Zero Trust is a security philosophy, not a best practice that all security teams follow. The concept of zero trust was proposed to bring a more secure network to the cloud-native world. Zero trust is a theoretical state where all consumers within a network not only have no authority, but also have no awareness of the surrounding network.
The foundation of zero trust
All users in a zero-trust network, both machines and humans, need to pass a cryptographically verified identity. To practice zero trust, you need to start by introducing user identities, and then consider restricting the user’s minimum access rights. The foundation of zero trust practice is authentication and authorization. Compared with traditional security policies, authentication in zero trust becomes stricter, and authorization becomes more refined. For example, the traditional authorization is: “Can user A access data center D”, but under the framework of zero trust, it will become “at a certain point in time, in a certain area, using a certain Can user A of the device’s device access a specific file in a specific app?”
More and more granular authorization
In Kubernetes, we use RBAC to manage permissions. All users are granted or denied access on a group basis, a single user (service account) can be granted too much access. An important feature of zero trust is the finer granularity that granting access based on roles is not secure enough. We need to refine the user’s access rights to a single resource for a limited time. This aligns with the principle behind microservices – as services and data are broken down into smaller pieces, it is possible to allow us to refine the status services grant access.
Regarding authorization, we often have a misunderstanding that once a user is authenticated and authorized, he becomes a “trusted” user, and the user can access the system at any time. Then, in a zero trust network, there are no trusted users or devices. Every access by a user requires authentication and authorization. Moreover, there will be a time window for authorization, and the user can only perform specified actions within this specified practice window.
How to Implement Zero Trust Networking in Your Enterprise
Because the network is one of the lifeblood of an enterprise system, it affects the whole body. To implement a zero-trust network in an enterprise, it usually requires strategic senior management to accept zero-trust and impose it on the security team through a top-down approach. Then incrementally improve your network, starting with a critical business, making it zero trust.
In a zero-trust network, the default is to deny all access. There is a need in application development to proactively allow certain appropriate requests from the application. Identity is the foundation of Zero Trust, not the network. Zero trust focuses on access points, authentication and authorization, and attack surfaces. For cloud-native applications, because their life cycle is short and dynamic, in order to achieve zero trust, you must configure a rule for each access point to continuously update the application’s certificate and access rules. At this time, manual configuration is almost impossible. Yes, you have to automate.
Keynote at IstioCon 2022
It was mentioned that Istio
is becoming an important part of zero trust. Chief among them is identity-oriented control, not network-oriented control. The core principles in this regard are in the Google white paper “BeyondProd: A New Approach to Cloud-Native Security”
If we can extend the concept of identity to users and provide us with flexible and rich policy mechanisms to specify, monitor and track access control, we can achieve an operational zero trust architecture – unifying users, services and data into a management. The company I work for, Tetrate
Created Tetrate Service Bridge
——The management plane that can be used by large organizations also implements the concept of zero trust.
Zero trust is a security philosophy based on authentication and authorization. However, compared with traditional network security methods, zero trust has the following characteristics:
- All workloads in the system have a cryptographically verified identity
- Zero Trust Networking Denies All Access by Default
- Has more fine-grained access authorization.
To implement zero trust in cloud-native applications, you need:
- top-down implementation
- Entry from key business
- Build automation tools
Here are some information you can refer to:
- mTLS guide for Kubernetes engineers
- Implementing DevSecOps for Microservices-Based Applications with a Service Mesh
- What does Istio’s donation to CNCF mean?
This article is reprinted from https://jimmysong.io/blog/what-is-zero-trust/
This site is for inclusion only, and the copyright belongs to the original author.