Zero Trust Network Architecture

Date

2023-07-04

Authors

Srinivasan, Priyadharsini

Journal Title

Journal ISSN

Volume Title

Publisher

Abstract

In light of the rapid advancement of digital technology and the increasing popularity of cloud- based services, it has become necessary to revisit traditional approaches to cybersecurity. Businesses are facing ever-more sophisticated cyberthreats, both from within and outside their networks, which have exposed the limitations of perimeter-based security solutions. The zero-trust architecture (ZTA) has emerged as a promising model for cybersecurity, fo- cusing on resource security instead of network perimeter protection. This project provides a comprehensive overview of ZTA, including its fundamental principles and the Zero Trust Network Access (ZTNA) architecture. The project focuses on an in-depth analysis of Cisco Duo’s Multi-Factor Authentica- tion (MFA) system using Wireshark to capture network traffic on a local PC. This analysis provides a comprehensive understanding of the user identity verification process using mul- tiple authentication factors. Additionally, the project discusses the driving forces behind the adoption of ZTA, as well as the challenges and opportunities that it presents. The project explores real-world ZTA implementations, including Google’s BeyondCorp and Microsoft’s Zero Trust Network Architecture. The application of ZTA in various fields, including big data, cloud computing, and the Internet of Things (IoT), is also investigated. The project concludes by discussing potential future research directions in ZTA, empha- sizing the need for more complex trust algorithms, continuous verification and authentication techniques, and standardized frameworks for applying ZTA in various sectors and use cases. Overall, this project provides a comprehensive and detailed examination of the zero-trust architecture, its applications, and its potential for improving cybersecurity in an increasingly digitized world.

Description

Keywords

Zero-trust architecture, Cybersecurity, Perimeter-based security, Multi-factor authentication (MFA), Trust verification, Authentication, Continuous verification

Citation