一、前言 本文介绍的是2019年9月发布的NIST《零信任架构》标准草案(《NIST.SP.800-207-draft-Zero Trust Architecture》)。其公开评论的时间是2019年9月23日至2019年11月22日。本文档的价值,不言而喻。 其目录如下: 摘要 1.介绍 2.零信任网络架构 3.零信任体系架构的逻辑组件 4.部署场景/用例 5.与零信任架构...
NIST SP 800-207 introduces the concept of zero trust architecture (ZTA).Zero trustis a cybersecurity model that operates on the principle of “never trust, always verify,” meaning that no entity, whether inside or outside the network, is automatically trusted. NIST SP 800-207 focuses on st...
The National Institute of Standards and Technology recently released a draft special publication for Zero Trust Architecture (ZTA), with the aim of establishing a standard classification criterion for ZTA components. (Note, as of February 2020, NIST has released draft 2 of the Zero Trust Architectur...
草案1:【Zero Trust is the term for an evolving set of network security paradigms that move network defenses from wide network perimeters to narrowly focusing on individual or small groups of resources.A Zero Trust Architecture (ZTA) strategy is one where there is no implicit trust granted to sy...
因此,零信任没有单一的特定基础设施实现或架构,但其与企业的业务工作流程息息相关。零信任需要分析该业务流,以及用于执行该工作流的资源。零信任战略思维可以用于规划和实施企业IT基础设施,通过零信任战略思维规划实施的IT基础设施就是零信任架构(Zero Trust Architecture, ZTA)。
2020年8月、米国国立標準技術研究所(NIST)が「Special Publication(SP)800-207 ゼロトラスト・アーキテクチャ(以下、本書)」を正式公開しました。今回、PwCコンサルティング合同会社はNISTから翻訳の許可を取得し、日本語訳を公開することになりました(以下よりダウンロードいただけます)。
Zero trust is the concept that you can “trust no one” in your network infrastructure, even those working internally for an organization; a departure from the concept of using firewalls to keep external threats out but trusting those within the system. ...
Security Framework Security Operations (SecOps) Single Sign-On (SSO) Social Engineering SOC 2 SWIFT Compliance Synthetic Identity T Temporary Elevated Access Management Third-Party Access U User Behavior Analytics V Virtual Directory Z Zero Standing Privileges Zero Trust 零信任 保持...
Embracing the NIST Cybersecurity Framework for Enterprise Many organizations are adopting the National Institute of Standards and Technology (NIST) Cybersecurity Framework (CSF) to outline their current state of cybersecurity and strengthen their security posture. The framework provides cybersecurity ...
NIST CSF 2.0 is a new version of the original National Institute of Standards and Technology Cybersecurity Framework, help to manage and mitigate cybersecurity risks.