DOI: https://doi.org/10.32515/2414-3820.2024.54.117-125
Особливості проектування архітектури довіри нульового рівня
Об авторах
Р.М. Минайленко, доцент, кандидат технічних наук, Центральноукраїнський національний технічний університет, м. Кропивницький, Україна, e-mail: aron70@ukr.net, ORCID ID: 0000-0002-3783-0476
Л.І. Поліщук, старший викладач, Центральноукраїнський національний технічний університет, м. Кропивницький, Україна, ORCID ID: 0000-0001-5093-1581
Анотація
В статті проведено аналіз особливостей архітектури довіри нульового рівня (АДНР), яка є відносно новою концепцією інформаційної безпеки, враховуючою віддалений формат доступу співробітників до інформації, яка є власністю підприємства, де вони працюють. Показано, що традиційні моделі забезпечення інформаційної безпеки, засновані на периметрі безпеки, не дозволяють забезпечити потрібний рівень захисту від можливих загроз.
АДНР є визначеним набором принципів керування для організації заходів, які доцільно використовувати з метою вдосконалення інформаційної безпеки підприємств і підвищення рівня їх захищеності. Основним завданням АДНР є зведення до мінімуму ризиків інформаційної безпеки від впливу зовнішніх вторгнень зловмисників на інформаційні активи підприємства і забезпечення його нормального функціонування.
Ключові слова
архітектура, нульовий рівень довіри, безпека, комп’ютер
Повний текст:
PDF
References
1. Sosnin, O. (2020). Digitization as a new reality of Ukraine . https://lexinform.com.ua/dumka-eksperta/tsyfrovizatsiya-yak-nova-realnist-ukrayiny/ [In Ukrainian] (Accessed: 15 March 2024). [In Ukrainian]
2. Fleck, A. (2024, February 22). Cybercrime Expected To Skyrocket in Coming Years. https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027 [in English].
3. Ashwini Kumari, M. & Nandini Prasad, K. S. (2021). A Behavioral Study of Advanced Security Attacks in Enterprise Networks. 2021 IEEE International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS), Bangalore, India, pp. 1–5. [in English]. DOI: 10.1109/CSITSS54238.2021.9682903
4. Anjum, I., Kostecki, D., Leba, E., Sokal, J., Bharambe, R., Enck, W., Nita-Rotaru, C., & Reaves, B. (2022). Removing the Reliance on Perimeters for Security using Network Views. Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies. pp. 151–162, [in English]. https://doi.org/10.1145/3532105.3535029
5. Sheikh, N., Pawar, M., & Lawrence, V. (2021). Zero trust using Network Micro Segmentation. IEEE INFOCOM 2021 – IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 1–6. [in English]. https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484645
6. Wu, Y. G., Yan, W. H. & Wang, J. Z. (2021). Real identity based access control technology under zero trust architecture, 2021 International Conference on Wireless Communications and Smart Grid (ICWCSG), Hangzhou, China, 2021, pp. 18–22, [in English]. doi: 10.1109/ICWCSG53609.2021.00011
7. Nair Anita (2021). The Why and How of adopting Zero Trust Model in Organizations. TechRxiv. Preprint. pp. 1–6, https://doi.org/10.36227/techrxiv.14184671.v1
8. Hines, C. D. & Chowdhury, M. M. (2022). Uncover Security Weakness Before the Attacker Through Penetration Testing. 2022 IEEE International Conference on Electro Information Technology (eIT), Mankato, MN, USA, 2022, pp. 492–497 [in English]. doi: 10.1109/eIT53891.2022.9813950 164
9. Abhishek Arote, & Umakant Mandawkar. (2021). Android Hacking in Kali Linux Using Metasploit Framework, International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Vol.7, Issue 3, pp. 497–504, May–June-2021. [in English]. doi: https://doi.org/10.32628/CSEIT2173111
10. What are the main challenges and benefits of implementing a zero trust network architecture? (2023, October 6). https://www.linkedin.com/advice/1/what-main-challenges-benefits-implementing-4e [in English].
11. Tyshyk, I. (2023). Vybir tekhnolohii viddalenoho dostupu dlia efektyvnoi orhanizatsii zakhystu merezhevykh ziednan. Elektronne fakhove naukove vydannia “Kiberbezpeka: osvita, nauka, tekhnika”, 3(19), pp. 34–45. [in English]. DOI: 10.28925/2663-4023.2023.19.3445
12. Yuanhang, He, Daochao, Huang, Le,i Chen, Yi, Ni, & Xiangjie, Ma. (2022). A Survey on Zero Trust Architecture: Challenges and Future Trends, Wireless Communications and Mobile Computing, vol. 2022, Article ID 6476274, 13 pages, [in English]. https://doi.org/10.1155/2022/6476274
13. Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture. NIST Special Publication 800–207. National Institute of Standards and Technology. pp. 1–50. [in English]. DOI: 10.6028/NIST.SP.800-207
14. Koeppen, D., MacDonald, N. & Watts, J. (2022, October 3). 7 Effective Steps for Implementing Zero Trust Network Access. https://emt.gartnerweb.com/ngw/eventassets/ en/conferences/hub/identity-accessmanagement/documents/gartner-iam-implementing-zero-trust-network-access.pdf [in English].
15. Deloitte Cybersecurity Threat Trends Report (2023). (n.d.). Retrieved from https://www2.deloitte.com/us/ en/pages/risk/articles/cybersecurity-threat-trends-report-2023.html [in English].
16. M-Trends (2023). Cybersecurity Insights From the Frontlines, Mandiant. Report. Retrieved from: https://www.mandiant.com/resources/blog/m-trends-2023 [in English].
17. The 2024 SonicWall Cyber Threat Report, SonicWall, (2024). https://www.sonicwall.com/medialibrary/en/white-paper/2024-cyber-threat-report.pdf [in English].
Пристатейна бібліографія
1. Sosnin O. (2020). Digitization as a new reality of Ukraine. URL: https://lexinform.com.ua/dumka-eksperta/tsyfrovizatsiya-yak-nova-realnist-ukrayiny/ (Accessed: 15 March 2024).
2. Fleck A. (2024, February 22). Cybercrime Expected To Skyrocket in Coming Years. Retrieved from https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027 (Accessed: 26 February 2024).
3. Ashwini Kumari M. and Nandini Prasad K. S. A Behavioral Study of Advanced Security Attacks in Enterprise Networks, 2021 IEEE International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS), Bangalore, India, 2021, pp. 1–5. DOI: 10.1109/CSITSS54238.2021.9682903
4. Anjum I., Kostecki D., Leba E., Sokal J., Bharambe R., Enck W., Nita-Rotaru C., & Reaves B. (2022). Removing the Reliance on Perimeters for Security using Network Views. Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies. pp. 151–162, https://doi.org/10.1145/3532105.3535029
5. Sheikh N., Pawar M., & Lawrence V. (2021). Zero trust using Network Micro Segmentation. IEEE INFOCOM 2021 – IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 1–6. https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484645
6. Wu Y. G., Yan W. H. and Wang J. Z. Real identity based access control technology under zero trust architecture, 2021 International Conference on Wireless Communications and Smart Grid (ICWCSG), Hangzhou, China, 2021, pp. 18–22, doi: 10.1109/ICWCSG53609.2021.00011
7. Nair Anita (2021). The Why and How of adopting Zero Trust Model in Organizations. TechRxiv. Preprint. pp. 1–6, https://doi.org/10.36227/techrxiv.14184671.v1
8. Hines C. D. and Chowdhury M. M. Uncover Security Weakness Before the Attacker Through Penetration Testing, 2022 IEEE International Conference on Electro Information Technology (eIT), Mankato, MN, USA, 2022, pp. 492–497, doi: 10.1109/eIT53891.2022.9813950 164
9. Abhishek Arote, Umakant Mandawkar. Android Hacking in Kali Linux Using Metasploit Framework, International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 7, Issue 3, pp. 497–504, May–June-2021. Available at doi: https://doi.org/10.32628/CSEIT2173111
10. What are the main challenges and benefits of implementing a zero trust network architecture? (2023, October 6). Retrieved from https://www.linkedin.com/advice/1/what-main-challenges-benefits-implementing-4e (Accessed: 26 February 2024).
11. Tyshyk I. (2023). Vybir tekhnolohii viddalenoho dostupu dlia efektyvnoi orhanizatsii zakhystu merezhevykh ziednan. Elektronne fakhove naukove vydannia “Kiberbezpeka: osvita, nauka, tekhnika”, 3(19), pp. 34–45. DOI: 10.28925/2663-4023.2023.19.3445
12. Yuanhang He, Daochao Huang, Lei Chen, Yi Ni, Xiangjie Ma. A Survey on Zero Trust Architecture: Challenges and Future Trends, Wireless Communications and Mobile Computing, vol. 2022, Article ID 6476274, 13 pages, 2022. https://doi.org/10.1155/2022/6476274
13. Rose S., Borchert O., Mitchell S., & Connelly S. (2020). Zero Trust Architecture. NIST Special Publication 800–207. National Institute of Standards and Technology. pp. 1–50, DOI: 10.6028/NIST.SP.800-207
14. Koeppen D., MacDonald N., Watts J. (2022, October 3). 7 Effective Steps for Implementing Zero Trust Network Access. URL: https://emt.gartnerweb.com/ngw/eventassets/ en/conferences/hub/identity-accessmanagement/documents/gartner-iam-implementing-zero-trust-network-access.pdf (Accessed: 26 February 2024).
15. Deloitte Cybersecurity Threat Trends Report 2023. (n.d.). URL: https://www2.deloitte.com/us/ en/pages/risk/articles/cybersecurity-threat-trends-report-2023.html (Accessed: 26 February 2024).
16. M-Trends 2023: Cybersecurity Insights From the Frontlines, Mandiant. Report. URL: https://www.mandiant.com/resources/blog/m-trends-2023 (Accessed: 26 February 2024).
17. The 2024 SonicWall Cyber Threat Report, SonicWall, 2024, URL: https://www.sonicwall.com/medialibrary/en/white-paper/2024-cyber-threat-report.pdf (Accessed: 26 February 2024).
Copyright (c) 2024 Р.М. Минайленко, Л.І. Поліщук
Особливості проектування архітектури довіри нульового рівня
Об авторах
Р.М. Минайленко, доцент, кандидат технічних наук, Центральноукраїнський національний технічний університет, м. Кропивницький, Україна, e-mail: aron70@ukr.net, ORCID ID: 0000-0002-3783-0476
Л.І. Поліщук, старший викладач, Центральноукраїнський національний технічний університет, м. Кропивницький, Україна, ORCID ID: 0000-0001-5093-1581
Анотація
Ключові слова
Повний текст:
PDFReferences
1. Sosnin, O. (2020). Digitization as a new reality of Ukraine . https://lexinform.com.ua/dumka-eksperta/tsyfrovizatsiya-yak-nova-realnist-ukrayiny/ [In Ukrainian] (Accessed: 15 March 2024). [In Ukrainian]
2. Fleck, A. (2024, February 22). Cybercrime Expected To Skyrocket in Coming Years. https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027 [in English].
3. Ashwini Kumari, M. & Nandini Prasad, K. S. (2021). A Behavioral Study of Advanced Security Attacks in Enterprise Networks. 2021 IEEE International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS), Bangalore, India, pp. 1–5. [in English]. DOI: 10.1109/CSITSS54238.2021.9682903
4. Anjum, I., Kostecki, D., Leba, E., Sokal, J., Bharambe, R., Enck, W., Nita-Rotaru, C., & Reaves, B. (2022). Removing the Reliance on Perimeters for Security using Network Views. Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies. pp. 151–162, [in English]. https://doi.org/10.1145/3532105.3535029
5. Sheikh, N., Pawar, M., & Lawrence, V. (2021). Zero trust using Network Micro Segmentation. IEEE INFOCOM 2021 – IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 1–6. [in English]. https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484645
6. Wu, Y. G., Yan, W. H. & Wang, J. Z. (2021). Real identity based access control technology under zero trust architecture, 2021 International Conference on Wireless Communications and Smart Grid (ICWCSG), Hangzhou, China, 2021, pp. 18–22, [in English]. doi: 10.1109/ICWCSG53609.2021.00011
7. Nair Anita (2021). The Why and How of adopting Zero Trust Model in Organizations. TechRxiv. Preprint. pp. 1–6, https://doi.org/10.36227/techrxiv.14184671.v1
8. Hines, C. D. & Chowdhury, M. M. (2022). Uncover Security Weakness Before the Attacker Through Penetration Testing. 2022 IEEE International Conference on Electro Information Technology (eIT), Mankato, MN, USA, 2022, pp. 492–497 [in English]. doi: 10.1109/eIT53891.2022.9813950 164
9. Abhishek Arote, & Umakant Mandawkar. (2021). Android Hacking in Kali Linux Using Metasploit Framework, International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Vol.7, Issue 3, pp. 497–504, May–June-2021. [in English]. doi: https://doi.org/10.32628/CSEIT2173111
10. What are the main challenges and benefits of implementing a zero trust network architecture? (2023, October 6). https://www.linkedin.com/advice/1/what-main-challenges-benefits-implementing-4e [in English].
11. Tyshyk, I. (2023). Vybir tekhnolohii viddalenoho dostupu dlia efektyvnoi orhanizatsii zakhystu merezhevykh ziednan. Elektronne fakhove naukove vydannia “Kiberbezpeka: osvita, nauka, tekhnika”, 3(19), pp. 34–45. [in English]. DOI: 10.28925/2663-4023.2023.19.3445
12. Yuanhang, He, Daochao, Huang, Le,i Chen, Yi, Ni, & Xiangjie, Ma. (2022). A Survey on Zero Trust Architecture: Challenges and Future Trends, Wireless Communications and Mobile Computing, vol. 2022, Article ID 6476274, 13 pages, [in English]. https://doi.org/10.1155/2022/6476274
13. Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture. NIST Special Publication 800–207. National Institute of Standards and Technology. pp. 1–50. [in English]. DOI: 10.6028/NIST.SP.800-207
14. Koeppen, D., MacDonald, N. & Watts, J. (2022, October 3). 7 Effective Steps for Implementing Zero Trust Network Access. https://emt.gartnerweb.com/ngw/eventassets/ en/conferences/hub/identity-accessmanagement/documents/gartner-iam-implementing-zero-trust-network-access.pdf [in English].
15. Deloitte Cybersecurity Threat Trends Report (2023). (n.d.). Retrieved from https://www2.deloitte.com/us/ en/pages/risk/articles/cybersecurity-threat-trends-report-2023.html [in English].
16. M-Trends (2023). Cybersecurity Insights From the Frontlines, Mandiant. Report. Retrieved from: https://www.mandiant.com/resources/blog/m-trends-2023 [in English].
17. The 2024 SonicWall Cyber Threat Report, SonicWall, (2024). https://www.sonicwall.com/medialibrary/en/white-paper/2024-cyber-threat-report.pdf [in English].
Пристатейна бібліографія
1. Sosnin O. (2020). Digitization as a new reality of Ukraine. URL: https://lexinform.com.ua/dumka-eksperta/tsyfrovizatsiya-yak-nova-realnist-ukrayiny/ (Accessed: 15 March 2024).
2. Fleck A. (2024, February 22). Cybercrime Expected To Skyrocket in Coming Years. Retrieved from https://www.statista.com/chart/28878/expected-cost-of-cybercrime-until-2027 (Accessed: 26 February 2024).
3. Ashwini Kumari M. and Nandini Prasad K. S. A Behavioral Study of Advanced Security Attacks in Enterprise Networks, 2021 IEEE International Conference on Computation System and Information Technology for Sustainable Solutions (CSITSS), Bangalore, India, 2021, pp. 1–5. DOI: 10.1109/CSITSS54238.2021.9682903
4. Anjum I., Kostecki D., Leba E., Sokal J., Bharambe R., Enck W., Nita-Rotaru C., & Reaves B. (2022). Removing the Reliance on Perimeters for Security using Network Views. Proceedings of the 27th ACM on Symposium on Access Control Models and Technologies. pp. 151–162, https://doi.org/10.1145/3532105.3535029
5. Sheikh N., Pawar M., & Lawrence V. (2021). Zero trust using Network Micro Segmentation. IEEE INFOCOM 2021 – IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), pp. 1–6. https://doi.org/10.1109/INFOCOMWKSHPS51825.2021.9484645
6. Wu Y. G., Yan W. H. and Wang J. Z. Real identity based access control technology under zero trust architecture, 2021 International Conference on Wireless Communications and Smart Grid (ICWCSG), Hangzhou, China, 2021, pp. 18–22, doi: 10.1109/ICWCSG53609.2021.00011
7. Nair Anita (2021). The Why and How of adopting Zero Trust Model in Organizations. TechRxiv. Preprint. pp. 1–6, https://doi.org/10.36227/techrxiv.14184671.v1
8. Hines C. D. and Chowdhury M. M. Uncover Security Weakness Before the Attacker Through Penetration Testing, 2022 IEEE International Conference on Electro Information Technology (eIT), Mankato, MN, USA, 2022, pp. 492–497, doi: 10.1109/eIT53891.2022.9813950 164
9. Abhishek Arote, Umakant Mandawkar. Android Hacking in Kali Linux Using Metasploit Framework, International Journal of Scientific Research in Computer Science, Engineering and Information Technology (IJSRCSEIT), ISSN : 2456-3307, Volume 7, Issue 3, pp. 497–504, May–June-2021. Available at doi: https://doi.org/10.32628/CSEIT2173111
10. What are the main challenges and benefits of implementing a zero trust network architecture? (2023, October 6). Retrieved from https://www.linkedin.com/advice/1/what-main-challenges-benefits-implementing-4e (Accessed: 26 February 2024).
11. Tyshyk I. (2023). Vybir tekhnolohii viddalenoho dostupu dlia efektyvnoi orhanizatsii zakhystu merezhevykh ziednan. Elektronne fakhove naukove vydannia “Kiberbezpeka: osvita, nauka, tekhnika”, 3(19), pp. 34–45. DOI: 10.28925/2663-4023.2023.19.3445
12. Yuanhang He, Daochao Huang, Lei Chen, Yi Ni, Xiangjie Ma. A Survey on Zero Trust Architecture: Challenges and Future Trends, Wireless Communications and Mobile Computing, vol. 2022, Article ID 6476274, 13 pages, 2022. https://doi.org/10.1155/2022/6476274
13. Rose S., Borchert O., Mitchell S., & Connelly S. (2020). Zero Trust Architecture. NIST Special Publication 800–207. National Institute of Standards and Technology. pp. 1–50, DOI: 10.6028/NIST.SP.800-207
14. Koeppen D., MacDonald N., Watts J. (2022, October 3). 7 Effective Steps for Implementing Zero Trust Network Access. URL: https://emt.gartnerweb.com/ngw/eventassets/ en/conferences/hub/identity-accessmanagement/documents/gartner-iam-implementing-zero-trust-network-access.pdf (Accessed: 26 February 2024).
15. Deloitte Cybersecurity Threat Trends Report 2023. (n.d.). URL: https://www2.deloitte.com/us/ en/pages/risk/articles/cybersecurity-threat-trends-report-2023.html (Accessed: 26 February 2024).
16. M-Trends 2023: Cybersecurity Insights From the Frontlines, Mandiant. Report. URL: https://www.mandiant.com/resources/blog/m-trends-2023 (Accessed: 26 February 2024).
17. The 2024 SonicWall Cyber Threat Report, SonicWall, 2024, URL: https://www.sonicwall.com/medialibrary/en/white-paper/2024-cyber-threat-report.pdf (Accessed: 26 February 2024).