[Data Sharing] Zero Trust Technology Learning Materials Summary

Enterprise 2023-07-02 07:05:57 views: null

Article Directory

foreword

Recently, I am learning zero trust knowledge, so I have collected some zero trust-related information, and I dare not share it with you, so I will share it with you. All the materials come from the Internet, and I would like to thank all the predecessors for their hard work, especially the many selfless data translators.
I can find the download address. I put the download address in the back. If there is no download address, it was not recorded when it was downloaded (be sure to take notes in time in the future). The download method is at the end.
All the following introductions are generated by ChatGPT, and the level of feeling is not bad.

1. What is Zero Trust Technology?

Zero trust technology is a network security defense model, emphasizing that enterprises should be skeptical of all users, devices and applications in the internal and external network environment, and not trust any party, so that in the environment of increasing network threats Improve security. The zero-trust model requires users to perform secondary authentication when accessing enterprise resources, and enterprise resources can only be used after the verification is passed. Different from traditional security strategies, Zero Trust technology focuses on measures such as traffic monitoring and access restrictions on the network, so as to achieve better security protection effects.

2. NIST Zero Trust Framework

The Zero Trust Framework is a set of network security guidelines issued by the National Institute of Standards and Technology (NIST), which aims to guide enterprises to build a reliable data protection system. It is based on the principle of zero trust, where all workers, devices and applications cannot be trusted and need to be authenticated before access is authorized. The framework focuses on how to improve the level of security defense through effective identity authentication, traffic monitoring, access restrictions and other measures, and also includes the requirements for the establishment, operation and maintenance of organization-level policies.

National Cybersecurity Center of Excellence's "Implementing a Zero Trust Architecture" series of draft standards NIST SP 1800-35. It aims to help enterprises implement a zero-trust security architecture to improve network security defense capabilities. This guide provides implementation methods and best practices for network security architecture based on zero trust principles to protect sensitive data and assets of enterprises.
Through NIST SP 1800-35, enterprises can understand how to implement a zero-trust security architecture in their own network environment, and through a variety of measures to strengthen the defense and protection of sensitive data and assets.

3. DoD Zero Trust Reference Architecture

"DoD Zero Trust Reference Architecture" version 1.0 and version 2.0
The Zero Trust Framework released by the US Defense Information Systems Agency (DISA), also known as DISA Zero Trust Reference Architecture. The framework provides a set of guidelines and recommendations for implementing a zero trust security model to protect critical information assets of federal departments and enterprises. Through the framework, enterprises can understand how to gradually realize the zero trust security model, so as to maximize the protection of their critical information assets.

4. Federal Zero Trust Strategy

"The federal zero trust strategy mainly introduces the background, objectives and implementation plan of the strategy. Among them, the strategy mainly includes the following aspects: Background:
introduces the background and practical necessity of the federal zero trust strategy.
Goal: clarify the federal zero trust The goal of the strategy is to protect the security defense capabilities of federal information systems and data.Strategy
: elaborate the implementation strategies and measures of the federal zero trust strategy, including strengthening authentication, using encryption technology and application testing, supporting intelligent automation, etc. Plan:
column Outline the implementation plan and timetable of the federal zero trust strategy, and introduce the basic principles and norms for establishing a federal zero trust architecture.

5. Zero Trust Maturity Model

The Zero Trust Maturity Model was proposed by the US federal government's Cybersecurity and Infrastructure Security Agency (CISA) to help organizations assess and improve the maturity of their zero trust strategies. The model can assess an organization's zero trust maturity along five different dimensions.

6. The Department of Defense Zero Trust Strategy

The zero trust strategy and roadmap released for the Department of Defense mainly introduces the background, goals and implementation plan of the strategy. Among them, the strategy mainly includes the following aspects:
Background: introduces the background and practical necessity of the zero trust strategy, and the Ministry of National Defense refers to the existing zero trust framework and guidelines for formulation.
Goal: The goal of a clear zero trust strategy is to strengthen the security defenses of DoD networks and enable mobility in the digital age.
Execution: Elaborate on the implementation strategies and measures of the zero trust strategy, including strengthening authentication, implementing access control, using encryption technology, adopting automation technology, etc.
Roadmap: Outlines the implementation plan and timeline of the zero trust strategy, divided into three phases: building the foundation, expanding the network and strengthening protection, optimizing performance and improving operability.

7. Other information

(1) Qi Anxin Zero Trust Security Album, a collection of data on zero trust research earlier in China, including Google beyondCrop data, NIST "Zero Trust Architecture", NCCOE's "Zero Trust Architecture" draft translation, draft 1 and 2 comparative analysis and so on.
(2) Domestic standards and white papers. "Information Security Technology Zero Trust Reference Architecture" Draft for Comments, Zero Trust Security Product Research Report, Zero Trust Development Insight Report 2022, Zero Trust Practical White Paper, ICT Institute 2020 Zero Trust Research Report Zero Trust Technology and Other Technical Reports (3
) Published academic papers are mainly data interpretation and research review. I won't introduce them one by one here.
See Figure for details.
It took a long time to collect these materials, and I couldn't find the download address, sorry.
data collection

Summarize

All the materials have been packaged, please go to the original address to get them.
Original address: https://mp.weixin.qq.com/s/8O4V382K5BmEePycw406sA

Guess you like

Origin blog.csdn.net/m0_37771865/article/details/130026159
Recommended
Ranking
Empire cms smart tag calls four first-level recommended articles, starting from the fourth article
Linux environment installation and configuration Elasticsearch7.17
Big Data processing architecture and Lambda Kappa architecture
Explore the top of the AI large model platform - Wenxin Qianfan
Beijing car PK10 lucky airship Guanya size and value of the odd and even tips
W3B x Sui Hacker House|In-depth understanding of Sui and Move language
Know almost Ko Chan: Chinese what any decent open source software products? (Finishing from my original answer)
Comprehensively improve AD domain security authentication | Zhuyun IDaaS
Android Update Engine Analysis (24) What happened when making the downgrade package?
Spark Architecture and Operating Mechanism (1) - System Architecture
Daily
More
2024-05-07(34)
2024-05-06(6)
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)

Code World

© 2018 codetd.com