Skip to main content
SpringerLink
Log in

Survey on Zero-Trust Network Security

  • Conference paper
  • First Online:
Artificial Intelligence and Security (ICAIS 2020)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 1252))

Included in the following conference series:

Abstract

As a promising tool to cope with the current phishing attacks, zero-trust is gradually being taken seriously while the situation of network security becoming more and more severe. In zero trust, no unit is fully trusted even if it passes the certification. They only have the least privilege, access to data requires authentication, these processes need to be logged. This paper performs a typical survey of the composition and key technologies of zero trust, and combines the application of this technology in some scenarios to introduce the advantages of zero trust, such as big data function, cloud network and IoT. Moreover, this paper also discusses some of the challenging research issues in the field that can provide ideas for future researchers.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Cisco Institution.: Cisco 2017 annual cybersecurity report. Cisco, Technical Report (2017)

    Google Scholar 

  2. Zuo, Y.N.: Zero trust architecture: a new paradigm for network security. Electron. Fin. 2018(11), 50–51 (2018). (In Chinese)

    Google Scholar 

  3. Mikko, H., Tomi, T.: F-Secure 2017 State of Cybersecurity report. F-Secure, Technical Report (2017)

    Google Scholar 

  4. Honeycutt, D., Grumman, N.: Developing a Framework to Improve Critical Infrastructure Cybersecurity (2013)

    Google Scholar 

  5. Gilman, E.: Zero Trust Networks: Building Secure Systems in Untrusted Networks (2016)

    Google Scholar 

  6. Ward, R., Beyer, B.: Beyondcorp: a new approach to enterprise security. Login 39(6), 6–11 (2014)

    Google Scholar 

  7. Osborn, B., McWilliams, J., Beyer, B., et al.: BeyondCorp: design to deployment at google. Login 41(1), 28–34 (2016)

    Google Scholar 

  8. Beske, C.M.C., Peck, J., Saltonstall, M.: Migrating to BeyondCorp: maintaining productivity while improving security. 42(2), 49–55 (2017)

    Google Scholar 

  9. Escobedo, V.M., Zyzniewski, F., Saltonstall, M.: BeyondCorp: The User Experience (2017)

    Google Scholar 

  10. King, H., Janosko, M., Beyer, B., et al.: BeyondCorp: building a healthy fleet. Login 43(3), 2–64 (2018)

    Google Scholar 

  11. Ding, J.: Why to say zero-trust will become one of the popular frameworks of network security. Comput. Netw. 44(04), 54–55 (2018)

    Google Scholar 

  12. Chaffetz, J., Meadows, M., Hurd, W.: The OPM Data Breach: How the Government Jeopardized Our National Security For More Than a Generation. Oversight and Government Reform. Technical Report (2016)

    Google Scholar 

  13. Eidle, D., Ni, S.Y., DeCusatis, C., et al.: Autonomic security for zero trust networks. In: 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), pp. 288–293. IEEE (2017)

    Google Scholar 

  14. DeCusatis, C., Liengtiraphan, P., Sager, A.: Advanced Intrusion Prevention for Geographically Dispersed Higher Education Cloud Networks. In: Auer, M.E., Zutin, D.G. (eds.) Online Engineering & Internet of Things. LNNS, vol. 22, pp. 132–143. Springer, Cham (2018). https://doi.org/10.1007/978-3-319-64352-6_13

    Chapter  Google Scholar 

  15. Stoneburner, G., Goguen, A., Feringa, A.: Risk Management Guide for Information Technology Systems. 800–300. NIST Special Publication (2002)

    Google Scholar 

  16. Boyd, J.: OODA Model Summary. https://www.valuebasedmanagement.net/methodsboyd-oodaloop.html. Accessed 15 July 2017

  17. Compastié, M., Badonnel, R., Festor, O., et al.: A software-defined security strategy for supporting autonomic security enforcement in distributed cloud. In: 2016 IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pp. 464–467. IEEE (2016)

    Google Scholar 

  18. Saxena, A., Lacoste, M., Jarboui, T., Lücking, U., Steinke, B.: A Software Framework for Autonomic Security in Pervasive Environments. In: McDaniel, P., Gupta, S.K. (eds.) ICISS 2007. LNCS, vol. 4812, pp. 91–109. Springer, Heidelberg (2007). https://doi.org/10.1007/978-3-540-77086-2_8

    Chapter  Google Scholar 

  19. Marchal, S., Jiang, X., State, R., et al.: A big data architecture for large scale security monitoring. In: 2014 IEEE International Congress on Big Data, pp. 56–63. IEEE (2014)

    Google Scholar 

  20. Sirisha, N., Kiran, K.: Authorization of data in hadoop using apache sentry. Int. J. Eng. Technol. 7(2018), 234 (2018)

    Article  Google Scholar 

  21. Tao, Y., Lei, Z., Ruxiang, P.: Fine-grained big data security method based on zero trust model. In: 2018 IEEE 24th International Conference on Parallel and Distributed Systems (ICPADS), pp. 1040–1045. IEEE (2018)

    Google Scholar 

  22. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Fut. Gener. Comput. Syst. 28(3), 583–592 (2012)

    Article  Google Scholar 

  23. Li, J., Li, B., Wo, T., et al.: CyberGuarder: a virtualization security assurance architecture for green cloud computing. Fut. Gener. Comput. Syst. 28(2), 379–390 (2012)

    Article  Google Scholar 

  24. Hui, H.W., Zhou, C.C., Xu, S.G., Lin, F.H.: A novel secure data transmission scheme in industrial internet of things. China Commun. 17(1), 73–88 (2020)

    Article  Google Scholar 

  25. Ben Saied, Y., Olivereau, A., Zeghlache, D., et al.: Trust management system design for the Internet of Things: a context-aware and multi-service approach. Comput. Secur. 39, 351–365 (2013)

    Article  Google Scholar 

  26. Samaniego, M., Deters, R.: Zero-trust hierarchical management in IoT. In: 2018 IEEE International Congress on Internet of Things (ICIOT), pp. 88–95. IEEE (2018)

    Google Scholar 

  27. Saleh, A.S.A., Hamed, E.M.R., Hashem, M.: Building trust management model for cloud computing. In: 2014 9th International Conference on Informatics and Systems. IEEE (2014)

    Google Scholar 

  28. Su, J.T., Lin, F.H., Zhou, X.W., Lu, X.: Steiner tree based optimal resource caching scheme in fog computing. China Commun. 12(8), 161–168 (2015)

    Article  Google Scholar 

  29. Dou, Z., Xu, G., Chen, X.B., Yuan, K.G.: Rational non-hierarchical quantum state sharing protocol. Comput. Mater. Continua 58(2), 335–347 (2019)

    Article  Google Scholar 

  30. Zhao, G.D., Zhang, Y.W., Shi, Y.Q., Lan, H.L., Yang, Q.: The application of BP neural networks to analysis the national vulnerability. Comput. Mater. Continua 58(2), 421–436 (2019)

    Article  Google Scholar 

  31. Long, M., Zeng, Y.: Detecting iris liveness with batch normalized convolutional neural network. Comput. Mater. Continua 58(2), 493–504 (2019)

    Article  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. The Network Security Bureau of the Ministry of Public Security of P.R.C, Beijing, China

    Xiangshuai Yan

  2. The Information Security Department of the First Research Institute of the Ministry of Public Security of P.R.C, Beijing, China

    Huijuan Wang

Authors
  1. Xiangshuai Yan
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huijuan Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Huijuan Wang .

Editor information

Editors and Affiliations

  1. Nanjing University of Information Science and Technology, Nanjing, China

    Xingming Sun

  2. Nanjing University of Information Science and Technology, Nanjing, China

    Jinwei Wang

  3. Purdue University, West Lafayette, IN, USA

    Elisa Bertino

Rights and permissions

Reprints and permissions

Copyright information

© 2020 Springer Nature Singapore Pte Ltd.

About this paper

Check for updates. Verify currency and authenticity via CrossMark

Cite this paper

Yan, X., Wang, H. (2020). Survey on Zero-Trust Network Security. In: Sun, X., Wang, J., Bertino, E. (eds) Artificial Intelligence and Security. ICAIS 2020. Communications in Computer and Information Science, vol 1252. Springer, Singapore. https://doi.org/10.1007/978-981-15-8083-3_5

Download citation

  • DOI: https://doi.org/10.1007/978-981-15-8083-3_5

  • Published:

  • Publisher Name: Springer, Singapore

  • Print ISBN: 978-981-15-8082-6

  • Online ISBN: 978-981-15-8083-3

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation