| Presentation | 2021-01-21 Prototyping Zero Trust Network for Enterprise Network with Considering the Security Policy Masataka Kawai, Yuzo Taenaka, Yuki Kadobayashi, |
|---|---|
| PDF Download Page |  PDF download Page Link |
| Abstract(in Japanese) | (See Japanese page) |
| Abstract(in English) | The Zero Trust Network (ZTN) is a security model designed to deal with threats such as information theft by spies and cross-network compromise by attackers, which cannot deal with by conventional perimeter security model and access control based on authentication. However, while ZTN has attracted much attention, only the concept has been well known, and there are few examples. In particular, the utilization of “Dynamic Policy”, one of the key components, has been insufficient. The Dynamic Policy is a rule for dynamic access control depending on the Trust Score. The score is calculated by the Trust Algorithm based on various information about the access source information, and the algorithm is designed considering the trust of the user, the device, and the network. Therefore, in order to deal with threats that abuse legitimate access privileges such as spies, it is essential to utilize the Dynamic Policy that dynamically control privileges. In this paper, we prototype ZTN considered the Dynamic Policy and an example of applying security policies to different use cases of an enterprise system. In addition, we discuss the scope of application of ZTN in the system from the implementation point of view. |
| Keyword(in Japanese) | (See Japanese page) |
| Keyword(in English) | Zero Trust Network / Identity Aware Proxy / Dynamic Access Control / Security |
| Paper # | NS2020-111 |
| Date of Issue | 2021-01-14 (NS) |
| Conference Information | |
| Committee | NS |
|---|---|
| Conference Date | 2021/1/21(2days) |
| Place (in Japanese) | (See Japanese page) |
| Place (in English) | Online |
| Topics (in Japanese) | (See Japanese page) |
| Topics (in English) | Network software (Software architecture, Middleware), Network application, SOA/SDP, NGN/IMS/API, Distributed control/Dynamic routing, Grid, NFV, IoT, Network/System reliability, Network/System evaluation, etc. |
| Chair | Akihiro Nakao(Univ. of Tokyo) |
| Vice Chair | Tetsuya Oishi(NTT) |
| Secretary | Tetsuya Oishi(NTT) |
| Assistant | Shinya Kawano(NTT) |
| Paper Information | |
| Registration To | Technical Committee on Network Systems |
|---|---|
| Language | JPN |
| Title (in Japanese) | (See Japanese page) |
| Sub Title (in Japanese) | (See Japanese page) |
| Title (in English) | Prototyping Zero Trust Network for Enterprise Network with Considering the Security Policy |
| Sub Title (in English) | |
| Keyword(1) | Zero Trust Network |
| Keyword(2) | Identity Aware Proxy |
| Keyword(3) | Dynamic Access Control |
| Keyword(4) | Security |
| 1st Author's Name | Masataka Kawai |
| 1st Author's Affiliation | Nara Institute of Science and Technology(NAIST) |
| 2nd Author's Name | Yuzo Taenaka |
| 2nd Author's Affiliation | Nara Institute of Science and Technology(NAIST) |
| 3rd Author's Name | Yuki Kadobayashi |
| 3rd Author's Affiliation | Nara Institute of Science and Technology(NAIST) |
| Date | 2021-01-21 |
| Paper # | NS2020-111 |
| Volume (vol) | vol.120 |
| Number (no) | NS-327 |
| Page | pp.pp.9-15(NS), |
| #Pages | 7 |
| Date of Issue | 2021-01-14 (NS) |