AWS Zero Trust Network Architecture. NIST Special Publication 800-207. Cyber Security.

décembre 15, 2023 Mourad ELGORMA

AWS Zero Trust Architecture. NIST Special Publication 800-207. Cyber Security ProfessorBlackOps. Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses
from static, network-based perimeters to focus on users, assets, and resources. A zero trust
architecture (ZTA) uses zero trust principles to plan industrial and enterprise infrastructure and
workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based
solely on their physical or network location (i.e., local area networks versus the internet) or based
on asset ownership (enterprise or personally owned). Authentication and authorization (both
subject and device) are discrete functions performed before a session to an enterprise resource is
established. Zero trust is a response to enterprise network trends that include remote users, bring
your own device (BYOD), and cloud-based assets that are not located within an enterprise owned network boundary. Zero trust focuses on protecting resources (assets, services,
workflows, network accounts, etc.), not network segments, as the network location is no longer
seen as the prime component to the security posture of the resource. This document contains an
abstract definition of zero trust architecture (ZTA) and gives general deployment models and use
cases where zero trust could improve an enterprise’s overall information technology security
posture