TY - GEN
T1 - ZTA
T2 - 21st European Conference on Cyber Warfare and Security, ECCWS 2022
AU - Sample, Char
AU - Shelton, Cragin
AU - Loo, Sin Ming
AU - Justice, Connie
AU - Hornung, Lynette
AU - Poynter, Ian
N1 - Publisher Copyright:
© 2022 Curran Associates Inc.. All rights reserved.
PY - 2022
Y1 - 2022
N2 - Zero Trust Architecture (ZTA) deployments are growing in popularity, widely viewed as a solution to historical enterprise security monitoring that typically finds attackers months after they have gained system access. ZTA design incorporates multiple industry security advisories, including assuming network compromise, using robust identity management, encrypting all traffic, thwarting lateral movement, and other security best practices. Collectively, these features are designed to detect and prevent attackers from successfully persisting in the environment. These features each offer solutions to various ongoing security problems but individually are not comprehensive solutions. When designed for cloud services ZTA holds the promise of outsourcing security monitoring. However, some observations about ZTA suggest that the component solutions themselves have flaws potentially exposing systems to additional undetected vulnerabilities, providing a false sense of security. This paper addresses vulnerable paths using a bottom-to-top approach, listing problem areas and mapping them to attacker goals of deny, deceive, disrupt, deter, and destroy. The paper then addresses residual risk in the architecture. Based on the findings the paper suggests realistic countermeasures, offering insights into additional detection and mitigation techniques.
AB - Zero Trust Architecture (ZTA) deployments are growing in popularity, widely viewed as a solution to historical enterprise security monitoring that typically finds attackers months after they have gained system access. ZTA design incorporates multiple industry security advisories, including assuming network compromise, using robust identity management, encrypting all traffic, thwarting lateral movement, and other security best practices. Collectively, these features are designed to detect and prevent attackers from successfully persisting in the environment. These features each offer solutions to various ongoing security problems but individually are not comprehensive solutions. When designed for cloud services ZTA holds the promise of outsourcing security monitoring. However, some observations about ZTA suggest that the component solutions themselves have flaws potentially exposing systems to additional undetected vulnerabilities, providing a false sense of security. This paper addresses vulnerable paths using a bottom-to-top approach, listing problem areas and mapping them to attacker goals of deny, deceive, disrupt, deter, and destroy. The paper then addresses residual risk in the architecture. Based on the findings the paper suggests realistic countermeasures, offering insights into additional detection and mitigation techniques.
KW - attack
KW - component
KW - system
KW - vulnerabilities
KW - zero trust architecture
UR - http://www.scopus.com/inward/record.url?scp=85172880839&partnerID=8YFLogxK
M3 - Conference contribution
AN - SCOPUS:85172880839
T3 - European Conference on Information Warfare and Security, ECCWS
SP - 256
EP - 262
BT - Proceedings of the 21st European Conference on Cyber Warfare and Security, ECCWS 2022
A2 - Eze, Thaddeus
A2 - Khan, Nabeel
A2 - Onwubiko, Cryil
A2 - Onwubiko, Cryil
Y2 - 16 June 2022 through 17 June 2022
ER -