PRESS-NEWS.org - Press Release Distribution
PRESS RELEASES DISTRIBUTION

Automation and orchestration of zero trust architecture: Potential solutions and challenges

Automation and orchestration of zero trust architecture: Potential solutions and challenges
2024-04-11
(Press-News.org)

To date, most network security architectures have used perimeter-based defense to isolate internal networks from external networks. Firewalls, virtual private networks (VPN), and demilitarized zone (DMZ) networks prevent external attacks by creating a network security perimeter. This can effectively prevent external attacks, but it is difficult to prevent internal attacks because once an intruder breaches the security perimeter, further illegal actions will not be hindered. In addition, with the rapid development of digital technologies such as 5G, the internet of things and cloud computing, the number of network users and devices and their security concerns are growing exponentially, as the perimeter of the network is becoming increasingly blurred. This makes it more difficult to protect organizational resources, especially as more data access points, information inputs and outputs are created. Therefore, preventing internal attacks requires a security architecture that does not trust any network.

 

Zero trust architecture (ZTA) is a new concept of network security architecture based on the principle of least privilege, which aims to solve the above problems by restricting the behavior of subjects inside the network. Based on the core idea of “never trust, always verify”, ZTA follows a resource-based security policy: no users, devices, or applications (services) can access the data without authentication and authorization. However, while ZTA provides more robust cyber protection measures, it still faces significant implementation challenges. The implementation of ZTA requires multiple security tools (e.g., firewalls) and policies to work together, and traditional stand-alone security detection approaches may not be applicable. In addition, the large amount of data collected and produced by these security tools can be used for risk analysis, prediction, and evaluation within the framework. Thus, to maximize the security protection performance of ZTA, the components of existing frameworks need to be automated and orchestrated. In this context, artificial intelligence (AI) algorithms are considered as one of the most suitable technologies to automate and orchestrate ZTA.

 

AI technologies are considered as enablers for the security orchestration, automation, and response (SOAR) solutions designed to automate and integrate different security tasks and processes in response to incidents. SOAR is also one of the functions to be considered in the execution of ZTA, which provides a reference for AI to perform automation and orchestration across components.

 

Security teams consider ZTA as an enabler to uphold security in their organization′s networks. In particular, ZTA needs to develop capabilities that orchestrate and learn continuously to secure an environment based on hyper-granular access privileges. ZTA automation and orchestration can relieve security personnel from manually assigning and reassigning access credentials throughout the organization′s network. Moreover, permission changes over ZTA should be orchestrated in minutes, eliminating the friction and annoyance of security procedures for employees and devices. The paper published in Machine Intelligence Research by the team of Prof. Gang Li focuses on the potential of AI algorithms in the automation and orchestration for ZTA components.

 

The main purpose of ZTA is to enhance security. Although enterprises or organizations propose different strategies to understand and implement ZTA depending on their application environments, they are all based on the following three principles: 1) Access control should be resource-centric and context-aware. 2) All users and devices must be authenticated and authorized based on dynamic policies before accessing the resources, following the least privilege policy. 3) Improve security by continuously monitoring the integrity and security of owned or associated assets.

 

Although a large number of studies on ZTA have been published, there are a few literature reviews on ZTA. Researchers classify the existing review works based on the following five categories: Q1: Details of ZTA principles. Q2: Comparison of security technologies based on perimeter and non-perimeter. Q3: Categorization and revision of ZTA components. Q4: Challenges of ZTA migration, automation, and orchestration. Q5: Future research directions of ZTA.

 

Existing surveys provide a careful review and analysis of different ZTA theoretical frameworks and application scenarios. However, none of them elaborates on the potential benefits of the automation and orchestration of ZTA using AI techniques. In the wide range of ZTA application scenarios, where ZTA needs to process and analyze huge amounts of data from different sources, researchers have shown increasing interest in AI-driven automation and orchestration, which can provide assistance to ZTA in data classification, authentication and access control. Therefore, researchers’ focus in this survey is to fill the gap by developing a systematic review of AI-focused approaches important for ZTA automation technologies from a technical perspective in conjunction with existing surveys.

 

The main contributions of this paper are summarized as follows: 1) Researchers comprehensively review and compare existing perimetrized-based and deperimetrized-based trust architectures. 2) Researchers provide an in-depth analysis of existing AI technologies for ZTA automation and orchestration. 3) Researchers discuss the challenges of implementing AI-based solutions in ZTA automation and future developments.

 

Section 2 provides a fine-grained categorization of the logical components, data sources of ZTA, and discuss the ZTA automation workflow. Researchers also compare the difference between perimetrized and deperimetrized architecture from seven aspects: principle, privilege, boundary, authentication, authorization, access control and security.

 

In light of the increasing demand for AI technologies in zero-trust, researchers focus on, but are not limited to AI technologies that can be applied to the automation and orchestration of ZTA. There is a figure in Section 3 which shows the categories of ZTA components which can use AI algorithms. Researchers divide ZTA components into four parts: control plane, identity verification, attack detection automation and automated resources monitoring.

 

ZTA automation and orchestration can be considered as the process of reducing frequent mediation by security personnel via automating the detection and prevention of cyber threats. In Section 4, researchers review the AI approaches for ZTA components to ZTA automation and orchestration. There are two Tables in this part that surveyed the recent AI-based approaches to trust evaluation, authentication, attack detection and system monitoring, respectively.

 

Section 5 describes limitations and challenges, and points to future research development. Researchers propose challenges from three aspects: harmonization policy, legacy system, and data inconsistency. And they provide suggestions on future development from the angle of human expertise, data quality, secure access service edge (SASE) and fast communication.

 

This survey provides an insightful analysis of the recent literature on ZTA, revealing gaps in addressing AI in ZTA component automation and orchestration. In addition, this survey has identified trust evaluation, authentication, attack detection, and monitoring as the fundamental classifications that constitute the operation of ZTA component automation. To address the challenges associated with these classifications, an overview of AI-based solutions is provided.

 

See the article:

Automation and Orchestration of Zero Trust Architecture: Potential Solutions and Challenges

http://doi.org/10.1007/s11633-023-1456-2

END


[Attachments] See images for this press release:
Automation and orchestration of zero trust architecture: Potential solutions and challenges

ELSE PRESS RELEASES FROM THIS DATE:

The RUBY reporter for visual selection in soybean genome editing

The RUBY reporter for visual selection in soybean genome editing
2024-04-11
This study is led by Professor Wensheng Hou (Institute of Crop Sciences, Chinese Academy of Agricultural Sciences, Beijing, China). The authors engineered a novel expression vector designed to facilitate gene editing and enable visual confirmation of successful modifications. To achieve this, the authors used RUBY reporter which harnessed the ability to convert tyrosine into a vivid red betalain pigment. This breakthrough allowed to visually confirm gene expression in soybean plants without the need for specialized equipment. By utilizing this innovative color-based screening system, the authors could quickly assess whether genetic modifications ...

Pacific cities much older than previously thought

Pacific cities much older than previously thought
2024-04-11
New evidence of one of the first cities in the Pacific shows they were established much earlier than previously thought, according to new research from The Australian National University (ANU).   The study used aerial laser scanning to map archaeological sites on the island of Tongatapu in Tonga.   Lead author, PhD scholar Phillip Parton, said the new timeline also indicates that urbanisation in the Pacific was an indigenous innovation that developed before Western influence. “Earth structures were being constructed in Tongatapu around AD 300. This is 700 years earlier than previously thought,” ...

Scientists create octopus survival guide to minimize impacts of fishing

Scientists create octopus survival guide to minimize impacts of fishing
2024-04-11
Octopuses have been around for hundreds of millions of years, but did you know that most only live for a few years, dying soon after mating or laying eggs? Until now that hasn’t been a problem, but octopus catches have doubled in recent decades as the world strives to meet the nutritional demands of a rising global population. How do we ensure octopus fisheries remain sustainable, protecting the longevity of this ancient animal while guaranteeing the world doesn’t go hungry? An accurate, reliable, cost effective and easy-to-use method to determine an octopus’s ...

Esketamine injection just after childbirth reduces depression in new mothers

2024-04-11
A single low dose injection of esketamine given immediately after childbirth reduces major depressive episodes in individuals with depressive symptoms during pregnancy (prenatal depression), finds a clinical trial published by The BMJ today. The results suggest that low dose esketamine should be considered in new mothers with prenatal depressive symptoms. Depression is common during pregnancy and shortly after giving birth and can have several adverse effects on new mothers and their infants. Esketamine ...

Economic burden of childhood verbal abuse by adults estimated at $300 billion globally

2024-04-11
Childhood verbal abuse by adults costs society an estimated $300 billion (£239 billion) a year globally, show findings presented at the first international conference on childhood verbal abuse, hosted by UCL, Words Matter and the World Health Organization (WHO). The Words Matter: Impact and Prevention of Childhood Verbal Abuse conference marks the first time that experts from around the world have come together to focus attention on the lifetime damage of childhood verbal abuse and the need to develop solutions. Childhood ...

Scialog: Neurobiology and Changing Ecosystems to launch in 2025

2024-04-11
Tucson, AZ—Neural systems, shaped by millions of years of evolution, enable living things to perceive and react to their surroundings. But how does the nervous system adapt to today’s unprecedented challenge of rapid and extensive human-caused environmental changes, including exposure to pollution, toxins, and increasingly unpredictable environments? In 2025, Research Corporation for Science Advancement, The Paul G. Allen Frontiers Group, and The Kavli Foundation will launch a Scialog initiative to catalyze research to explore ...

ChatGPT could help reduce vaccine hesitancy and provide helpful advice on STIs

2024-04-11
Pilot study shows potential for using AI chatbots to assist public health campaigns in reducing vaccine hesitancy as well as providing helpful advice on STIs and access to care. **Note: the release below is a special early release from the ESCMID Global Congress (formerly ECCMID, Barcelona, Spain, 27-30 April). Please credit the congress if you use this story** **ECCMID has now changed name to ESCMID Global, please credit ESCMID Global Congress in all future stories** New research being presented at this year’s ESCMID Global ...

Aging adults have retreated from civic life since pandemic began, new research shows

2024-04-10
Years after the U.S. began to slowly emerge from mandatory COVID-19 lockdowns, more than half of older adults still spend more time at home and less time socializing in public spaces than they did pre-pandemic, according to new University of Colorado Boulder research.  Participants cited fear of infection and “more uncomfortable and hostile” social dynamics as key reasons for their retreat from civic life. “The pandemic is not over for a lot of folks,” said Jessica Finlay, an assistant professor of geography whose findings are revealed in a series of new papers. ...

The hidden role of the Milky Way in ancient Egyptian mythology

The hidden role of the Milky Way in ancient Egyptian mythology
2024-04-10
Ancient Egyptians were known for their religious beliefs and astronomical knowledge of the Sun, Moon, and planets, but up until now it has been unclear what role the Milky Way played in Egyptian religion and culture.  A new study by a University of Portsmouth astrophysicist sheds light on the relationship between the Milky Way and the Egyptian sky-goddess Nut.  Nut is goddess of the sky, who is often depicted as a star-studded woman arched over her brother, the earth god Geb. She protects the earth from being flooded by the encroaching waters of the void, and plays a key role in the solar cycle, swallowing the Sun as it sets at dusk ...

Major strides forward: MizzouForward makes new $5 million investment in student success initiatives

Major strides forward: MizzouForward makes new $5 million investment in student success initiatives
2024-04-10
In 2021, the University of Missouri launched MizzouForward, the boldest investment in the university’s 185-year history. The goals of the 10-year, $1.5 billion initiative include: Enriching students’ educational experiences Hiring 150 new faculty to Mizzou Boosting research productivity Strengthening the state’s economy Upgrading infrastructure on Mizzou’s campus   One of the earliest investments in MizzouForward involved dedicating more than $4 million to fund 53 student success initiatives, including ...

LAST 30 PRESS RELEASES:

Air pollution linked to longer duration of long-COVID symptoms

Soccer heading damages brain regions affected in CTE

Autism and neural dynamic range: insights into slower, more detailed processing

AI can predict study results better than human experts

Brain stimulation effectiveness tied to learning ability, not age

Making a difference: Efficient water harvesting from air possible

World’s most common heart valve disease linked to insulin resistance in large national study

Study unravels another piece of the puzzle in how cancer cells may be targeted by the immune system

Long-sought structure of powerful anticancer natural product solved by integrated approach

World’s oldest lizard wins fossil fight

Simple secret to living a longer life

Same plant, different tactic: Habitat determines response to climate

Drinking plenty of water may actually be good for you

Men at high risk of cardiovascular disease face brain health decline 10 years earlier than women

Irregular sleep-wake cycle linked to heightened risk of major cardiovascular events

Depression can cause period pain, new study suggests

Wistar Institute scientists identify important factor in neural development

New imaging platform developed by Rice researchers revolutionizes 3D visualization of cellular structures

To catch financial rats, a better mousetrap

Mapping the world's climate danger zones

Emory heart team implants new blood-pumping device for first time in U.S.

Congenital heart defects caused by problems with placenta

Schlechter named Cancer Moonshot Scholar

Two-way water transfers can ensure reliability, save money for urban and agricultural users during drought in Western U.S., new study shows

New issue of advances in dental research explores the role of women in dental, clinical, and translational research

Team unlocks new insights on pulsar signals

Great apes visually track subject-object relationships like humans do

Recovery of testing for heart disease risk factors post-COVID remains patchy

Final data and undiscovered images from NASA’s NEOWISE

Nucleoporin93: A silent protector in vascular health

[Press-News.org] Automation and orchestration of zero trust architecture: Potential solutions and challenges