===== Zero Trust (ZT) =====
[[dido:public:ra:xapend:xapend.a_glossary:start| Return to Glossary ]]

==== Definition 1 ====
**Zero Trust (ZT)** also **Zero-Trust**, provides a collection of concepts and ideas designed to minimize
uncertainty in enforcing accurate, least privilege per-request access decisions in
information systems and services in the face of a network viewed as compromised.

Source: [[dido:public:ra:xapend:xapend.b_stds:tech:nist:zta ]]

==== Definition 2 ====
**Zero Trust (ZT)** is a data-centric [[dido:public:ra:xapend:xapend.a_glossary:c:cyber_security]] strategy for enterprise computing that assumes no end-user, 
[[dido:public:ra:xapend:xapend.a_glossary:n:netdev]],
[[dido:public:ra:xapend:xapend.a_glossary:m:mobile]],
[[dido:public:ra:xapend:xapend.a_glossary:p:peripheral_device]], or
[[dido:public:ra:xapend:xapend.a_glossary:s:storagedevice]], 
[[dido:public:ra:xapend:xapend.a_glossary:w:web_service]], or network connection can be trusted -- even when an access request originates from within the organization’s own network perimeter.

The [[dido:public:ra:xapend:xapend.a_glossary:z:zero-trust_model]] has evolved to take into account distributed computing and an ever-expanding attack surface. Unlike a [[dido:public:ra:xapend:xapend.a_glossary:s:sso]] strategy that allows users to log in once and access multiple network services without re-entering authentication factors, **Zero Trust** requires authentication factors to be verified -- and re-verified -- each time a network resource is requested.

Because untrusted threat actors exist both internally and external to a network, **Zero Trust** supports the following principles:

  * Never Trust
  * Always Verify
  * Enforce Least Privilege

An important goal of the Zero Trust Model is to prevent malicious actors from using a compromised account to move laterally across a target network.

Source: [[https://www.techopedia.com/definition/34572/zero-trust-zt]]

/**=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
/* To add a discussion page to this page, comment out the line that says 
  ~~DISCUSSION:off~~
*/
~~DISCUSSION:on|Outstanding Issues~~
~~DISCUSSION:off~~