Achieving Zero Trust(Course: Access Control)
patel
SafeAssignOriginalityReport1.pdf
9/21/21, 12:11 PM SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_143471_1&paperId=4730594695&&attemptId=04911a7b-5662-427a-acbc-6312ea1f89da&course_id=_1… 1/6
10814.202210 - FALL 2021 - ACCESS CONTROL (ISOL-531-M50) - FULL TERM
Assignment: Achieving Zero Trust Bhanu Teja Posani on Tue, Sep 21 2021, 1:05 PM
67% highest match Submission ID: 04911a7b-5662-427a-acbc-6312ea1f89da
Attachments (1)
AchievingZeroTrustModelBhanu Posani.docx
1 ZERO TRUST MODEL 1
ZERO TRUST MODEL 2
2 ACHIEVING ZERO TRUST ACCESS CONTROL
Bhanu Teja Posani University of the Cumberlands
Dr. Dennis Backherms
September 21, 2021
Introduction
Zero Trust is a technique to safeguard data and systems from security or data breaches by distrusting everyone
and any device entering the network or systems until they are verified successfully (Embrey, 2020). 3 THIS
ALSO APPLIES TO ALL NETWORK LOOP USERS. 2 APPLYING 'NEVER TRUST, ALWAYS
VERIFY' ATTITUDE (ROSE ET AL. 2019), Zero Trust Model safeguards modern digital domains through
network segmentation, hindering lateral migration, and enabling Layer 7 to provide safety protection to the
network.
4 PURPOSE OF ZERO TRUST MODEL THE REPORT FINDINGS DEMONSTRATE THAT ZERO
TRUST'S AIM IS TO ENSURE THAT NOBODY IS TRUSTED IN THE NETWORK OR WITHOUT,
INCLUDING THOSE DEVICES THAT WISH TO CONNECT TO A NETWORK AND ALREADY
LINKED. 2 IT IS BASED ON FIRM IDENTITY VERIFICATION THAT ENSURES THAT EVERY
DEVICE CONNECTED TO A NETWORK IS AUTHENTICATED AT ANY GIVEN TIME. 4 THE
ZERO TRUST MODEL ADDS ANOTHER SECURITY LAYER TO AN ALREADY SECURED
NETWORK BY NOT TRUSTING ANYONE OR ANY DEVICE TO OPTIMIZE THE SAFETY OF THE
NETWORK.
Differences of Zero Trust Model from Other Security Frameworks Unlike existing security frameworks, the
Zero Trust Model integrates many methodologies and ideas to the security of the network in an integral way.
4 IT IS DIFFERENT FROM PREVIOUS SECURITY MODELS SINCE THE ZERO TRUST MODEL
DEEMS EVERY USER AND DEVICE IN AND WITHOUT THE NETWORK UNRELIABLE AND
AchievingZeroTrustModelBhanu Posani.docx Word Count: 715 Attachment ID: 4730594695
67%
9/21/21, 12:11 PM SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_143471_1&paperId=4730594695&&attemptId=04911a7b-5662-427a-acbc-6312ea1f89da&course_id=_1… 2/6
THUS REQUIRES THEM TO VERIFY IDENTITIES, AS THIS ELIMINATES THE NOTED
VULNERABILITY LINKED WITH THE LATTER.
2 THE OVERVIEW OF THE ZERO TRUST MODEL THE RESULTS REVEAL THAT THE ZERO
TRUST MODEL BEGINS WITH THE DEVELOPMENT OF AN IDENTITY AND ACCESS
MANAGEMENT STRUCTURE (IAM) TO ACHIEVE ITS IDENTITY-LED SECURITY OBJECTIVE
WITHIN A NETWORK DOMAIN OF THE ORGANIZATION. 4 THE IAM INCLUDES
COMPONENTS LIKE PRIVILEGED ACCESS MANAGEMENT, AUTOMATED LIFECYCLE
CONTROL FOR ALL USERS WITHIN AND OUTSIDE THE NETWORK OF THE ENTERPRISE,
COMPREHENSIVE IDENTITY MANAGEMENT AND EFFECTIVE MULTI-FACTOR
AUTHENTICATION.
THE RESULTS REVEAL FURTHER THAT THE ZERO TRUST MODEL WORKS BY ALLOWING
SECURITY PERSONNEL TO IDENTIFY A 'COIL SURFACE.' The coil surface comprises the network's
most critical components, including important data, values, services and applications. Once the IT safety
specialists have determined the cushion surface, traffic flow throughout the network domain in terms of the
cushion surface is now easier to detect.
2 THE ZERO TRUST MODEL USES A SEGMENTING PASSAGE TO OFFER A GRANULAR VIEW
OF TRAFFIC AND CARRY OUT FURTHER ACCESS CONTROL AND EVALUATION LAYERS
UNDER LAYER 7 PREMISES, WHICH SPECIFIES THE "KIPLING METHOD" POLICY FOR
ZERO TRUST BASED ON WHO, WHEN, WHY AND HOW" (ROSE ET AL., 2019). 4 THE ZERO
TRUST PROTOCOL RESTRICTS THE TRAFFIC PASSING THROUGH THE MICRO PERIMETER
AT ALL TIME THEREBY PREVENTING UNWANTED ACCESS TO THE COIL SURFACE AND
PROTECTING IMPORTANT INFORMATION FROM POSSIBLE ROBBERY.
5 ZERO TRUST MODEL INTEGRATES LEAST PRIVILEGE ACCESS
Using IAM, the Zero Trust Model incorporates RBAC's Least Privilege Access to limit users' network access
depending on their responsibilities. 4 FOR EXAMPLE, IF A USER IS AN EMPLOYEE IN AN
ORGANIZATION THAT ACTS AS THE WEB MANAGER, THE ZERO CONFIDENTIALITY
MODEL USES THE LEAST PRIVILEGE ACCESS THROUGH RBAC TO LIMIT ACCESS BY THIS
USER TO SPECIFIC RESOURCES WHICH PERTAIN TO ITS FUNCTION SUCH AS, BUT ONLY
TO A CERTAIN LEVEL, GIVING IT OR ITS ADMINISTRATOR PRIVILEGES.
Conclusion
The Zero Trust model tackles the flaws of the existing security frameworks that comply with the "castle and
moat" paradigm (Assunção, 2019). The 'Castle and Float' idea assumes the users of the network to be
trustworthy and therefore to rely on network resources. 4 HOWEVER, IT REQUIRES ANY USER OR
DEVICE FROM OUTSIDE THE NETWORK TO PROVE THEIR IDENTITY.
Recommendation The Zero Trust Model is recommended in this research to any companies seeking security
solutions that offer excellent protection of data and systems. 4 THE ZERO TRUST MODEL USES A
MULTI-LAYERED DEFENSE TECHNIQUE TO DEFEND NETWORKS AND SYSTEMS AGAINST
SECURITY VIOLATIONS.
References
9/21/21, 12:11 PM SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_143471_1&paperId=4730594695&&attemptId=04911a7b-5662-427a-acbc-6312ea1f89da&course_id=_1… 3/6
Assunção, P. (2019). 6 A ZERO TRUST APPROACH TO NETWORK SECURITY. In Proceedings of the
Digital Privacy and Security Conference 2019.
Rose, S. 4 W., BORCHERT, O., MITCHELL, S., & CONNELLY, S. (2020). 7 ZERO TRUST
ARCHITECTURE.
Embrey, B. (2020). 8 THE TOP THREE FACTORS DRIVING ZERO TRUST ADOPTION.
COMPUTER FRAUD & SECURITY, 2020(9), 13-15.
Citations (8/8)
Matched Text
1 Another student's paper
2 Another student's paper
3 Another student's paper
4 Another student's paper
5 Another student's paper
6 Another student's paper
7 Another student's paper
8 Another student's paper
Suspected Entry: 100% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx ZERO TRUST MODEL 1
Source - Another student's paper Zero Trust Model 1
Suspected Entry: 100% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx ZERO TRUST MODEL 2
Source - Another student's paper Zero Trust Model 2
Suspected Entry: 67% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx ACHIEVING ZERO TRUST ACCESS CONTROL
Source - Another student's paper Assignment Achieving Zero Trust
Suspected Entry: 68% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx APPLYING 'NEVER TRUST, ALWAYS VERIFY&APOS
Source - Another student's paper Using the 'never trust, constantly verify&apos
Suspected Entry: 70% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx ATTITUDE (ROSE ET AL
Source - Another student's paper (Rose et al., 2019)
Suspected Entry: 65% match
9/21/21, 12:11 PM SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_143471_1&paperId=4730594695&&attemptId=04911a7b-5662-427a-acbc-6312ea1f89da&course_id=_1… 4/6
Uploaded - AchievingZeroTrustModelBhanu Posani.docx IT IS BASED ON FIRM IDENTITY VERIFICATION THAT ENSURES THAT EVERY DEVICE CONNECTED TO A NETWORK IS AUTHENTICATED AT ANY GIVEN TIME
Source - Another student's paper It is based on a firm identity check that ensures that almost everyone and every smartphone connecting the network is authenticated at the moment
Suspected Entry: 71% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE OVERVIEW OF THE ZERO TRUST MODEL THE RESULTS REVEAL THAT THE ZERO TRUST MODEL BEGINS WITH THE DEVELOPMENT OF AN IDENTITY AND ACCESS MANAGEMENT STRUCTURE (IAM) TO ACHIEVE ITS IDENTITY-LED SECURITY OBJECTIVE WITHIN A NETWORK DOMAIN OF THE ORGANIZATION
Source - Another student's paper The results also indicate that Zero Trust Model begins with applying an Identity and Access Management Framework (IAM) to achieve its identity- led security objective within the virtual network of an institution
Suspected Entry: 71% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE ZERO TRUST MODEL USES A SEGMENTING PASSAGE TO OFFER A GRANULAR VIEW OF TRAFFIC AND CARRY OUT FURTHER ACCESS CONTROL AND EVALUATION LAYERS UNDER LAYER 7 PREMISES, WHICH SPECIFIES THE "KIPLING METHOD"
Source - Another student's paper The Zero Trust model uses a segmenting portal to provide such a complete view on traffic and carry out additional layers of availability control and evaluation in Layer 7, focusing on the "Kipling Method,"
Suspected Entry: 69% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx POLICY FOR ZERO TRUST BASED ON WHO, WHEN, WHY AND HOW"
Source - Another student's paper which defines Zero Trust policies based as to who, what, when, why, and how"
Suspected Entry: 100% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx (ROSE ET AL., 2019)
Source - Another student's paper (Rose et al., 2019)
Suspected Entry: 83% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THIS ALSO APPLIES TO ALL NETWORK LOOP USERS
Source - Another student's paper This also applies to all connection loop users
Suspected Entry: 76% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx PURPOSE OF ZERO TRUST MODEL THE REPORT FINDINGS DEMONSTRATE THAT ZERO TRUST'S AIM IS TO ENSURE THAT NOBODY IS TRUSTED IN THE NETWORK OR WITHOUT, INCLUDING THOSE DEVICES THAT WISH TO CONNECT TO A NETWORK AND ALREADY LINKED
Source - Another student's paper The Purpose of Zero Trust Model Report findings show that the purpose of Zero trust is to ensure that no one within or without the network is trusted including the devices seeking to connect to a network and those that are already connected
Suspected Entry: 81% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE ZERO TRUST MODEL ADDS ANOTHER SECURITY LAYER TO AN ALREADY SECURED NETWORK BY NOT TRUSTING ANYONE OR ANY DEVICE TO OPTIMIZE THE SAFETY OF THE NETWORK
Source - Another student's paper By not trusting anyone or any device, the Zero Trust Model adds another layer of security to an already secured network thus making the network security function at an optimum
Suspected Entry: 67% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx Source - Another student's paper
9/21/21, 12:11 PM SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_143471_1&paperId=4730594695&&attemptId=04911a7b-5662-427a-acbc-6312ea1f89da&course_id=_1… 5/6
IT IS DIFFERENT FROM PREVIOUS SECURITY MODELS SINCE THE ZERO TRUST MODEL DEEMS EVERY USER AND DEVICE IN AND WITHOUT THE NETWORK UNRELIABLE AND THUS REQUIRES THEM TO VERIFY IDENTITIES, AS THIS ELIMINATES THE NOTED VULNERABILITY LINKED WITH THE LATTER
The fact that the Zero Trust Model considers every user and device within and without the network untrustworthy hence requiring them to verify their identities makes it different from the traditional security models because it eliminates the aforementioned vulnerability associated with the latter
Suspected Entry: 70% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE IAM INCLUDES COMPONENTS LIKE PRIVILEGED ACCESS MANAGEMENT, AUTOMATED LIFECYCLE CONTROL FOR ALL USERS WITHIN AND OUTSIDE THE NETWORK OF THE ENTERPRISE, COMPREHENSIVE IDENTITY MANAGEMENT AND EFFECTIVE MULTI- FACTOR AUTHENTICATION
Source - Another student's paper The IAM incorporates such components as management of privileged access, automated lifecycle control for all users within and outside the organization’s network, extensive identity administration, and functional multi-factor authentication (MFA) (Rose et al., 2019)
Suspected Entry: 73% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE RESULTS REVEAL FURTHER THAT THE ZERO TRUST MODEL WORKS BY ALLOWING SECURITY PERSONNEL TO IDENTIFY A 'COIL SURFACE.&APOS
Source - Another student's paper The findings further show that the Zero Trust Model works by allowing the security personnel to pinpoint a 'cushion surface&apos
Suspected Entry: 62% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE ZERO TRUST PROTOCOL RESTRICTS THE TRAFFIC PASSING THROUGH THE MICRO PERIMETER AT ALL TIME THEREBY PREVENTING UNWANTED ACCESS TO THE COIL SURFACE AND PROTECTING IMPORTANT INFORMATION FROM POSSIBLE ROBBERY
Source - Another student's paper The Zero Trust protocol regulates the passage of traffic through the micro- perimeter at any given moment thereby inhibiting unauthorized access to the cushion surface and protecting critical data from possible theft
Suspected Entry: 73% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx FOR EXAMPLE, IF A USER IS AN EMPLOYEE IN AN ORGANIZATION THAT ACTS AS THE WEB MANAGER, THE ZERO CONFIDENTIALITY MODEL USES THE LEAST PRIVILEGE ACCESS THROUGH RBAC TO LIMIT ACCESS BY THIS USER TO SPECIFIC RESOURCES WHICH PERTAIN TO ITS FUNCTION SUCH AS, BUT ONLY TO A CERTAIN LEVEL, GIVING IT OR ITS ADMINISTRATOR PRIVILEGES
Source - Another student's paper For instance, if a user is an employee within an organization performing the role of a web administrator, then the Zero Trust Model uses the least privilege access via RBAC to limit this user’s access to specific resources that pertain to his or her role such as granting him or her administrator privileges but only to a certain level
Suspected Entry: 76% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx HOWEVER, IT REQUIRES ANY USER OR DEVICE FROM OUTSIDE THE NETWORK TO PROVE THEIR IDENTITY
Source - Another student's paper It, however, requires any user or device accessing the network from the outside to verify their identities
Suspected Entry: 67% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE ZERO TRUST MODEL USES A MULTI-LAYERED DEFENSE TECHNIQUE TO DEFEND NETWORKS AND SYSTEMS AGAINST SECURITY VIOLATIONS
Source - Another student's paper This is because the Zero Trust Model applies a multi-layered defense approach in protecting networks and systems against security breaches
Suspected Entry: 80% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx W., BORCHERT, O., MITCHELL, S., & CONNELLY, S
Source - Another student's paper Rose, S., Borchert, O., Mitchell, S., & Connelly, S
9/21/21, 12:11 PM SafeAssign Originality Report
https://ucumberlands.blackboard.com/webapps/mdb-sa-BB5a31b16bb2c48/originalityReportPrint?course_id=_143471_1&paperId=4730594695&&attemptId=04911a7b-5662-427a-acbc-6312ea1f89da&course_id=_1… 6/6
Suspected Entry: 75% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx ZERO TRUST MODEL INTEGRATES LEAST PRIVILEGE ACCESS
Source - Another student's paper How Zero Trust Model Integrates Least Privilege Access via Role-Based Access
Suspected Entry: 70% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx A ZERO TRUST APPROACH TO NETWORK SECURITY
Source - Another student's paper Survey on Zero-Trust Network Security
Suspected Entry: 100% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx ZERO TRUST ARCHITECTURE
Source - Another student's paper Zero trust architecture
Suspected Entry: 100% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx THE TOP THREE FACTORS DRIVING ZERO TRUST ADOPTION
Source - Another student's paper The top three factors driving zero trust adoption
Suspected Entry: 100% match
Uploaded - AchievingZeroTrustModelBhanu Posani.docx COMPUTER FRAUD & SECURITY, 2020(9), 13-15
Source - Another student's paper Computer Fraud & Security, 2020(9), 13-15
