Zero Trust Flashcards
Zero trust
Security framework requiring all assets workflows to be authenticated authorized and continuously validated before being granted or keeping access to application
Data plane
Data plane is used for communication (moving data) between software components
Policy administrator
Policy administrator generates session specific authentication and authorization token or credentials used to access an enterprise resource
Policy decision point (PDP)
Policy decision point is a gatekeeper in policy engine and policy administrator
Control plan
Is used by infrastructure components to maintain and configure assets, assets control, communication security. In zero trust requests for access are made through control plane
Policy Enforcement Point (PEP)
Policy enforcement point is responsible for enabling, maintaining and eventually terminating connections between a subject and enterprise resource
Policy Engine
Policy engineer is responsible for ultimate decision to grant access to resource for a given subject
Zero trust architecture
Zero trust Authorization
Control plane = Policy Engine- policies
Policy administrator - decision point
Data plane
Subject => system —> untrusted request—>=> policy enforcement point—>trusted=>enterprise resource
Zero trust planes of operation
1.split network into functional planes
2. Data plane => performing actual security process, process the frames, packets, network data
3.control plane => management and control plane, managing all actions, configured policies, rules
Data plane versus control plane
On physicals switch - we want to break out different planes of operations. Down of the switch we have interfaces to move data from one part network to another and this is our data plane.so all inputting switches are data plane.
Configuration of switch to help data to be trunk and this is control plane.
Adaptive identity
This is where we examining the identity of individual, and applying security controls based on based on what the user is telling on but also based on other informations. Examinations of source of connection, where employee is sitting in the organization etc. Based on that info we can do authentication stronger. Elimination of inputs (people on building and people connected via VPN). Policy driven access control.
Security zones
Looking at where we are connecting from, and where we are going on. Setting zones : untrusted and trusted.
Untrusted zone - access denied, put zones as automatic trust where employee is is into internal traffic zone.
Policy enforcement point
Evaluation point, this is gatekeeper. All traffic must go via PEP. Provides identification of the users and traffic, gathers all info. Do not give access to
policy decision point
This is decision maker, decides to grant or not the access. Evaluated each decision based on policy and other informations. Police engine is evaluating access decision based on policy. Policy administrator communicates with policy engine , generates access token and peels policy enorced point to allow or disallow the access.
