Index
A
- active monitoring, Active Monitoring-Active Monitoring
- active response systems, Active Monitoring
- Address Allocation for Private Internets (RFC 1597), Birth of Private IP Address Space
- Advanced Packaging Tool (APT), Distribution Security, Integrity and Authenticity
- AES encryption, Payload encryption
- AES key, Encrypting data using a TPM
- agents (see network agents)
- API security, Secure Coding Practices
- application isolation, Isolation-Isolation
- application trust, Trusting Applications-Summary
- active monitoring, Active Monitoring-Active Monitoring
- active response systems, Active Monitoring
- applications monitoring applications, Active Monitoring
- build systems, Trusting Builds-Decoupling Release and Artifact Versions
- distribution, Trusting Distribution-Trusting a Distribution Network
- human threats, Humans in the Loop-Humans in the Loop, Summary
- instance authorization, Trusting an Instance-Authorized Instances
- isolation, Isolation-Isolation
- per-deployment credentials, Authorized Instances-Authorized Instances
- runtime security, Runtime Security-Active Monitoring
- secure coding practices, Secure Coding Practices-Secure Coding Practices
- source code, Trusting Source-Code Reviews
- trusted application pipeline, Understanding the Application Pipeline
- upgrade-only policy, Upgrade-Only Policy, Summary
- application whitelisting, Humans in the Loop
- ASICs (application-specific integrated circuits), Host Filtering
- asymmetric cryptography, Device identity and X.509
- AtE (authenticate-then-encrypt) , HMAC
- authentication, Authenticating Trust-Public PKI Strictly Better Than None, Summary, When to Authenticate Identity-Moving Toward a Local Auth Solution
- in application-layer endpoints, Authentication and encryption MUST be performed by the application-layer endpoints
- versus authorization, Not for Authentication-Not for Authentication
- biometrics for, Something You Are: Biometrics-Something You Are: Biometrics
- certificate-based, Strong Authentication-Strong Authentication, Something You Have: Certificates
- versus encryption, Encryption Versus Authentication-Authenticity Without Encryption?
- groups, Authenticating and Authorizing a Group-See Something, Say Something, Summary
- human-driven, Least Privilege, Nothing Beats Meatspace-Expectations and Stars, Humans in the Loop-Humans in the Loop, Summary
- with identity provider system, Application Authentication and Authorization
- inventory management, Inventory Management-What Makes a Good Secure Introduction System?
- load balancers and proxies, Authenticating Load Balancers and Proxies
- with local devices, Moving Toward a Local Auth Solution
- location and, Location
- multifactor, Application Authentication and Authorization
- using multiple channels, The Use of Multiple Channels
- out-of-band checks, Out-of-Band Authentication
- passwords, Something You Know: Passwords-Something You Have: TOTP
- security tokens, Something You Have: Security Tokens
- session caching, Caching Identity and Trust
- SSO (single sign-on), Single Sign On-Single Sign On
- strong, All network flows MUST be authenticated before being processed
- TOTP (time-based one-time password, Something You Have: TOTP
- TPM (trusted platform module), TPMs-TPMs for device authentication
- for trust, Authenticating for Trust-Trust as the Authentication Driver
- user, Perimeter Versus Zero Trust, Summary
- X.509, Authenticating Devices with the Control Plane-X.509 for device authentication
- authentication/authorization components, Perimeter Versus Zero Trust-Perimeter Versus Zero Trust
- authoritative identity, Identity Authority, Summary, Identity Theft
- authorization
- authorization systems, Making Authorization Decisions-Summary
- architecture overview, Authorization Architecture-Authorization Architecture
- data scores, Data Stores-Data Stores
- data stores, Authorization Architecture, Summary
- enforcement, Authorization Architecture, Enforcement-Who Defines Policy?, Summary
- low-latency, Policy Engine
- policy engine, Authorization Architecture, Summary
- trust engine, Authorization Architecture, Trust Engine-Exposing Scores Considered Risky, Summary
- auto-scaling, Managing Trust
- automated scanning, Active Monitoring
- automation systems, Automation as an Enabler, Perimeter Versus Zero Trust
C
- caching, Caching Identity and Trust
- CAPTCHAs, Trust Signals
- case studies
- centralized filtering, Host Filtering
- certificate authorities (CAs), Authenticating Trust-What Is a Certificate Authority?, Certificate chains and certification authorities, Authentication SHOULD NOT rely on public PKI providers—private PKI systems should be used instead
- certificate chains, Certificate chains and certification authorities
- certificate pinning, Authentication SHOULD NOT rely on public PKI providers—private PKI systems should be used instead
- certificate provisioning and signing, Identity Security in Static and Dynamic Systems-Identity Security in Static and Dynamic Systems
- certificate, unique device, Bootstrapping Trust
- certificate-based authentication, Strong Authentication-Strong Authentication, Generating and Securing Identity, Something You Have: Certificates
- channel security, The Use of Multiple Channels
- CHILD_SA, IKE SA_INIT and AUTH
- cipher suites, Device support issues, Cipher suite selection, Cipher suite negotiation and selection-Authentication
- client-to-server interactions, Client-Side Versus Server-Side Migrations
- cloud deployments, Applied in the Cloud-Applied in the Cloud
- Cloudflare DNS Root Zone Signing Ceremony, Red October
- code reviews, Code Reviews
- code signing ceremonies, Humans in the Loop
- code, trusting, Trusting Applications
- (see also application trust)
- confidentiality/privacy distinction, Endpoint Enumeration
- configuration management, Software Configuration Management-Secure Source of Truth
- configuration management (CM) systems, Why We Wrote This Book, Inventory Management, “Cheating” with Configuration Management-“Cheating” with Configuration Management
- content addressable storage, Authentic Code and the Audit Trail-Authentic Code and the Audit Trail
- control plane, Introducing the Zero Trust Control Plane, Summary
- credential reuse, Moving Toward a Local Auth Solution
- credential rotation, Zero Trust’s Threat Model, Strong Authentication
- credentials, Identity Authority
- cryptographic keys, Strong Authentication-Strong Authentication, Device identity and X.509-Intermediary keys and passphrases, Key exchange
- cryptographic signatures, Integrity and Authenticity
- cryptoprocessors, Generating and Securing Identity, TPMs
D
- data cleanliness, Rigidity and Fluidity, at the Same Time
- data plane, Introducing the Zero Trust Control Plane, Summary
- data stores, Authorization Architecture, Data Stores-Data Stores, Summary
- DDoS (Distributed Denial of Service) attacks, Distributed Denial of Service-Distributed Denial of Service
- device authentication, Perimeter Versus Zero Trust
- device trust, Trusting Devices-Summary, Trusting Applications, Devices SHOULD be regularly scanned, patched, and rotated
- authenticating with the control plane, Authenticating Devices with the Control Plane-Hardware-Based Zero Trust Supplicant?
- authorization through device data, Using Device Data for User Authorization
- bootstrapping, Bootstrapping Trust-Identity Security in Static and Dynamic Systems
- local measurement, Local Measurement
- reimaging, Devices SHOULD be regularly scanned, patched, and rotated
- remote measurement, Remote Measurement-Remote Measurement
- renewing, Renewing Device Trust-Remote Measurement, Summary
- trust signals, Trust Signals-Network Communication Patterns
- DHE protocol, Key exchange
- dial-in interfaces, Evolution of the Threat Landscape
- dialer-based attacks, Evolution of the Threat Landscape-Evolution of the Threat Landscape
- Diffie–Hellman key exchange, IKE SA_INIT and AUTH
- DigiNotar, Identity Security in Static and Dynamic Systems
- directed acyclic graph (DAG) storage, Authentic Code and the Audit Trail-Authentic Code and the Audit Trail
- distributed source control, Securing the Repository
- distribution security, Trusting Distribution-Trusting a Distribution Network
- DMZ (demilitarized zone), What Is a Zero Trust Network?, Private Networks Connect to Public Networks, The Contemporary Perimeter Model, Evolution of the Threat Landscape
- DNS Root Zone Signing Ceremony, Red October
- DREAD, Common Threat Models
- DSA authentication, Authentication
E
- ECDHE protocol, Key exchange
- ECDSA authentication, Authentication
- egress filtering, Bookended Filtering-Bookended Filtering
- email, evolution of, Private Networks Connect to Public Networks
- encryption, Perimeter Versus Zero Trust
- AES, Payload encryption
- asymmetric versus symmetric, Bulk encryption-Bulk encryption
- versus authentication, Encryption Versus Authentication-Authenticity Without Encryption?
- bulk, Bulk encryption-Bulk encryption
- cryptographic keys, Strong Authentication-Strong Authentication, Device identity and X.509-Intermediary keys and passphrases
- cryptoprocessors, Generating and Securing Identity
- GnuPG, Payload encryption
- intra-datacenter, Applied in the Cloud
- monitoring encrypted traffic, Variable Trust
- as priority, All network flows SHOULD be encrypted before being transmitted
- private key cryptography, Strong Authentication-Strong Authentication, Importance of PKI in Zero Trust, Generating and Securing Identity, Private key storage-X.509 for device authentication, Remote attestation
- public key cryptography, Strong Authentication-Strong Authentication, Device identity and X.509-Private key storage, Key exchange
- separation of duties, Separation of duty-Separation of duty
- with TPMs, Encrypting data using a TPM-Intermediary keys and passphrases
- endorsement key (EK), Remote attestation
- endpoint enumeration, Endpoint Enumeration
- enforcement, Authorization Architecture, Enforcement-Enforcement, Summary
- enumerating flows, All network flows MUST be enumerated so that access can be enforced by the system
- exclusion zone, What Is a Zero Trust Network?
- (see also DMZ (demilitarized zone))
- Extensible Authentication Protocol (EAP), Authentication credentials
F
- filtering, Where Should Zero Trust Be in the Network Model?, Filtering-Intermediary Filtering
- firewall exceptions, Perimeter Shortcomings
- firewalls, Authorization Architecture, Filtering, Host Filtering-Host Filtering
- flow database, All network flows MUST be enumerated so that access can be enforced by the system
- forward proxy mode, Zero Trust Proxies
- fuzzing, Secure Coding Practices, Active Monitoring
- fwknop, fwknop-HMAC
H
- hardware security modules (HSMs), Generating and Securing Identity
- hardware-backed measurement, Local Measurement
- hashing, Integrity and Authenticity-Integrity and Authenticity, Trusting a Distribution Network
- Heartbleed, Knowing What to Expect
- historical data stores, Data Stores, Historical Access
- HMAC (hashed message authentication code), HMAC
- host filtering, Host Filtering-Host Filtering
- human-driven authentication, Least Privilege, Nothing Beats Meatspace-Expectations and Stars, Humans in the Loop-Humans in the Loop, Summary
I
- identity
- identity provider system, Application Authentication and Authorization
- identity recovery system attacks, Bootstrapping Identity in a Private System
- identity theft, Identity Theft
- implementing zero trust model, Realizing a Zero Trust Network-Summary
- building a system diagram, Building a System Diagram-Building a System Diagram
- case studies
- choosing scope, Choosing Scope-Devices SHOULD be regularly scanned, patched, and rotated
- client-side versus server-side migrations, Client-Side Versus Server-Side Migrations
- configuration management (CM) systems, “Cheating” with Configuration Management-“Cheating” with Configuration Management
- initial controller-less architecture, Controller-Less Architecture-Policy Distribution
- load balancer and proxy authentication, Authenticating Load Balancers and Proxies
- network flows in, Understanding Your Flows
- policy distribution, Policy Distribution-Policy Distribution
- policy, defining and installing, Defining and Installing Policy-Defining and Installing Policy
- priorities list for, What’s Actually Required?-Devices SHOULD be regularly scanned, patched, and rotated
- relationship-oriented policy, Relationship-Oriented Policy
- zero trust proxy deployment, Zero Trust Proxies-Zero Trust Proxies
- informal identity, Identity Authority
- ingress filtering, Bookended Filtering
- injection attacks, Secure Coding Practices
- insider threats, Common Threat Models
- intermediary filtering, Intermediary Filtering-Intermediary Filtering
- intermediary keys, Intermediary keys and passphrases
- internal network attack launches, Evolution of the Threat Landscape
- Internet Assigned Numbers Authority (IANA), Managing the Global IP Address Space
- Internet Key Exchange (IKE), IKE/IPsec-IKE/IPsec for device authentication
- Internet Threat Model, Zero Trust’s Threat Model
- Internet, early, Managing the Global IP Address Space
- invalidation, Invalidation-Invalidation
- inventory data stores, Data Stores
- inventory management, Inventory Management-What Makes a Good Secure Introduction System?, CM-Based Inventory-Searchable inventory
- IP address evolution, Managing the Global IP Address Space-The Contemporary Perimeter Model
- IP Address Network Translator (RFC 1631), Birth of NAT
- IPsec, Where Should Zero Trust Be in the Network Model?-IKE/IPsec for device authentication, Summary
M
- machine learning, Trust Engine
- man-in-the-middle attacks, Moving Toward a Local Auth Solution
- management information base (MIB), Standardization Desirable
- managing trust (see trust management)
- Merkle tree, Authentic Code and the Audit Trail
- message authenticity, Message authenticity
- Microsoft server isolation, A pragmatic approach
- Modern Chef, What Makes a Good Secure Introduction System?
- multifactor authentication, Application Authentication and Authorization
- multiplatform authentication challenges, Challenges with Multiplatform Authentication
- mutually authenticated TLS, Mutually Authenticated TLS
- (see also TLS (Transport Layer Security))
N
- NAC (Network Access Control), Perimeter Versus Zero Trust
- NAT (network address translation), Birth of NAT-The Contemporary Perimeter Model, Evolution of the Threat Landscape
- network address translation (NAT), Birth of NAT-The Contemporary Perimeter Model
- network agents, Network Agents-Summary
- creating, What’s in an Agent?, Summary
- data fields in, What’s in an Agent?
- data volatility, Agent Volatility
- defining, What Is an Agent?
- exposing, How to Expose an Agent?-How to Expose an Agent?
- overview, Network Agents-What’s in an Agent?
- roles of, How Is an Agent Used?-Not for Authentication, Summary
- scoring of, What Entities Are Scored?
- standardization of, No Standard Exists-In the Meantime?
- network communication patterns, Network Communication Patterns
- network filtering (see filtering)
- network flows, Understanding Your Flows-Controller-Less Architecture
- (see also network traffic)
- network models, A Brief Introduction to Network Models-A pragmatic approach
- network policy, Variable Trust, Variable Trust, Summary, How Is an Agent Used?-Not for Authentication
- network traffic, Trusting the Traffic-Summary
- encryption versus authentication, Encryption Versus Authentication-Authenticity Without Encryption?
- enumeration of flows, All network flows MUST be enumerated so that access can be enforced by the system
- filtering, Filtering-Intermediary Filtering
- first packet problem, Bootstrapping Trust: The First Packet-HMAC, Summary
- IPsec, Where Should Zero Trust Be in the Network Model?-IKE/IPsec for device authentication, Summary
- security applications for, Where Should Zero Trust Be in the Network Model?-A pragmatic approach
- TLS (Transport Layer Security), Mutually Authenticated TLS-Mutually authenticated TLS for device authentication, Summary
P
- Packages file, Integrity and Authenticity
- PagerDuty, case study, Case Study: PagerDuty’s Cloud Agnostic Network-Value of a Provider-Agnostic System
- passphrases, Intermediary keys and passphrases
- passwords, Something You Know: Passwords-Something You Have: TOTP
- PASTA, Common Threat Models
- patient zero, Evolution of the Threat Landscape
- payload, Network Layers, Visually
- PCRs (platform configuration registers), Platform configuration registers-Platform configuration registers
- PDU (protocol data unit), Zero Trust’s Threat Model
- perimeter filters, Intermediary Filtering-Intermediary Filtering
- perimeter security model, Evolution of the Perimeter Model-The Contemporary Perimeter Model
- perimeterless networks, Endpoint Enumeration
- PFS (perfect forward secrecy), Perfect Forward Secrecy
- phoning home, Evolution of the Threat Landscape
- physical coercion, Physical Coercion-Physical Coercion
- PKI (see public key infrastructure (PKI))
- policy distribution, Policy Distribution
- policy engine, Authorization Architecture, Policy Engine-Who Defines Policy?, Summary
- Postel, Jon, Managing the Global IP Address Space
- pre-authentication, Secure Introduction, Bootstrapping Trust: The First Packet-Bootstrapping Trust: The First Packet, Distributed Denial of Service
- privacy/confidentiality distinction, Endpoint Enumeration
- Private Enterprise Number, Standardization Desirable
- private IP address space, Birth of Private IP Address Space
- private key cryptography, Strong Authentication-Strong Authentication, Importance of PKI in Zero Trust, Generating and Securing Identity, Private key storage-X.509 for device authentication, Remote attestation
- privilege, elevated/reduced, Least Privilege
- (see also least privilege)
- Project Calico, Bookended Filtering
- proxies, Authorization Architecture
- public key cryptography, Strong Authentication-Strong Authentication, Device identity and X.509-Public and private components, Key exchange
- public key infrastructure (PKI), Authenticating Trust-Public PKI Strictly Better Than None, Summary, Authentication SHOULD NOT rely on public PKI providers—private PKI systems should be used instead
R
- RADIUS protocol, Policy Engine
- RAT (remote access tool), Perimeter Shortcomings
- Red October project, Red October
- registration authority (RA), Authenticating Trust, Certificate chains and certification authorities
- reimaging, Renewing Device Trust
- relationship-oriented network policy, Relationship-Oriented Policy
- Release file, Integrity and Authenticity-Integrity and Authenticity, Trusting a Distribution Network
- remote access tool (RAT), Perimeter Shortcomings
- remote attestation, Remote attestation-Remote attestation, Local Measurement
- Remote Authentication Dial-In User Service (RADIUS), Policy Engine
- remote measurement, Remote Measurement-Remote Measurement
- replay attacks, Moving Toward a Local Auth Solution
- repository security, Securing the Repository
- reproducible builds, Reproducible Builds
- resource managers, Identity Security in Static and Dynamic Systems-Identity Security in Static and Dynamic Systems
- response wrapping, Authorized Instances
- reverse proxy mode, Zero Trust Proxies
- RFC 1597, Birth of Private IP Address Space
- RFC 1631, Birth of NAT
- RFC 3439, TCP/IP Network Model
- RFC 3552, Zero Trust’s Threat Model
- RFC 6238, Something You Have: TOTP
- RFC 6379, Cipher suite selection
- RFC-style prioritized lists, What’s Actually Required?-What’s Actually Required?
- risk determination, Least Privilege
- rotation, Zero Trust’s Threat Model, Renewing Device Trust-Renewing Device Trust
- RSA authentication, Authentication
- RSA protocol, Key exchange
- RSA token, Variable Trust
- runtime security, Runtime Security-Active Monitoring
S
- scanning, automated, Active Monitoring
- script kiddies, Common Threat Models
- SDN (software-defined network), Intermediary Filtering
- sealed data, Platform configuration registers
- searchable inventory, Searchable inventory
- secrets, Strong Authentication-Strong Authentication, Authorized Instances-Authorized Instances
- secure boot, Bootstrapping Trust
- secure coding practices, Secure Coding Practices-Secure Coding Practices
- secure introduction, Secure Introduction-What Makes a Good Secure Introduction System?
- secure zone, The Contemporary Perimeter Model
- (see also DMZ (demilitarized zone))
- security considerations, The Adversarial View-Summary
- security policies
- security policies, defining, Summary
- security tokens, Something You Have: Security Tokens, Authenticating Load Balancers and Proxies
- server-to-server interactions, Client-Side Versus Server-Side Migrations
- session caching, Caching Identity and Trust
- Shamir’s Secret Sharing, Shamir’s Secret Sharing, Social Engineering
- shared kernel environments, Isolation
- Shor's algorithm, Key exchange
- signing, Integrity and Authenticity-Integrity and Authenticity, Trusting a Distribution Network
- SMS messaging, Something You Have: TOTP
- SNMP (Simple Network Management Protocol), Standardization Desirable-Standardization Desirable
- social engineering attacks, Social Engineering
- software-backed measurement, Local Measurement
- source code, Trusting Source-Code Reviews
- SPA (Single Packet Authorization) implementation, Bootstrapping Trust: The First Packet-HMAC
- SPI (Security Parameter Index), IPsec security associations
- SSL configuration, Strong Authentication
- (see also TLS configuration)
- SSO (single sign-on), Single Sign On-Single Sign On
- state-level actors, Common Threat Models, Zero Trust’s Threat Model
- storage root key (SRK), Encrypting data using a TPM
- STRIDE, Common Threat Models
- strong authentication, All network flows MUST be authenticated before being processed
- Suite B Cryptographic Suite, Cipher suite selection
- supply chain security, Understanding the Application Pipeline
- system diagram, building, Building a System Diagram
T
- targeted attackers, Common Threat Models
- TCP/IP network model, TCP/IP Network Model
- threat evolution, Evolution of the Threat Landscape-Evolution of the Threat Landscape
- threat models, Threat Models-Zero Trust’s Threat Model, Summary
- TLS (Transport Layer Security), Strong Authentication, Trusting a Distribution Network, Where Should Zero Trust Be in the Network Model?-Where Should Zero Trust Be in the Network Model?, Application support issues, Mutually Authenticated TLS-Mutually authenticated TLS for device authentication, Summary
- TOTP (time-based one-time password), Something You Have: TOTP
- TPMs (trusted platform modules), TPMs-TPMs for device authentication
- traditional network security architecture, What Is a Zero Trust Network?
- (see also perimeter security model)
- traffic (see network flows, network traffic)
- traffic sources, Trust Signals
- training data, Trust Engine
- Transport Layer Security (TLS) (see TLS (Transport Layer Security))
- Trike, Common Threat Models
- trust, Perimeter Versus Zero Trust
- application trust (see application trust)
- bootstrapping (see bootstrapping trust)
- device trust (see device trust)
- user trust (see user trust)
- trust anchor, Managing Trust
- trust chain, Managing Trust
- trust delegation, Managing Trust-Managing Trust
- trust engine, Authorization Architecture, Trust Engine-Exposing Scores Considered Risky, Summary
- trust levels, Where the Trust Lies
- trust management, Managing Trust-Summary
- authentication, Authenticating Trust-Public PKI Strictly Better Than None, Summary
- control plane versus data plane, Control Plane Versus Data Plane-Control Plane Versus Data Plane, Summary
- defining trust policies, Variable Trust-Variable Trust
- least privilege, Least Privilege-Least Privilege, Summary
- strong authentication, Strong Authentication-Strong Authentication
- threat models, Threat Models-Zero Trust’s Threat Model
- variable trust, Variable Trust-Variable Trust, Summary
- trust score, Perimeter Versus Zero Trust, Variable Trust-Variable Trust, Agent Volatility, How Is an Agent Used?
- trust signals, Trust Signals
- trusted insiders, Common Threat Models
- Trusted Network Connect (TNC), Perimeter Versus Zero Trust
- trusted platform modules (TPMs), Generating and Securing Identity
- trusted third parties, Authorized Instances
U
- U2F (Universal 2nd Factor), Something You Have: Security Tokens, Authenticating Load Balancers and Proxies
- UAF standard, Moving Toward a Local Auth Solution
- UDP packets, Bootstrapping Trust: The First Packet
- untrusted computing platforms, Untrusted Computing Platform
- untrusted zone, The Contemporary Perimeter Model
- upgrade-only policy, Upgrade-Only Policy, Summary
- UPnP, Intermediary Filtering
- user authentication, Summary
- user directories, User Directories-Directory Maintenance
- user trust, Trusting Users-Summary
- access patterns, Trust Signals
- awareness and speaking up, See Something, Say Something
- bootstrapping identity, Bootstrapping Identity in a Private System-Expectations and Stars
- government-issued identification, Government-Issued Identification
- group authentication, Authenticating and Authorizing a Group-See Something, Say Something
- how to authenticate, How to Authenticate Identity-Moving Toward a Local Auth Solution
- human-driven authentication, Nothing Beats Meatspace-Expectations and Stars
- identity authority, Identity Authority-Identity Authority
- physical safety and, How to Authenticate Identity, Physical Coercion-Physical Coercion
- storing identity, Storing Identity-Directory Maintenance
- user directories, User Directories-Directory Maintenance
- when to authenticate, When to Authenticate Identity-Caching Identity and Trust
- user/application authentication, Perimeter Versus Zero Trust
V
- variable trust, Summary
- VAST, Common Threat Models
- Vault, Authorized Instances
- version control systems (VCS), Authentic Code and the Audit Trail
- virtualization, Isolation
- virtualized build environments, Reproducible Builds
- VPNs (virtual private networks), What Is a Zero Trust Network?, Perimeter Versus Zero Trust, Perimeter Versus Zero Trust
- vulnerability scanning, Remote Measurement
..................Content has been hidden....................
You can't read the all page of ebook, please click
here login for view all page.