2020
DOI: 10.6028/nist.sp.800-207
|View full text |Cite
|
Sign up to set email alerts
|

Zero Trust Architecture

Abstract: This publication has been developed by NIST in accordance with its statutory responsibilities under the Federal Information Security Modernization Act (FISMA) of 2014, 44 U.S.C. § 3551 et seq., Public Law (P.L.) 113-283. NIST is responsible for developing information security standards and guidelines, including minimum requirements for federal information systems, but such standards and guidelines shall not apply to national security systems without the express approval of appropriate federal officials exercis… Show more

Help me understand this report
View preprint versions

Search citation statements

Order By: Relevance

Paper Sections

Select...
2
1
1
1

Citation Types

0
257
0
19

Year Published

2021
2021
2023
2023

Publication Types

Select...
3
3

Relationship

0
6

Authors

Journals

citations
Cited by 404 publications
(276 citation statements)
references
References 4 publications
(3 reference statements)
0
257
0
19
Order By: Relevance
“…ese problems brought about the concept of "Zero Trust" (ZT) in which an enterprise must assume that there is no implicit trust in every subject. In the ZT security model, the enterprise-owned environments are considered no more trustworthy than any nonenterprise-owned environment [2]. More details regarding ZT and zero trust architecture (ZTA) are provided in Section 2.…”
Section: Zero Trust Conceptmentioning
confidence: 99%
See 4 more Smart Citations
“…ese problems brought about the concept of "Zero Trust" (ZT) in which an enterprise must assume that there is no implicit trust in every subject. In the ZT security model, the enterprise-owned environments are considered no more trustworthy than any nonenterprise-owned environment [2]. More details regarding ZT and zero trust architecture (ZTA) are provided in Section 2.…”
Section: Zero Trust Conceptmentioning
confidence: 99%
“…ere are 5 major logical components in ZTA as displayed in Figure 1: subject, resource, policy decision point (PDP), policy enforcement point (PEP), and supplement [2]. Subject refers to a user or any device requesting access to the enterprise resources.…”
Section: Componentsmentioning
confidence: 99%
See 3 more Smart Citations