Automation and orchestration of zero trust architecture: Potential solutions and challenges
BEIJING ZHONGKE JOURNAL PUBLISING CO. LTD.
IMAGE:
THE SCOPE AND ORGANIZATION OF THIS SURVEY
view moreCREDIT: BEIJING ZHONGKE JOURNAL PUBLISING CO. LTD.
To date, most network security architectures have used perimeter-based defense to isolate internal networks from external networks. Firewalls, virtual private networks (VPN), and demilitarized zone (DMZ) networks prevent external attacks by creating a network security perimeter. This can effectively prevent external attacks, but it is difficult to prevent internal attacks because once an intruder breaches the security perimeter, further illegal actions will not be hindered. In addition, with the rapid development of digital technologies such as 5G, the internet of things and cloud computing, the number of network users and devices and their security concerns are growing exponentially, as the perimeter of the network is becoming increasingly blurred. This makes it more difficult to protect organizational resources, especially as more data access points, information inputs and outputs are created. Therefore, preventing internal attacks requires a security architecture that does not trust any network.
Zero trust architecture (ZTA) is a new concept of network security architecture based on the principle of least privilege, which aims to solve the above problems by restricting the behavior of subjects inside the network. Based on the core idea of “never trust, always verify”, ZTA follows a resource-based security policy: no users, devices, or applications (services) can access the data without authentication and authorization. However, while ZTA provides more robust cyber protection measures, it still faces significant implementation challenges. The implementation of ZTA requires multiple security tools (e.g., firewalls) and policies to work together, and traditional stand-alone security detection approaches may not be applicable. In addition, the large amount of data collected and produced by these security tools can be used for risk analysis, prediction, and evaluation within the framework. Thus, to maximize the security protection performance of ZTA, the components of existing frameworks need to be automated and orchestrated. In this context, artificial intelligence (AI) algorithms are considered as one of the most suitable technologies to automate and orchestrate ZTA.
AI technologies are considered as enablers for the security orchestration, automation, and response (SOAR) solutions designed to automate and integrate different security tasks and processes in response to incidents. SOAR is also one of the functions to be considered in the execution of ZTA, which provides a reference for AI to perform automation and orchestration across components.
Security teams consider ZTA as an enabler to uphold security in their organization′s networks. In particular, ZTA needs to develop capabilities that orchestrate and learn continuously to secure an environment based on hyper-granular access privileges. ZTA automation and orchestration can relieve security personnel from manually assigning and reassigning access credentials throughout the organization′s network. Moreover, permission changes over ZTA should be orchestrated in minutes, eliminating the friction and annoyance of security procedures for employees and devices. The paper published in Machine Intelligence Research by the team of Prof. Gang Li focuses on the potential of AI algorithms in the automation and orchestration for ZTA components.
The main purpose of ZTA is to enhance security. Although enterprises or organizations propose different strategies to understand and implement ZTA depending on their application environments, they are all based on the following three principles: 1) Access control should be resource-centric and context-aware. 2) All users and devices must be authenticated and authorized based on dynamic policies before accessing the resources, following the least privilege policy. 3) Improve security by continuously monitoring the integrity and security of owned or associated assets.
Although a large number of studies on ZTA have been published, there are a few literature reviews on ZTA. Researchers classify the existing review works based on the following five categories: Q1: Details of ZTA principles. Q2: Comparison of security technologies based on perimeter and non-perimeter. Q3: Categorization and revision of ZTA components. Q4: Challenges of ZTA migration, automation, and orchestration. Q5: Future research directions of ZTA.
Existing surveys provide a careful review and analysis of different ZTA theoretical frameworks and application scenarios. However, none of them elaborates on the potential benefits of the automation and orchestration of ZTA using AI techniques. In the wide range of ZTA application scenarios, where ZTA needs to process and analyze huge amounts of data from different sources, researchers have shown increasing interest in AI-driven automation and orchestration, which can provide assistance to ZTA in data classification, authentication and access control. Therefore, researchers’ focus in this survey is to fill the gap by developing a systematic review of AI-focused approaches important for ZTA automation technologies from a technical perspective in conjunction with existing surveys.
The main contributions of this paper are summarized as follows: 1) Researchers comprehensively review and compare existing perimetrized-based and deperimetrized-based trust architectures. 2) Researchers provide an in-depth analysis of existing AI technologies for ZTA automation and orchestration. 3) Researchers discuss the challenges of implementing AI-based solutions in ZTA automation and future developments.
Section 2 provides a fine-grained categorization of the logical components, data sources of ZTA, and discuss the ZTA automation workflow. Researchers also compare the difference between perimetrized and deperimetrized architecture from seven aspects: principle, privilege, boundary, authentication, authorization, access control and security.
In light of the increasing demand for AI technologies in zero-trust, researchers focus on, but are not limited to AI technologies that can be applied to the automation and orchestration of ZTA. There is a figure in Section 3 which shows the categories of ZTA components which can use AI algorithms. Researchers divide ZTA components into four parts: control plane, identity verification, attack detection automation and automated resources monitoring.
ZTA automation and orchestration can be considered as the process of reducing frequent mediation by security personnel via automating the detection and prevention of cyber threats. In Section 4, researchers review the AI approaches for ZTA components to ZTA automation and orchestration. There are two Tables in this part that surveyed the recent AI-based approaches to trust evaluation, authentication, attack detection and system monitoring, respectively.
Section 5 describes limitations and challenges, and points to future research development. Researchers propose challenges from three aspects: harmonization policy, legacy system, and data inconsistency. And they provide suggestions on future development from the angle of human expertise, data quality, secure access service edge (SASE) and fast communication.
This survey provides an insightful analysis of the recent literature on ZTA, revealing gaps in addressing AI in ZTA component automation and orchestration. In addition, this survey has identified trust evaluation, authentication, attack detection, and monitoring as the fundamental classifications that constitute the operation of ZTA component automation. To address the challenges associated with these classifications, an overview of AI-based solutions is provided.
See the article:
Automation and Orchestration of Zero Trust Architecture: Potential Solutions and Challenges
http://doi.org/10.1007/s11633-023-1456-2
JOURNAL
Machine Intelligence Research
ARTICLE TITLE
Automation and Orchestration of Zero Trust Architecture: Potential Solutions and Challenges
US building footprints could help identify neighborhood sociodemographic traits
New tools classify building footprints in Atlanta, Boston, Chicago, Houston and LA into 5 neighborhood types
IMAGE:
THE NEW ANALYSIS OF BUILDING FOOTPRINTS IN MAJOR US METROPOLITAN AREAS IDENTIFIES FIVE DIFFERENT NEIGHBORHOOD TYPES THAT VARY IN FOOTPRINT SIZE, SHAPE, AND PLACEMENT.
view moreCREDIT: PUBLICCO, PIXABAY, CC0 (HTTPS://CREATIVECOMMONS.ORG/PUBLICDOMAIN/ZERO/1.0/)
An analysis of building footprints in major US metropolitan areas identifies five different neighborhood types that vary in footprint size, shape, and placement, and which are statistically associated with varying neighborhood socioeconomic and demographic traits. Noah Durst of Michigan State University, US, and colleagues present these findings in the open-access journal PLOS ONE on April 10, 2024.
People have long studied the shape and placement of human settlements—“neighborhood morphology”—to help inform urban planning and management. Recent technological advancements, such as high-resolution satellite imagery and more powerful computational tools, have opened up novel possibilities for this field.
In their new study, Durst and colleagues applied a set of open-source computational tools that was recently developed, in part, by one of the coauthors for analyzing building footprints. They used these tools, collectively known as Foot, to assess footprint patterns across five of the largest US metropolitan areas: Atlanta, Boston, Chicago, Houston, and Los Angeles.
The analysis identified five different neighborhood types based on building footprints. For example, class 1 neighborhoods have smaller buildings with little variation in orientation, meaning most are likely cookie-cutter residential neighborhoods. Class 1 neighborhoods make up a high of about 31 percent of Boston-area neighborhoods and a low of about 19 percent of Los Angeles-area neighborhoods.
The research team also discovered links between the different neighborhood types, where they tend to be located across the urban landscape, and neighborhood sociodemographic traits, such as population density, homeownership, and commuting by car. For instance, class 5 neighborhoods, which have high density and variability of building footprints, tend to be older and located in more central urban areas, and are associated with a mix of renters and homeowners. Meanwhile, class 1 neighborhoods tend to be more recently built suburbs with high rates of homeownership. Class 2 neighborhoods—which have high variability in size, shape, and placement of buildings but with low building density—are typically located on the urban outskirts and have low population density.
These findings highlight the potential for research using tools like Foot to help inform a variety of issues, such as housing policy, infrastructure investment, and residential segregation.
The authors add: “Our study illustrates that neighborhood morphology varies markedly across metropolitan America and that neighborhoods of different types differ in regard to a number of key socioeconomic indicators. These findings point toward neighborhood morphology as a potential link between the various policies that shape urban space (e.g., land use regulations) and the effects of neighborhoods on important societal outcomes (e.g., residential segregation).”
#####
In your coverage please use this URL to provide access to the freely available article in PLOS ONE: https://journals.plos.org/plosone/article?id=10.1371/journal.pone.0299713
Citation: Durst NJ, Sullivan E, Jochem WC (2024) The spatial and social correlates of neighborhood morphology: Evidence from building footprints in five U.S. metropolitan areas. PLoS ONE 19(4): e0299713. https://doi.org/10.1371/journal.pone.0299713
Author Countries: USA, UK
Funding: N.D. and E.S received the award #2048562 from the National Science Foundation, https://www.nsf.gov/. The funders had no role in study design, data collection and analysis, decision to publish, or preparation of the manuscript.
JOURNAL
PLoS ONE
METHOD OF RESEARCH
Computational simulation/modeling
SUBJECT OF RESEARCH
Not applicable
ARTICLE TITLE
The spatial and social correlates of neighborhood morphology: Evidence from building footprints in five U.S. metropolitan areas
ARTICLE PUBLICATION DATE
10-Apr-2024
COI STATEMENT
The authors have declared that no competing interests exist.
No comments:
Post a Comment