Zero Trust Architecture

Rose, Scott; Borchert, Oliver; Mitchell, Stu; Connelly, Sean

doi:10.6028/nist.sp.800-207-draft

Cited by 24 publications

(19 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In addition to the built-in features of private Ethereum blockchain such as immutability, reliability, and security [2,36,66], this lending model confirms the trustworthiness by implementing privacy group patterns for each group of loan participants on Besu Ethereum client [4,11]. The model of our malicious detection algorithm is partially connected to zero trust architecture, where it reduces the uncertainty in access management [60]. The MaliciousDetector smart contract is acting as a policy decision point to monitor and track API requests to allow users to enter into a trustworthy zone [60,62].…”

Section: Trustworthiness Between Users Involved In a Loan Agreementmentioning

confidence: 91%

“…The model of our malicious detection algorithm is partially connected to zero trust architecture, where it reduces the uncertainty in access management [60]. The MaliciousDetector smart contract is acting as a policy decision point to monitor and track API requests to allow users to enter into a trustworthy zone [60,62].…”

Section: Trustworthiness Between Users Involved In a Loan Agreementmentioning

confidence: 99%

See 1 more Smart Citation

Private and Trustworthy Distributed Lending Model Using Hyperledger Besu

2021

View full text Add to dashboard Cite

Financial systems are rapidly becoming decentralized for fulfilling requirements, such as distributed transactions, security, trustworthiness and elimination of third-party authorizations. As a fast-growing decentralized platform, blockchain thrives in enterprise application development on permissioned and private environments. Unfortunately, the transparency nature on most of the blockchain platforms allows all the participants to view the transaction data unless the blockchain is a private chain. This practice has limited the potential developing blockchain-based applications, especially for public chains like Ethereum. This paper attempts to provide a technical solution to ensure the privacy and trustworthiness of transaction data on Ether-eum. To illustrate how a real-world system works, we design and implement a distributed lending model for handling private transactions between the participants of any loan agreement. Specifically, the privacy of the loan transactions is protected by customizing Hyperledger Besu and Orion transaction manager with the privacy group feature. However, current versions of Hyperledger Besu and Orion fail to provide necessary features for securing the entire Decentralized Application (DApp), including key management and intrusion detection, and the privacy group ID is unprotected by default. Therefore, we propose a multiuser level encryption scheme to securely share the privacy group ID among the privacy group members. Furthermore, we deployed a smart contract to monitor and alert the malicious activities from any external nodes with the intention to guess the privacy group ID. Our multiuser level encryption and intrusion detection methods worked seamlessly with the Hyperledger Besu and Orion on our prototype lending system. Our empirical results showed that the privacy needs of the privacy group ID are fulfilled with good system efficiency. The smart contract programs and the source code of the NodeJs application are available at https ://www.githu b.com/pprai the/besu_malic ious_node_detec tor.

show abstract

Section: Trustworthiness Between Users Involved In a Loan Agreementmentioning

confidence: 91%

Section: Trustworthiness Between Users Involved In a Loan Agreementmentioning

confidence: 99%

Private and Trustworthy Distributed Lending Model Using Hyperledger Besu

2021

View full text Add to dashboard Cite

show abstract

“…trust domains [47]- [49]. At the same time, considering the flexibility of the MEC architecture, achieving mutual authentication with anonymity and untraceability are crucial for data security and user privacy [50], [51]. Authentication methods include single-domain authentication [41], crossdomain authentication [52], and the SDN-based handover authentication scheme [53].…”

Section: ) Identity and Authenticationmentioning

confidence: 99%

“…However, edge networks might exfiltrate sensitive information and rich network context information, such as client status information, traffic statistics and local network conditions that are used by applications to offer context-aware optimization [12]. • Privilege escalation: Privilege escalation arises when a bad actor exploits a design flaw, bug, or configuration error in an operating system or application to gain elevated access to protected resources that would typically be restricted to that user [51], [104]. The malicious user can then use the newly acquired unauthorised privileges to steal confidential data, run administrative commands or deploy malware, and potentially do severe damage to server applications [5], [13], [77].…”

Section: Edge Network Threatsmentioning

confidence: 99%

“…Secure access to applications and devices remains a challenge that involves the use of adaptive policies, trust in user identities, and device trustworthiness [47]. Trust management should continuously reassess the posture of applications, users, and devices [51]. The original design trusted every entity in the ecosystem, i.e., users, devices and services.…”

Section: ) Trust Managementmentioning

confidence: 99%

See 1 more Smart Citation

Multi-Access Edge Computing Architecture, Data Security and Privacy: A Review

Ali

Gregory

2021

IEEE Access

View full text Add to dashboard Cite

Multi-Access Edge Computing (MEC) is an extension of cloud computing that aims to provide computation, storage, and networking capabilities at the edge of the network in close proximity to end-users. The MEC architecture supports applications and services that bridge between cloud computing and end-users. The architecture includes devices and systems that are interconnected, layered, and flexibly deployed. As a result of the technological advancements, MEC is facing a myriad of highly sophisticated threats. This paper provides a review of MEC Architecture, use cases, conceptual guidelines for MEC security architecture, security and privacy techniques, and identifies current and future challenges, their implications, and approaches to overcome the challenges. This research examined significant threats, described the MEC architecture, identified the susceptible functional layers, the different categories of threats, and the potential security safeguards. The research recommends that MEC providers should implement multiple layers of security controls to mitigate targeted attacks.

show abstract

Zero Trust User Access and Identity Security in Smart Grid Based SCADA Systems

Mir

Kumar

2021

Advances in Intelligent Systems and Computing

View full text Add to dashboard Cite

Zero Trust Architecture

Cited by 24 publications

References 2 publications

Private and Trustworthy Distributed Lending Model Using Hyperledger Besu

Private and Trustworthy Distributed Lending Model Using Hyperledger Besu

Multi-Access Edge Computing Architecture, Data Security and Privacy: A Review

Zero Trust User Access and Identity Security in Smart Grid Based SCADA Systems

Contact Info

Product

Resources

About