dido:public:ra:xapend:xapend.a_glossary:z:zero-trust
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
dido:public:ra:xapend:xapend.a_glossary:z:zero-trust [2021/10/04 13:40] 50.19.247.197 ↷ Links adapted because of a move operation |
dido:public:ra:xapend:xapend.a_glossary:z:zero-trust [2022/01/18 13:06] (current) nick [Definition 2] |
||
|---|---|---|---|
| Line 2: | Line 2: | ||
| [[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]] | [[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]] | ||
| + | ==== Definition 1 ==== | ||
| **Zero Trust (ZT)** also **Zero-Trust**, provides a collection of concepts and ideas designed to minimize | **Zero Trust (ZT)** also **Zero-Trust**, provides a collection of concepts and ideas designed to minimize | ||
| uncertainty in enforcing accurate, least privilege per-request access decisions in | uncertainty in enforcing accurate, least privilege per-request access decisions in | ||
| Line 8: | Line 9: | ||
| Source: [[dido:public:ra:xapend:xapend.b_stds:tech:nist:zta ]] | Source: [[dido:public:ra:xapend:xapend.b_stds:tech:nist:zta ]] | ||
| + | ==== Definition 2 ==== | ||
| + | **Zero Trust (ZT)** is a data-centric [[dido:public:ra:xapend:xapend.a_glossary:c:cyber_security]] strategy for enterprise computing that assumes no end-user, | ||
| + | [[dido:public:ra:xapend:xapend.a_glossary:n:netdev]], | ||
| + | [[dido:public:ra:xapend:xapend.a_glossary:m:mobile]], | ||
| + | [[dido:public:ra:xapend:xapend.a_glossary:p:peripheral_device]], or | ||
| + | [[dido:public:ra:xapend:xapend.a_glossary:s:storagedevice]], | ||
| + | [[dido:public:ra:xapend:xapend.a_glossary:w:web_service]], or network connection can be trusted -- even when an access request originates from within the organization’s own network perimeter. | ||
| + | |||
| + | The [[dido:public:ra:xapend:xapend.a_glossary:z:zero-trust_model]] has evolved to take into account distributed computing and an ever-expanding attack surface. Unlike a [[dido:public:ra:xapend:xapend.a_glossary:s:sso]] strategy that allows users to log in once and access multiple network services without re-entering authentication factors, **Zero Trust** requires authentication factors to be verified -- and re-verified -- each time a network resource is requested. | ||
| + | |||
| + | Because untrusted threat actors exist both internally and external to a network, **Zero Trust** supports the following principles: | ||
| + | |||
| + | * Never Trust | ||
| + | * Always Verify | ||
| + | * Enforce Least Privilege | ||
| + | |||
| + | An important goal of the Zero Trust Model is to prevent malicious actors from using a compromised account to move laterally across a target network. | ||
| + | |||
| + | Source: [[https://www.techopedia.com/definition/34572/zero-trust-zt]] | ||
| /**=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | /**=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | ||
dido/public/ra/xapend/xapend.a_glossary/z/zero-trust.1633369215.txt.gz · Last modified: 2021/10/04 13:40 by 50.19.247.197
