Secure Kubernetes Networking Design Based on Zero Trust Model: A Case Study of Financial Service Enterprise in Indonesia

Surantha, Nico; Ivan, Felix

doi:10.1007/978-3-030-22263-5_34

Cited by 8 publications

(5 citation statements)

References 4 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In the IIoT environment based on the ZTM model, it is crucial to ensure the design and implementation of secure access control technology. This framework aims to leverage the concept of ZTM model to achieve comprehensive, dynamic and sustainable secure access management [30]. The core design point of the framework is to build a powerful and flexible authentication system, covering multi-factor authentication, including biometrics, smart cards, etc.…”

Section: Design Of Secure Access Control Frameworkmentioning

confidence: 99%

Analysis and Research on Secure Access Control Technology of Industrial Internet of Things Based on ZTM Model

Nie

2024

JCSANDM

View full text Add to dashboard Cite

The security threat of IIoT is becoming increasingly serious. In order to address this challenge, security access control technology based on the ZTM model has become a hot research topic. The aim of this study is to conduct in-depth analysis and research on the security access control technology applied by the ZTM model in industrial Internet of Things environments. By analyzing the current challenges of IIOT security and the limitations of traditional security models, this paper proposes a series of security access control technologies related to the ZTM model, aiming to quantify and evaluate the effectiveness of access control policies, zero trust of the system, and comprehensive risk assessment. By using empirical research methods, this study verified the feasibility of the proposed technology in actual industrial Internet of Things environments and demonstrated the significant effect of the ZTM model in reducing security risks and improving system credibility. The experimental results showed that the optimized security access control technology improved security performance by 28% and the missed detection rate was as low as 3.2%. This study provides useful insights for practical applications in the field of secure access control and provides a solid foundation for future research.

show abstract

Section: Design Of Secure Access Control Frameworkmentioning

confidence: 99%

Analysis and Research on Secure Access Control Technology of Industrial Internet of Things Based on ZTM Model

Nie

2024

JCSANDM

View full text Add to dashboard Cite

show abstract

“…Indeed, those papers that do exist in the crossover between container security and ZTA are focused primarily on implementing the traditional Zero Trust Networking approach to containers rather than abstracting the rules of ZTA into a more comprehensive framework to consider and govern the entire surface area of a container deployment, or more specifically as it relates to this paper, the surface area of a Docker container deployment. (Surantha 2020) provides arguments for the use of ZTA from a technical standpoint in securing a container deployment, without evolving the concept of ZTA beyond the network. (de Weeve 2020) provides a more indepth look at technical details, strategy and considerations when using ZTA with containers and identifies ZTA as more than purely a technical concept, but a security approach.…”

Section: Related Workmentioning

confidence: 99%

Zero Trust Container Architecture (ZTCA)

Leahy

Thorpe

2022

iccws

View full text Add to dashboard Cite

Containerisation is quickly becoming an accepted industry standard for development environments and Gartner, in a recent market forecast, estimated that by 2022 more than 75% of organisations will be using containers in production deployments. With this explosion in growth comes an added focus on security and best practices for using containers. The use of containers, in particular Docker containers, has altered some of the more traditional deployment paradigms by giving control of deployments to the development teams. This has massively benefited the DevOps release cycle, but at the expense of many mature security and review processes that are integrated into traditional deployments. Like all systems, containers need frameworks to guide best practices for deployments and to ensure mistakes are not made that increase the risk level or attack surface of an application or service using containers, or the containers themselves. Indeed, according to a recent presentation during DevSecCon24 by Justin Cormack, Security Lead at Docker Inc., Cormack believes most security issues related to Docker are due to misconfiguration rather than direct exploit. While work has been previously conducted with regards to container security and separately applying Zero Trust Networking Architecture to containers, in this work we will investigate the security state of a default deployment of the Docker container engine on Linux and analyse how the principals of Zero Trust Architecture can be extended beyond the domain of networking, distilled into a ”Zero Trust Containers Architecture” and applied to secure Docker deployments. In order to determine this, research was conducted into the current state of Docker security and Zero Trust Architecture. Practical and theoretical attacks were reviewed against a default Docker deployment to identify common themes and areas of issue. Results were used to advise a generalised trust-based framework which was then used to analyse a Docker deployment and validate mitigation of a selection of the identified attacks, proving out the concept of the proposed “Zero Trust Container Architecture” framework.

show abstract

“…To validate the proposed design, a lab simulation was deployed to explore the ability of the design to fulfill the enterprises' requirements. This paper is an extended version of the work of [16].…”

Section: Introductionmentioning

confidence: 99%

A case analysis for Kubernetes network security of financial service industry in Indonesia using zero trust model

2023

View full text Add to dashboard Cite

In this study, a case analysis of Kubernetes application in an enterprise providing financial services in Indonesia is presented. It is implemented to improve their digital services-based application, developed using micro-services architecture. Kubernetes, an application container technology, has been applied in the enterprise providing financial services in Indonesia to improve their digital services-based application, developed using micro-services architecture concepts. Without incorporating any additional hardware, the new technology and services have been adopted to existing virtualized resources of the enterprise. An infrastructure design for secure Kubernetes networking was built and has been studied using the data center provided by the enterprise. This study focuses on two important aspects: network and security. As a security guideline, the network recommendations from VMware, Cisco, and Forrester’s zero trust model were employed to design the infrastructure and were evaluated. The proposed secure network infrastructure design is successfully applied in the container networks using the zero trust requirement, the enterprise’s requirements, and constraints. And we hope this study about network design security can be used and adaptable with existing network and reduce risk and disruption to the business caused by the network.

show abstract

Secure Kubernetes Networking Design Based on Zero Trust Model: A Case Study of Financial Service Enterprise in Indonesia

Cited by 8 publications

References 4 publications

Analysis and Research on Secure Access Control Technology of Industrial Internet of Things Based on ZTM Model

Analysis and Research on Secure Access Control Technology of Industrial Internet of Things Based on ZTM Model

Zero Trust Container Architecture (ZTCA)

A case analysis for Kubernetes network security of financial service industry in Indonesia using zero trust model

Contact Info

Product

Resources

About