Skip to main content

Zero Trust Architecture

i can't trust any of you. all of you are fake. except you. i trust this one person. nobody else.

Zero trust architecture (ZTA) operates on the assumption that no device, whether internal or external, can truly be trusted. On every network request for resources, authentication and authorization is required.

The zero trust model operates on a few fundamental concepts:

  • policy based authentication: user identities are NOT static, and identity verification must be continuous, based on context and requested resources
  • threat scope reduction and least privilege access: access to network resources are based on a 'need to know' basis, and access is limited to those who need said resources to complete their task
  • policy driven authorization: enforce permissions and restrictions using the principle of least privilege for user identity, device posture, and network context

The Control Plane

The control plane is the command center for the zero-trust based network. It manages policies that dictate how users and devices are authorized to access network resources.

The Data Plane

crickets...

Back to top