Toward a Zero Trust Metric

Abstract

Zero trust assumes that all points of trust will be questioned and mitigated, that the individual resources are protected, and that there is no reliance on the network for protection. This helps to limit threat mobility and contain damage. Rules for multifactor authentication and micro-segmentation are often cited as a Zero Trust Architecture (ZTA), but these so-called architectures lack guidelines for the major points of trust in the system. True zero trust is not achievable only minimal trust can be achieved. Certain trust points are inevitable, such as certificate authorities, policy evaluation, and decision points. There are no metrics measuring whether or not zero trust objectives have been met. It is the goal of this paper to move toward a general metric of trust.

Open PDF

Document Details

Document Type
Technical Report
Publication Date
Jan 01, 2022
Accession Number
AD1204910

Entities

People

  • William R. Simpson

Organizations

  • Institute for Defense Analyses

Tags

DTIC Thesaurus Topics

  • Authentication
  • Cloud Computing
  • Computer Access Control
  • Computer Network Security
  • Computer Networks
  • Computer Science
  • Computer Vision
  • Computing System Architectures
  • Contracts
  • Cryptography
  • Department Of Defense
  • Engineering
  • Information Systems
  • Infrastructure
  • Motivation
  • Multi-Factor Authentication
  • Network Architecture
  • Network Protocols
  • Security
  • Software Development
  • Standards

Fields of Study

  • Computer science

Readers

  • Cybersecurity.
  • Systems Analysis and Design