What are Zero Trust Networks? Foundational knowledge

What are Zero Trust Networks? Foundational knowledge

The architecture of a computational network based on Zero Trust principles is not new. However, the concept behind it is far from broadly understood and applied. This is an introduction to the concept and why it is favored in today's complex computing environments to control, monitor and make decisions on access - based on real-time information. It is not meant to be a perfect solution that mitigates any possible attack or weak point, it rather attempts to minimize risk from remote attackers and compromised actors on the network within.

Moving away from castles and gates

The common idea of computer networks defaults to a set of IP addresses behind a perimeter security e.g. a firewall. Similar to a medieval town with a castle at its heart, a messenger from another town might have multiple gates to pass to get his information delivered. With the required authorization, he can proceed past a gate and roam freely to his next destination.

Imagine a shared apartment by three students. They usually do not lock their rooms because they trust each other to not go into each others room. Each one of them has a key to the apartment.

Even though the perimeter security model still stands as the most prevalent model by far, it is increasingly obvious that the way we rely on it is flawed.

Evan Gilman, Doug Bart in Zero Trust Networks, O'Reilly

I'm not going into details about the castle-like perimeter and its flaws. The Zero Trust Network is ditching this approach of security and understands that bad actors, unlike our trustworthy but untrusted messenger, could be everywhere within the castle. Which makes the whole castle figuratively an untrusted zone like the entirety of the internet. The messenger is required to make full authorization at its destination - like everyone else.

Whichever destination a messenger might have, every single place in the town is not to give away to bad actors, since they all must make full authorization of every messenger and their intentions.

Imagine an apartment house in which you have a unit. To get inside your flat you have two keys (or a lock system key). One fits to the front door and every other authorized person of your apartment house can enter through that door. And the other key is specifically for your flat. Someone from a different flat is unable to enter yours with his key - thats where the authorization ends.

[...] A zero trust network is generally attempting to mitigate attacks up to and including attacks originating from a "trusted insideder" level of access. [...]

Evan Gilman, Doug Bart in Zero Trust Networks, O'Reilly

How does the authorization at a Zero Trust Network look?

The authorization itself can be called a network agent. The agent is a temporary entity solely for the sake of authorization. Depending on what the request on the network is, the agent data could include:

  • Agent trust score*

  • User trust score*

  • User role or groups

  • User place or residence

  • User authentication method

  • Device trust score

  • Device manufacturer

  • TPM manufacturer and version

  • Current device location

  • IP address

*) Scores are calculated by services that provide risk evaluation.

How does the authentication at a Zero Trust Network look?

Depending on what kind of actor accesses the network a range of authentication mechanisms can be requested.

  • Single-Sign-On (SSO)

  • Certificate-based encryption (TLS) is the default: remember, there is no inner secure space behind a gate and all environments are possibly compromised

  • Mutual certification-based encryption (mutual Transport Layer Security, mTLS) is when two sides verify each other's identity, instead of, like TLS, only one side verifying itself to the other.

What is the control plane?

The control plane inherits four parts:

  • A policy engine

  • Policy Administration

  • Policy Decision Points

  • Policy Enforcement Points

Final remarks on the Zero-Trust concept

Switching your company network to effectively follow a zero-trust approach is a sum of multiple steps and the introduction of control systems and mechanisms. Maintaining it requires continuous automated integrity evaluation. All systems and the user base have to be part of it.

Did you find this explaination useful or do you have remarks? I'm happy to hear from you!