NIST SP 800-207 introduces the concept of zero trust architecture (ZTA).Zero trustis a cybersecurity model that operates on the principle of “never trust, always verify,” meaning that no entity, whether inside or outside the network, is automatically trusted. NIST SP 800-207 focuses on st...
一、前言 本文介绍的是2019年9月发布的NIST《零信任架构》标准草案(《NIST.SP.800-207-draft-Zero Trust Architecture》)。其公开评论的时间是2019年9月23日至2019年11月22日。本文档的价值,不言而喻。 其目录如下: 摘要 1.介绍 2.零信任网络架构 3.零信任体系架构的逻辑组件 4.部署场景/用例 5.与零信任架构...
草案1:【Zero Trust is the term for an evolving set of network security paradigms that move network defenses from wide network perimeters to narrowly focusing on individual or small groups of resources.A Zero Trust Architecture (ZTA) strategy is one where there is no implicit trust granted to sy...
2020年8月、米国国立標準技術研究所(NIST)が「Special Publication(SP)800-207 ゼロトラスト・アーキテクチャ(以下、本書)」を正式公開しました。今回、PwCコンサルティング合同会社はNISTから翻訳の許可を取得し、日本語訳を公開することになりました(以下よりダウンロードいただけます)。
因此,零信任没有单一的特定基础设施实现或架构,但其与企业的业务工作流程息息相关。零信任需要分析该业务流,以及用于执行该工作流的资源。零信任战略思维可以用于规划和实施企业IT基础设施,通过零信任战略思维规划实施的IT基础设施就是零信任架构(Zero Trust Architecture, ZTA)。
SP 800-207 Zero Trust Architecture (2nd Draft) 零信任架构(第二稿) Draft 2/13/2020 NISTIR 8246 National Vulnerability Database (NVD) Metadata Submission Guidelines for Common Vulnerabilities and Exposures (CVE) Numbering Authorities (CNAs) and Authorized Data Publishers 常见漏洞和披露(CVE)编号颁发机...
NIST.SP.800-209.pdf 800-208 Recommendation for Stateful Hash-Based Signature Schemes 有状态的哈希签名方案建议 最终版 12/11/2019 /nistpubs/SpecialPublications/NIST.SP.800-208-draft.pdf 800-207 Zero Trust Architecture 零信任架构 最终版 2/13/2020 /nistpubs/SpecialPublications/NIST.SP.800-207-...
requirements. This workbook does not address all controls within the framework. It should be considered a supplemental tool to gain visibility of technical controls within cloud, multi-cloud, and hybrid networks. For the full listing of respective controls, see the Microsof...
Learn more about NIST SP 800-207 Implementing the Core Elements of a Zero Trust Architecture NIST Secure Software Development Framework (SSDF) Guidance for Identity Security What Is Zero Trust and Why Is it So Important?其他术语表条目 A Access Certification Access Discovery Access Management ...