View in EDS

Security System Design and Verification for Zero Trust Architecture.

Saved in:
Bibliographic Details
Title: Security System Design and Verification for Zero Trust Architecture.
Authors: Lee, Sangdo, Huh, Jun-Ho, Woo, Hanchul
Source: Electronics (2079-9292); Feb2025, Vol. 14 Issue 4, p643, 21p
Subject Terms: DIGITAL rights management, SECURE Sockets Layer (Computer network protocol), ACCESS control, INTERNET security, COMPUTER network security
Abstract: With ongoing cyber threats stemming from persistent hacking attempts, relentless efforts are being made to prevent such threats at their source. Recently, the concept of "zero trust", introduced by the United States National Institute of Standards and Technology (NIST), has emerged as a promising approach in this regard. Zero Trust (ZT) is not a standalone security solution but rather a framework of concepts aimed at achieving a higher level of security. It provides a paradigm that outlines the fundamental philosophy, core principles, and operational guidelines for enhanced security. While the guiding principle of "Never Trust, Always Verify" has gained widespread acceptance, many corporate security managers remain uncertain about how to implement ZT effectively. To address this challenge, this paper presents a security network designed to align with the corporate sector's concept of security architecture based on the principles of ZT. Furthermore, it proposes and verifies a method to strengthen security using Secure Sockets Layer (SSL) and Digital Rights Management (DRM). These technologies were selected because, among the various principles of Zero Trust architecture (ZTA), they effectively support centralized policy management and access control. This paper is expected to be effective in preventing related risks and contribute to building a more effective information security system that helps organizations combat increasingly sophisticated cyber threats. [ABSTRACT FROM AUTHOR]
Copyright of Electronics (2079-9292) is the property of MDPI and its content may not be copied or emailed to multiple sites without the copyright holder's express written permission. Additionally, content may not be used with any artificial intelligence tools or machine learning technologies. However, users may print, download, or email articles for individual use. This abstract may be abridged. No warranty is given about the accuracy of the copy. Users should refer to the original published version of the material for the full abstract. (Copyright applies to all Abstracts.)
Database: Complementary Index
Description
Abstract:With ongoing cyber threats stemming from persistent hacking attempts, relentless efforts are being made to prevent such threats at their source. Recently, the concept of "zero trust", introduced by the United States National Institute of Standards and Technology (NIST), has emerged as a promising approach in this regard. Zero Trust (ZT) is not a standalone security solution but rather a framework of concepts aimed at achieving a higher level of security. It provides a paradigm that outlines the fundamental philosophy, core principles, and operational guidelines for enhanced security. While the guiding principle of "Never Trust, Always Verify" has gained widespread acceptance, many corporate security managers remain uncertain about how to implement ZT effectively. To address this challenge, this paper presents a security network designed to align with the corporate sector's concept of security architecture based on the principles of ZT. Furthermore, it proposes and verifies a method to strengthen security using Secure Sockets Layer (SSL) and Digital Rights Management (DRM). These technologies were selected because, among the various principles of Zero Trust architecture (ZTA), they effectively support centralized policy management and access control. This paper is expected to be effective in preventing related risks and contribute to building a more effective information security system that helps organizations combat increasingly sophisticated cyber threats. [ABSTRACT FROM AUTHOR]
ISSN:20799292
DOI:10.3390/electronics14040643