摘要
Abstract
Zero trust is considered a new security paradigm.From the perspective of security models,this paper reveals the deepening and integration of security models in zero trust architecture,with"identity and data"as the main focus.Zero trust establishes a panoramic control object chain with identity at its core,builds defense-in-depth mechanisms around object attributes,functions,and lifecycles,and centrally redirects the flow of information between objects.It integrates information channels to achieve layered protection and fine-grained,dynamic access control.Finally,from an attacker's perspective,it sets up proactive defense mechanisms at key nodes in the information flow path.Since zero trust systems are bound to become high-value assets,this paper also explores the essential issues of inherent security and resilient service capabilities in zero-trust systems.Through the analysis of the security models embedded in zero-trust and its inherent security,this paper aims to provide a clearer technical development path for the architectural design,technological evolution,and self-protection of zero trust in its application.关键词
零信任/安全模型/身份信任模型/深度防御/访问控制/弹性化Key words
zero trust/security model/identity trust model/defense-in-depth/access control/resilience分类
信息技术与安全科学
