Zero Trust Validation: from Practice to Theory : An empirical research project to improve Zero Trust implementations

操作化 零(语言学) 计算机科学 资产(计算机安全) 实证研究 零知识证明 实施 计算机安全 知识管理 密码学 数学 软件工程 语言学 统计 认识论 哲学
作者
Yuri Bobbert,Jeroen Scheerder
标识
DOI:10.1109/stc55697.2022.00021
摘要

How can high-level directives concerning risk, cybersecurity and compliance be operationalized in the central nervous system of any organization above a certain complexity? How can the effectiveness of technological solutions for security be proven and measured, and how can this technology be aligned with the governance and financial goals at the board level? These are the essential questions for any CEO, CIO or CISO that is concerned with the wellbeing of the firm. The concept of Zero Trust (ZT) approaches information and cybersecurity from the perspective of the asset to be protected, and from the value that asset represents. Zero Trust has been around for quite some time. Most professionals associate Zero Trust with a particular architectural approach to cybersecurity, involving concepts such as segments, resources that are accessed in a secure manner and the maxim “always verify never trust”. This paper describes the current state of the art in Zero Trust usage. We investigate the limitations of current approaches and how these are addressed in the form of Critical Success Factors in the Zero Trust Framework developed by ON2IT ‘Zero Trust Innovators’ (1). Furthermore, this paper describes the design and engineering of a Zero Trust artefact that addresses the problems at hand (2), according to Design Science Research (DSR). The last part of this paper outlines the setup of an empirical validation trough practitioner oriented research, in order to gain a broader acceptance and implementation of Zero Trust strategies (3). The final result is a proposed framework and associated technology which, via Zero Trust principles, addresses multiple layers of the organization to grasp and align cybersecurity risks and understand the readiness and fitness of the organization and its measures to counter cybersecurity risks.
最长约 10秒,即可获得该文献文件

科研通智能强力驱动
Strongly Powered by AbleSci AI
更新
大幅提高文件上传限制,最高150M (2024-4-1)

科研通是完全免费的文献互助平台,具备全网最快的应助速度,最高的求助完成率。 对每一个文献求助,科研通都将尽心尽力,给求助人一个满意的交代。
实时播报
刘春亚发布了新的文献求助10
刚刚
不会取名字完成签到,获得积分10
刚刚
1秒前
7lanxiong发布了新的文献求助10
2秒前
热心的网民C完成签到,获得积分10
3秒前
眼里有星辰完成签到,获得积分10
3秒前
万能图书馆应助彩色宛筠采纳,获得10
3秒前
3秒前
星辰大海应助星星采纳,获得10
5秒前
米粒完成签到,获得积分10
6秒前
深情的mewmew完成签到,获得积分10
6秒前
6秒前
6秒前
7秒前
8秒前
Emmmm完成签到,获得积分20
8秒前
10秒前
wanci应助岸在海的深处采纳,获得10
10秒前
10秒前
12334发布了新的文献求助10
10秒前
852应助欣慰的茉莉采纳,获得10
10秒前
热心的迎曼完成签到 ,获得积分10
12秒前
7lanxiong完成签到,获得积分10
13秒前
13秒前
14秒前
w1完成签到,获得积分10
14秒前
14秒前
111发布了新的文献求助10
14秒前
14秒前
Hao完成签到,获得积分10
15秒前
可罗雀完成签到,获得积分10
15秒前
小鹿发布了新的文献求助10
15秒前
ppjkq1发布了新的文献求助10
15秒前
15秒前
浅浅发布了新的文献求助10
16秒前
冷酷傲易发布了新的文献求助10
17秒前
17秒前
天真的酒窝应助11111采纳,获得10
17秒前
HAOKEE发布了新的文献求助10
18秒前
18秒前
高分求助中
좌파는 어떻게 좌파가 됐나:한국 급진노동운동의 형성과 궤적 2500
Sustainability in Tides Chemistry 1500
TM 5-855-1(Fundamentals of protective design for conventional weapons) 1000
Cognitive linguistics critical concepts in linguistics 800
Threaded Harmony: A Sustainable Approach to Fashion 799
Livre et militantisme : La Cité éditeur 1958-1967 500
氟盐冷却高温堆非能动余热排出性能及安全分析研究 500
热门求助领域 (近24小时)
化学 医学 生物 材料科学 工程类 有机化学 生物化学 物理 内科学 纳米技术 计算机科学 化学工程 复合材料 基因 遗传学 催化作用 物理化学 免疫学 量子力学 细胞生物学
热门帖子
关注 科研通微信公众号,转发送积分 3051673
求助须知:如何正确求助?哪些是违规求助? 2708949
关于积分的说明 7415188
捐赠科研通 2353340
什么是DOI,文献DOI怎么找? 1245507
科研通“疑难数据库(出版商)”最低求助积分说明 605743
版权声明 595855