Recently I came across an interesting architecture pattern called as Zero Trust Architecture (ZTA).
In traditional ‘perimeter’ based approach, security models of identity, authentication, and authorization have challenges meeting needs of a IT landscape. There is a need to shift security model to asset-centric or data centric. IT landscape can be expanded using asset & data centric policies and not defining any network boundaries. In the classical approach, we restrict everything to a secure network behind a network firewall/boundary or perimeter whatever you would like to call it. In the zero trust approach, we protect digital assets located/deployed anywhere using a central policy.
Zero Trust - It is an information security approach that focuses on data/information security, including life cycle on any platform or network
Zero Trust Architecture - The implementation of Zero trust security strategy that follows well-defined and assured standards, technical patterns and guidance for organizations
Advantages of ZTA -
- Enables mobility allowing users to work anywhere using any device
- Improved business confidence, with new security mechanisms to protect data and applications
- Reduced scope of threats to support agility and support complexity
More details on this topic are available on the Open Group website. A whitepaper explaining the concept is available for free download at following URL - https://publications.opengroup.org/w210