Affiliation:
1. No.30 Research Institute of China Electronics Technology Group Corporation, Chengdu, China
2. National Computer Network Emergency Response Technical Team/Coordination Center of China (CNCERT/CC), Beijing, 100029, China
Abstract
The traditional perimeter-based network protection model cannot adapt to the development of current technology. Zero trust is a new type of network security model, which is based on the concept of never trust and always verify. Whether the access subject is in the internal network or the external network, it needs to be authenticated to access resources. The zero trust model has received extensive attention in research and practice because it can meet the new network security requirements. However, the application of zero trust is still in its infancy, and enterprises, organizations, and individuals are not fully aware of the advantages and disadvantages of zero trust, which greatly hinders the application of zero trust. This paper introduces the existing zero trust architecture and analyzes the core technologies including identity authentication, access control, and trust assessment, which are mainly relied on in the zero trust architecture. The main solutions under each technology are compared and analyzed to summarize the advantages and disadvantages, as well as the current challenges and future research trends. Our goal is to provide support for the research and application of future zero trust architectures.
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Information Systems
Reference54 articles.
1. Beyond Corp: a new approach to enterprise security;R. Ward,2014
2. Augmenting Zero Trust Network Architecture to enhance security in virtual power plants
3. Implementing zero trust cloud networks with transport access control and first packet authentication;C. DeCusatis
Cited by
61 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献