Abstract
As a promising tool to cope with the current phishing attacks, zero-trust is gradually being taken seriously while the situation of network security becoming more and more severe. In zero trust, no unit is fully trusted even if it passes the certification. They only have the least privilege, access to data requires authentication, these processes need to be logged. This paper performs a typical survey of the composition and key technologies of zero trust, and combines the application of this technology in some scenarios to introduce the advantages of zero trust, such as big data function, cloud network and IoT. Moreover, this paper also discusses some of the challenging research issues in the field that can provide ideas for future researchers.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Cisco Institution.: Cisco 2017 annual cybersecurity report. Cisco, Technical Report (2017)
Zuo, Y.N.: Zero trust architecture: a new paradigm for network security. Electron. Fin. 2018(11), 50–51 (2018). (In Chinese)
Mikko, H., Tomi, T.: F-Secure 2017 State of Cybersecurity report. F-Secure, Technical Report (2017)
Honeycutt, D., Grumman, N.: Developing a Framework to Improve Critical Infrastructure Cybersecurity (2013)
Gilman, E.: Zero Trust Networks: Building Secure Systems in Untrusted Networks (2016)
Ward, R., Beyer, B.: Beyondcorp: a new approach to enterprise security. Login 39(6), 6–11 (2014)
Osborn, B., McWilliams, J., Beyer, B., et al.: BeyondCorp: design to deployment at google. Login 41(1), 28–34 (2016)
Beske, C.M.C., Peck, J., Saltonstall, M.: Migrating to BeyondCorp: maintaining productivity while improving security. 42(2), 49–55 (2017)
Escobedo, V.M., Zyzniewski, F., Saltonstall, M.: BeyondCorp: The User Experience (2017)
King, H., Janosko, M., Beyer, B., et al.: BeyondCorp: building a healthy fleet. Login 43(3), 2–64 (2018)
Ding, J.: Why to say zero-trust will become one of the popular frameworks of network security. Comput. Netw. 44(04), 54–55 (2018)
Chaffetz, J., Meadows, M., Hurd, W.: The OPM Data Breach: How the Government Jeopardized Our National Security For More Than a Generation. Oversight and Government Reform. Technical Report (2016)
Eidle, D., Ni, S.Y., DeCusatis, C., et al.: Autonomic security for zero trust networks. In: 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), pp. 288–293. IEEE (2017)
DeCusatis, C., Liengtiraphan, P., Sager, A.: Advanced Intrusion Prevention for Geographically Dispersed Higher Education Cloud Networks. In: Auer, M.E., Zutin, D.G. (eds.) Online Engineering & Internet of Things. LNNS, vol. 22, pp. 132–143. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-64352-6_13
Stoneburner, G., Goguen, A., Feringa, A.: Risk Management Guide for Information Technology Systems. 800–300. NIST Special Publication (2002)
Boyd, J.: OODA Model Summary. https://www.valuebasedmanagement.net/methodsboyd-oodaloop.html. Accessed 15 July 2017
Compastié, M., Badonnel, R., Festor, O., et al.: A software-defined security strategy for supporting autonomic security enforcement in distributed cloud. In: 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pp. 464–467. IEEE (2016)
Saxena, A., Lacoste, M., Jarboui, T., Lücking, U., Steinke, B.: A Software Framework for Autonomic Security in Pervasive Environments. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 91–109. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77086-2_8
Marchal, S., Jiang, X., State, R., et al.: A big data architecture for large scale security monitoring. In: 2014 IEEE International Congress on Big Data, pp. 56–63. IEEE (2014)
Sirisha, N., Kiran, K.: Authorization of data in hadoop using apache sentry. Int. J. Eng. Technol. 7(2018), 234 (2018)
Tao, Y., Lei, Z., Ruxiang, P.: Fine-grained big data security method based on zero trust model. In: 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS), pp. 1040–1045. IEEE (2018)
Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Fut. Gener. Comput. Syst. 28(3), 583–592 (2012)
Li, J., Li, B., Wo, T., et al.: CyberGuarder: a virtualization security assurance architecture for green cloud computing. Fut. Gener. Comput. Syst. 28(2), 379–390 (2012)
Hui, H.W., Zhou, C.C., Xu, S.G., Lin, F.H.: A novel secure data transmission scheme in industrial internet of things. China Commun. 17(1), 73–88 (2020)
Ben Saied, Y., Olivereau, A., Zeghlache, D., et al.: Trust management system design for the Internet of Things: a context-aware and multi-service approach. Comput. Secur. 39, 351–365 (2013)
Samaniego, M., Deters, R.: Zero-trust hierarchical management in IoT. In: 2018 IEEE International Congress on Internet of Things (ICIOT), pp. 88–95. IEEE (2018)
Saleh, A.S.A., Hamed, E.M.R., Hashem, M.: Building trust management model for cloud computing. In: 2014 9th International Conference on Informatics and Systems. IEEE (2014)
Su, J.T., Lin, F.H., Zhou, X.W., Lu, X.: Steiner tree based optimal resource caching scheme in fog computing. China Commun. 12(8), 161–168 (2015)
Dou, Z., Xu, G., Chen, X.B., Yuan, K.G.: Rational non-hierarchical quantum state sharing protocol. Comput. Mater. Continua 58(2), 335–347 (2019)
Zhao, G.D., Zhang, Y.W., Shi, Y.Q., Lan, H.L., Yang, Q.: The application of BP neural networks to analysis the national vulnerability. Comput. Mater. Continua 58(2), 421–436 (2019)
Long, M., Zeng, Y.: Detecting iris liveness with batch normalized convolutional neural network. Comput. Mater. Continua 58(2), 493–504 (2019)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Yan, X., Wang, H. (2020). Survey on Zero-Trust Network Security. In: Sun, X., Wang, J., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2020. Communications in Computer and Information Science, vol 1252. Springer, Singapore. https://doi.org/10.1007/978-981-15-8083-3_5
Download citation
DOI: https://doi.org/10.1007/978-981-15-8083-3_5
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-15-8082-6
Online ISBN: 978-981-15-8083-3
eBook Packages: Computer ScienceComputer Science (R0)