zero-trust Securitymentioning

confidence: 99%

Section: Securing the Trust Pillarsmentioning

confidence: 99%

A Maturity Framework for Zero-Trust Security in Multiaccess Edge Computing

Ali

Hijjawi

Campbell

et al. 2022

Security and Communication Networks

View full text Add to dashboard Cite

show abstract

“…O trabalho [Teerakanok et al 2021] aborda a migrac ¸ão da arquitetura baseada em perímetro para a arquitetura de confianc ¸a zero, propondo um processo de migrac ¸ão em três etapas: avaliac ¸ão dos usuários e ambiente computacional; avaliac ¸ão de risco; e implantac ¸ão e revisão. O nosso trabalho aborda as três etapas ao propor e instanciar uma arquitetura baseada em tecnologias comerciais aplicadas ao ambiente de big data real.…”

Section: Trabalhos Relacionadosunclassified

Abordagem confiança zero aplicada a ambientes computacionais big data: um estudo de caso

Oliveira¹,

Oliveira²,

Macedo³

et al. 2022

Anais Do XXVII Workshop De Gerência E Operação De Redes E Serviços (WGRS 2022)

View full text Add to dashboard Cite

O tema deste artigo é o estudo e a aplicação dos princípios da abordagem de confiança zero (zero trust) para segurança cibernética a um ambiente de big data. A partir da definição de um ambiente computacional big data baseado em um ambiente real de produção, definimos uma arquitetura de segurança baseada na confiança zero e a instanciamos para o ambiente em questão, abordando alguns casos de autenticação e autorização. Para a instanciação da arquitetura, várias ferramentas de software são utilizadas, diversas delas já disponíveis no ambiente real. As soluções propostas são ilustradas por casos de uso. A conclusão é que essa a tarefa é complexa, porém factível, e que pode ser implementada com as ferramentas usuais de ambientes big data.

show abstract

“…He also explains how zero-trust security can have an impact on network and security system integration. The existing surveys focus on basic concepts of ZTA [151], migration strategies [134],…”

Section: Existing Surveysmentioning

confidence: 99%

“…The advantages of ZTA and the existing challenges are also presented. Teerakanok et al [134] investigates the challenges, steps, and matters to be considered in migrating from a legacy architecture to ZTA.…”

Section: Existing Surveysmentioning

confidence: 99%

Automation and Orchestration of Zero Trust Architecture:Potential Solutions and Challenges

Cao¹,

Pokhrel²,

Zhu³

et al. 2022

Preprint

View full text Add to dashboard Cite

<p>Zero Trust Architecture (ZTA) is a paradigm shift in how we protect data, stay connected, and access resources. ZTA is non-perimeter based defense, which has been emerging as a promising revolution in the cybersecurity field. It can be used to continuously maintain security by safeguarding against attacks both from inside and outside of the network system. However, automation and orchestration ZTA, an essential direction towards its seamless deployments over real-word networks, have been poorly understood in literature. In this paper, we first identify the bottlenecks, discuss the background of ZTA and compare it with traditional perimeter-based security architectures. More importantly, we present a comprehensive direction towards the automation and orchestration of ZTA by employing AI techniques. In other words, the key potential and roles of celebrates AI techniques for the automation and orchestration of ZTA are demonstrated for further exploration. Overall, in this review paper, we develop a foundational view on the challenges and potential enablers for the automation and orchestration of ZTA.</p>

show abstract

Migrating to Zero Trust Architecture: Reviews and Challenges

Cited by 59 publications

References 8 publications

A Maturity Framework for Zero-Trust Security in Multiaccess Edge Computing

A Maturity Framework for Zero-Trust Security in Multiaccess Edge Computing

Abordagem confiança zero aplicada a ambientes computacionais big data: um estudo de caso

Automation and Orchestration of Zero Trust Architecture:Potential Solutions and Challenges

Contact Info

Product

Resources

About