The security model relying on the traditional defense of the perimeter cannot protect modern dynamic organizations. The emerging paradigm called zero trust proposes a modern alternative that enforces access control on every request and avoids implicit trust based on the physical location of people and devices. These architectures rely on several trusted components, but existing proposals make the unrealistic assumption that attackers cannot compromise some of them. We overcome these assumptions and present a novel survivable zero trust architecture that can guarantee the necessary security level for cloud computing environments. The proposed architecture guarantees a high level of security and robustness and under specific conditions it can tolerate intrusions and can recover from failures and successful attacks.

Survivable zero trust for cloud computing environments / Ferretti, L.; Magnanini, F.; Andreolini, M.; Colajanni, M.. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 110:(2021), pp. 102419-102419. [10.1016/j.cose.2021.102419]

Survivable zero trust for cloud computing environments

Ferretti L.;Magnanini F.
;Andreolini M.;Colajanni M.
2021

Abstract

The security model relying on the traditional defense of the perimeter cannot protect modern dynamic organizations. The emerging paradigm called zero trust proposes a modern alternative that enforces access control on every request and avoids implicit trust based on the physical location of people and devices. These architectures rely on several trusted components, but existing proposals make the unrealistic assumption that attackers cannot compromise some of them. We overcome these assumptions and present a novel survivable zero trust architecture that can guarantee the necessary security level for cloud computing environments. The proposed architecture guarantees a high level of security and robustness and under specific conditions it can tolerate intrusions and can recover from failures and successful attacks.
2021
1-ago-2021
110
102419
102419
WOS:000703432300002
2-s2.0-85112329365
Survivable zero trust for cloud computing environments / Ferretti, L.; Magnanini, F.; Andreolini, M.; Colajanni, M.. - In: COMPUTERS & SECURITY. - ISSN 0167-4048. - 110:(2021), pp. 102419-102419. [10.1016/j.cose.2021.102419]
Ferretti, L.; Magnanini, F.; Andreolini, M.; Colajanni, M.
File in questo prodotto:
Non ci sono file associati a questo prodotto.
Pubblicazioni consigliate

Licenza Creative Commons
I metadati presenti in IRIS UNIMORE sono rilasciati con licenza Creative Commons CC0 1.0 Universal, mentre i file delle pubblicazioni sono rilasciati con licenza Attribuzione 4.0 Internazionale (CC BY 4.0), salvo diversa indicazione.
In caso di violazione di copyright, contattare Supporto Iris

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11380/1251609
Citazioni
  • ???jsp.display-item.citation.pmc??? ND
  • Scopus 20
  • ???jsp.display-item.citation.isi??? 16
social impact