Dynamic Access Control and Authorization System based on Zero-trust architecture

Yao, Qigui; Wang, Qi; Zhang, Xiaojian; Fei, Jiaxuan

doi:10.1145/3437802.3437824

Cited by 39 publications

(13 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Os autores [Yao et al 2020] apresentam um sistema dinâmico de controle de acesso e autorizac ¸ão a partir de retratos de comportamento dos usuários em tempo real para obtenc ¸ão de dinamismo no controle de acesso e refinamento na autorizac ¸ão. Os autores não aplicam em um contexto real.…”

Section: Trabalhos Relacionadosunclassified

Abordagem confiança zero aplicada a ambientes computacionais big data: um estudo de caso

Oliveira¹,

Oliveira²,

Macedo³

et al. 2022

Anais Do XXVII Workshop De Gerência E Operação De Redes E Serviços (WGRS 2022)

View full text Add to dashboard Cite

O tema deste artigo é o estudo e a aplicação dos princípios da abordagem de confiança zero (zero trust) para segurança cibernética a um ambiente de big data. A partir da definição de um ambiente computacional big data baseado em um ambiente real de produção, definimos uma arquitetura de segurança baseada na confiança zero e a instanciamos para o ambiente em questão, abordando alguns casos de autenticação e autorização. Para a instanciação da arquitetura, várias ferramentas de software são utilizadas, diversas delas já disponíveis no ambiente real. As soluções propostas são ilustradas por casos de uso. A conclusão é que essa a tarefa é complexa, porém factível, e que pode ser implementada com as ferramentas usuais de ambientes big data.

show abstract

Section: Trabalhos Relacionadosunclassified

Abordagem confiança zero aplicada a ambientes computacionais big data: um estudo de caso

Oliveira¹,

Oliveira²,

Macedo³

et al. 2022

Anais Do XXVII Workshop De Gerência E Operação De Redes E Serviços (WGRS 2022)

View full text Add to dashboard Cite

show abstract

“…Similarly, in October 2020, Yao et al [6] proposed a dynamic access control and authorization system for ZTA.…”

Section: Trust Algorithmmentioning

confidence: 99%

“…A subject accessing any resource outside its normal access pattern may raise a flag which can lead to a more thorough investigation. A good example of deploying a behavior-based approach in ZTA is presented by Yao et al [6] in 2020. In [6], the subject's behavior is continuously observed and calculated into a behavior trust (BT).…”

Section: Credential Eftmentioning

confidence: 99%

“…A good example of deploying a behavior-based approach in ZTA is presented by Yao et al [6] in 2020. In [6], the subject's behavior is continuously observed and calculated into a behavior trust (BT). Access to a resource is granted only if BT exceeds the trust threshold (TT) which may change dynamically depending on the environment.…”

Section: Credential Eftmentioning

confidence: 99%

“…Enterprises should exercise the least privilege policy [10] so that there is only the least amount of data and resources available to a subject. e least privilege policy can be applied with dynamic trust-based access control (see [5,6], for example) to provide granular visibility of data. Also, an individual resource should be protected at the border of that resource (using resource gateway, for example).…”

Section: Granular Data Visibility Access Control and Datamentioning

confidence: 99%

See 2 more Smart Citations

Migrating to Zero Trust Architecture: Reviews and Challenges

Teerakanok

Uehara

Inomata

2021

Security and Communication Networks

View full text Add to dashboard Cite

Zero trust (ZT) is a new concept involving the provisioning of enterprise/organization resources to the subjects without relying on any implicit trust. Unlike the perimeter-based architecture in which any subject behind the wall (i.e., inside the predefined perimeter) is considered trusted, zero trust architecture (ZTA) processes any request and provides a resource to the subject without relying on implicit trust. In this paper, based on NIST Special Publication SP800-207, the concept of ZT and ZTA is introduced. Also, challenges, steps, and things to consider when migrating from the legacy architecture to ZTA are presented and discussed.

show abstract

Zero Trust Networks

2022

AI and Machine Learning for Network and Security Management

View full text Add to dashboard Cite

Dynamic Access Control and Authorization System based on Zero-trust architecture

Cited by 39 publications

References 3 publications

Abordagem confiança zero aplicada a ambientes computacionais big data: um estudo de caso

Abordagem confiança zero aplicada a ambientes computacionais big data: um estudo de caso

Migrating to Zero Trust Architecture: Reviews and Challenges

Zero Trust Networks

Contact Info

Product

Resources

About