零信任的安全模型研究OA北大核心CSTPCD

Zero trust is considered a new security paradigm.From the perspective of security models,this paper reveals the deepening and integration of security models in zero trust architecture,with"identity and data"as the main focus.Zero trust establishes a panoramic control object chain with identity at its core,builds defense-in-depth mechanisms around object attributes,functions,and lifecycles,and centrally redirects the flow of information between objects.It integrates information channels to achieve layered protection and fine-grained,dynamic access control.Finally,from an attacker's perspective,it sets up proactive defense mechanisms at key nodes in the information flow path.Since zero trust systems are bound to become high-value assets,this paper also explores the essential issues of inherent security and resilient service capabilities in zero-trust systems.Through the analysis of the security models embedded in zero-trust and its inherent security,this paper aims to provide a clearer technical development path for the architectural design,technological evolution,and self-protection of zero trust in its application.