NIST Special Publication 800-207 Zero Trust Architecture
Scott publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
COMPUTER SECURITY
Copyright By PowCoder代写 加微信 powcoder
NIST Special Publication 800-207 Zero Trust Architecture
Scott Network Technologies Division Information Technology Laboratory
Stu2Labs Stafford, VA
Sean & Infrastructure Security Agency Department of Homeland Security
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
August 2020
U.S. Department of Commerce
Wilbur L. Ross, Jr., Secretary
National Institute of Standards and Technology
Walter Copan, NIST Director and Under Secretary of Commerce for Standards and Technology
This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercising policy authority over such systems. This guideline is consistent with the requirements of the Office of Management and Budget (OMB) Circular A-130.
Nothing in this publication should be taken to contradict the standards and guidelines made mandatory and binding on federal agencies by the Secretary of Commerce under statutory authority. Nor should these guidelines be interpreted as altering or superseding the existing authorities of the Secretary of Commerce, Director of the OMB, or any other federal official. This publication may be used by nongovernmental organizations on a voluntary basis and is not subject to copyright in the United States. Attribution would, however, be appreciated by NIST.
National Institute of Standards and Technology Special Publication 800-207 Natl. Inst. Stand. Technol. Spec. Publ. 800-207, 59 pages (August 2020) CODEN: NSPUE2
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
Certain commercial entities, equipment, or materials may be identified in this document in order to describe an experimental procedure or concept adequately. Such identification is not intended to imply recommendation or endorsement by NIST, nor is it intended to imply that the entities, materials, or equipment are necessarily the best available for the purpose.
There may be references in this publication to other publications currently under development by NIST in accordance with its assigned statutory responsibilities. The information in this publication, including concepts and methodologies, may be used by federal agencies even before the completion of such companion publications. Thus, until each publication is completed, current requirements, guidelines, and procedures, where they exist, remain operative. For planning and transition purposes, federal agencies may wish to closely follow the development of these new publications by NIST.
Organizations are encouraged to review all draft publications during public comment periods and provide feedback to NIST. Many NIST cybersecurity publications, other than the ones noted above, are available at https://csrc.nist.gov/publications.
Comments on this publication may be submitted to:
National Institute of Standards and Technology
Attn: Advanced Network Technologies Division, Information Technology Laboratory 100 Bureau Drive (Mail Stop 8920) Gaithersburg, MD 20899-8920
All comments are subject to release under the Freedom of Information Act (FOIA).
NIST SP 800-207 ZERO TRUST ARCHITECTURE
Reports on Computer Systems Technology
The Information Technology Laboratory (ITL) at the National Institute of Standards and Technology (NIST) promotes the U.S. economy and public welfare by providing technical leadership for the Nation’s measurement and standards infrastructure. ITL develops tests, test methods, reference data, proof of concept implementations, and technical analyses to advance the development and productive use of information technology. ITL’s responsibilities include the development of management, administrative, technical, and physical standards and guidelines for the cost-effective security and privacy of other than national security-related information in federal information systems. The Special Publication 800-series reports on ITL’s research, guidelines, and outreach efforts in information system security, and its collaborative activities with industry, government, and academic organizations.
Zero trust (ZT) is the term for an evolving set of cybersecurity paradigms that move defenses from static, network-based perimeters to focus on users, assets, and resources. A zero trust architecture (ZTA) uses zero trust principles to plan industrial and enterprise infrastructure and workflows. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location (i.e., local area networks versus the internet) or based on asset ownership (enterprise or personally owned). Authentication and authorization (both subject and device) are discrete functions performed before a session to an enterprise resource is established. Zero trust is a response to enterprise network trends that include remote users, bring your own device (BYOD), and cloud-based assets that are not located within an enterprise- owned network boundary. Zero trust focuses on protecting resources (assets, services, workflows, network accounts, etc.), not network segments, as the network location is no longer seen as the prime component to the security posture of the resource. This document contains an abstract definition of zero trust architecture (ZTA) and gives general deployment models and use cases where zero trust could improve an enterprise’s overall information technology security posture.
architecture; cybersecurity; enterprise; network security; zero trust.
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
NIST SP 800-207
ZERO TRUST ARCHITECTURE
Acknowledgments
This document is the product of a collaboration between multiple federal agencies and is overseen by the Federal CIO Council. The architecture subgroup is responsible for development of this document, but there are specific individuals who deserve recognition. These include , project manager of the Federal CIO Council ZTA project; , project manager for the NIST/National Cybersecurity Center of Excellence ZTA effort; and .
This document is intended to describe zero trust for enterprise security architects. It is meant to aid understanding of zero trust for civilian unclassified systems and provide a road map to migrate and deploy zero trust security concepts to an enterprise environment. Agency cybersecurity managers, network administrators, and managers may also gain insight into zero trust and ZTA from this document. It is not intended to be a single deployment plan for ZTA as an enterprise will have unique business use cases and data assets that require safeguards. Starting with a solid understanding of the organization’s business and data will result in a strong approach to zero trust.
Trademark Information
All registered trademarks or trademarks belong to their respective organizations.
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
NIST SP 800-207
ZERO TRUST ARCHITECTURE
Patent Disclosure Notice
NOTICE: The Information Technology Laboratory (ITL) has requested that holders of patent claims whose use may be required for compliance with the guidance or requirements of this publication disclose such patent claims to ITL. However, holders of patents are not obligated to respond to ITL calls for patents and ITL has not undertaken a patent search in order to identify which, if any, patents may apply to this publication.
Following the ITL call for the identification of patent claims whose use may be required for compliance with the guidance or requirements of this publication, notice of one or more such claims has been received.
By publication, no position is taken by ITL with respect to the validity or scope of any patent claim or of any rights in connection therewith. The known patent holder(s) has (have), however, provided to NIST a letter of assurance stating either (1) a general disclaimer to the effect that it does (they do) not hold and does (do) not currently intend holding any essential patent claim(s), or (2) that it (they) will negotiate royalty-free or royalty-bearing licenses with other parties on a demonstrably nondiscriminatory basis with reasonable terms and conditions.
Details may be obtained from
No representation is made or implied that this is the only license that may be required to avoid
patent infringement in the use of this publication.
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
NIST SP 800-207
ZERO TRUST ARCHITECTURE
Table of Contents
1 Introduction ……………………………………………………………………………………………… 1
1.1 History of Zero Trust Efforts Related to Federal Agencies………………………… 2
1.2 Structure of This Document …………………………………………………………………. 2
2 Zero Trust Basics……………………………………………………………………………………… 4
2.1 Tenets of Zero Trust …………………………………………………………………………… 6
2.2 A Zero Trust View of a Network ……………………………………………………………. 8
3 Logical Components of Zero Trust Architecture…………………………………………. 9
3.1 Variations of Zero Trust Architecture Approaches …………………………………. 11
3.1.1 ZTA Using Enhanced Identity Governance …………………………………. 11
3.1.2 ZTA Using Micro-Segmentation ………………………………………………… 12
3.1.3 ZTA Using Network Infrastructure and Software Defined Perimeters. 12
3.2 Deployed Variations of the Abstract Architecture…………………………………… 13
3.2.1 Device Agent/Gateway-Based Deployment…………………………………. 13
3.2.2 Enclave-Based Deployment ……………………………………………………… 14
3.2.3 Resource Portal-Based Deployment ………………………………………….. 15
3.2.4 Device Application Sandboxing …………………………………………………. 16
3.3 Trust Algorithm…………………………………………………………………………………. 17
3.3.1 Trust Algorithm Variations ………………………………………………………… 19 3.4 Network/Environment Components …………………………………………………….. 21 3.4.1 Network Requirements to Support ZTA………………………………………. 21
4 Deployment Scenarios/Use Cases …………………………………………………………… 23
4.1 Enterprise with Satellite Facilities………………………………………………………… 23
4.2 Multi-cloud/Cloud-to-Cloud Enterprise …………………………………………………. 24
4.3 Enterprise with Contracted Services and/or Nonemployee Access ………….. 25
4.4 Collaboration Across Enterprise Boundaries ………………………………………… 26
4.5 Enterprise with Public- or Customer-Facing Services …………………………….. 27
5 Threats Associated with Zero Trust Architecture ……………………………………… 28
5.1 Subversion of ZTA Decision Process…………………………………………………… 28
5.2 Denial-of-Service or Network Disruption ………………………………………………. 28
5.3 Stolen Credentials/Insider Threat ……………………………………………………….. 29
5.4 Visibility on the Network…………………………………………………………………….. 29
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
NIST SP 800-207 ZERO TRUST ARCHITECTURE
5.5 Storage of System and Network Information ………………………………………… 30
5.6 Reliance on Proprietary Data Formats or Solutions ……………………………….. 30
5.7 Use of Non-person Entities (NPE) in ZTA Administration ……………………….. 30
6 Zero Trust Architecture and Possible Interactions with Existing Federal Guidance ………………………………………………………………………………………………………. 32
6.1 ZTA and NIST Risk Management Framework ………………………………………. 32
6.2 Zero Trust and NIST Privacy Framework……………………………………………… 32
6.3 ZTA and Federal Identity, Credential, and Access Management Architecture 33
6.4 ZTA and Trusted Internet Connections 3.0 …………………………………………… 33
6.5 ZTA and EINSTEIN (NCPS – National Cybersecurity Protection System) … 34
6.6 ZTA and DHS Continuous Diagnostics and Mitigations (CDM) Program…… 34
6.7 ZTA, Cloud Smart, and the Federal Data Strategy ………………………………… 35
7 Migrating to a Zero Trust Architecture ……………………………………………………… 36
7.1 Pure Zero Trust Architecture………………………………………………………………. 36
7.2 Hybrid ZTA and Perimeter-Based Architecture ……………………………………… 36
7.3 Steps to Introducing ZTA to a Perimeter-Based Architected Network……….. 37
7.3.1 Identify Actors on the Enterprise ……………………………………………….. 38
7.3.2 Identify Assets Owned by the Enterprise…………………………………….. 38
7.3.3 Identify Key Processes and Evaluate Risks Associated with Executing
Process …………………………………………………………………………………………… 39
7.3.4 Formulating Policies for the ZTA Candidate ………………………………… 39
7.3.5 Identifying Candidate Solutions …………………………………………………. 40
7.3.6 Initial Deployment and Monitoring ……………………………………………… 40
7.3.7 Expanding the ZTA………………………………………………………………….. 41
References ……………………………………………………………………………………………………. 42
List of Appendices
Appendix A— Acronyms ……………………………………………………………………………….. 45 Appendix B— Identified Gaps in the Current State-of-the-Art in ZTA ……………….. 46
B.1 Technology Survey …………………………………………………………………………… 46
B.2 Gaps that Prevent an Immediate Move to ZTA ……………………………………… 47 B.2.1 LackofCommonTermsforZTADesign,Planning,andProcurement47
B.2.2 PerceptionthatZTAConflictswithExistingFederalCybersecurity
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
NIST SP 800-207 ZERO TRUST ARCHITECTURE
Policies……………………………………………………………………………………………. 47 Systemic Gaps that Impact ZTA …………………………………………………………. 47 B.3.3 StandardizationofInterfacesBetweenComponents……………………..47 B.3.4 EmergingStandardsthatAddressOverrelianceonProprietaryAPIs.48 Knowledge Gaps in ZTA and Future Areas of Research ………………………… 48 B.4.5 AttackerResponsetoZTA………………………………………………………..49 B.4.6 UserExperienceinaZTAEnvironment………………………………………49 B.4.7 ResilienceofZTAtoEnterpriseandNetworkDisruption………………..49 References ……………………………………………………………………………………… 50
List of Figures
Figure 10: Enterprise with Nonemployee Access …………………………………………………. 25 Figure 11: Cross-Enterprise Collaboration ………………………………………………………….. 26 Figure 12: ZTA Deployment Cycle …………………………………………………………………….. 37
Zero Trust Access ……………………………………………………………………………….. 5 Core Zero Trust Logical Components …………………………………………………….. 9 Device Agent/Gateway Model ……………………………………………………………… 14 Enclave Gateway Model …………………………………………………………………….. 15 Resource Portal Model……………………………………………………………………….. 16 Application Sandboxes……………………………………………………………………….. 17 Trust Algorithm Input ………………………………………………………………………….. 18 Enterprise with Remote Employees ……………………………………………………… 24 Multi-cloud Use Case …………………………………………………………………………. 24
List of Tables
Table B-1: Summary of Identified Deployment Gaps ……………………………………………. 46
This publication is available free of charge from: https://doi.org/10.6028/NIST.SP.800-207
1 Introduction
NIST SP 800-207 ZERO TRUST ARCHITECTURE
A typical enterprise’s infrastructure has grown increasingly complex. A single enterprise may operate several internal networks, remote offices with their own local infrastructure, remote and/or mobile individuals, and cloud services. This complexity has outstripped legacy methods of perimeter-based network security as there is no single, easily identified perimeter for the enterprise. Perimeter-based network security has also been shown to be insufficient since once attackers breach the perimeter, further lateral movement is unhindered.
This complex enterprise has led to the development of a new model for cybersecurity known as “zero trust” (ZT). A ZT approach is primarily focused on data and service protection but can and should be expanded to include all enterprise assets (devices, infrastructure components, applications, virtual and cloud components) and subjects (end users, applications and other non- human entities that request information from resources). Throughout this document, “subject” will be used unless the section relates directly to a human end user in which “user” will be specifically used instead of the more generic “subject.” Zero trust security models assume that an attacker is present in the environment and that an enterprise-owned environment is no different—or no more trustworthy—than any nonenterprise-owned environment. In this new paradigm, an enterprise must assume no implicit trust and continually analyze and evaluate the risks to its assets and business functions and then enact protections to mitigate these risks. In zero trust, these protections usually involve minimizing access to resources (such as data and compute resources and appl
程序代写 CS代考 加微信: powcoder QQ: 1823890830 Email: powcoder@163.com