Improve security by using blockchain technology as an enabling factor for Zero-Trust frameworks

<div _ngcontent-c16 = "" innerhtml = "

Shutterstock

The most recent concept that has improved user interactions with networks and between them is the zero-trust framework. presents a different angle of network security We understand the basics and practical aspects of the framework and we evaluate the use of blockchain as an enabling factor

The traditional security model

In the perimeter of an organization , the traditional security approaches are initially designed for the optimal protection of that organization. Before being able to enter, the verification of trust had to be conducted. In reality, there were no requirements for further checks. For example, the security of traditional network is like a castle with a moat, the moat is similar to a system that prevents the villains from entering the castle: until someone has confidence, we will let them enter the castle.

So, what's wrong with this itional model?

In truth, many people believe that everything within the network of an organization is reliable. However, this hypothesis is very obsolete. After all, this era is plagued by a series of threats, sophisticated attacks and different methods to connect with networks. Data, applications, devices and users are gradually surpassing the control center of organizations. Therefore, the compatibility of new age business models and complex traditional models tends to zero. In short, devices, applications, and users are moving outside and have become a source of destruction for the once-reliable organization perimeter.

In the traditional castle-moat model, there are many possibilities. One of these examples is when an attacker is inside the perimeter. The question is: what happens to such a person inside the castle? Since the user is already inside the network, it is considered to be tested and reliable. As a result, this authenticated user performs an unauthorized operation. This movement is known as lateral movement. ""

Aggressors mostly use lateral movement to maneuver a network when they search for the crude data treasure in organizations. Surprisingly, the infiltration point is usually not in the destination location. For example, infiltration at the end point means that the attacker must circumvent a network in a sideways movement to reach the target database. Several years ago, Target witnessed an IT attack. What the hackers did was to compromise the company's HVAC provider. In the end, they stole personal information and payment from Target customers. This shows that hackers could violate the perimeter and enter the network to cause chaos.

The Zero-Trust framework

With this technology, each service in the perimeter is validated without a selective trust. A simple analogy is guards at the entrance to a building. The traditional model is to mount the guards at the gate that will keep the infiltrators out, but the zero-trust structure mounts the guards at the entrance to each door of the building to checkmate the threats. The framework supports the verification "and does not trust the principle". This led to the elimination of users or trusted applications. Therefore, security runs deep within the network's DNA.

This "verification and never trust the model" is used by companies to prevent threats or filter them out of their system. Regardless of where the request comes from, the zero-trust framework is designed to provide better access to services. However, there may be different authorization rights for the individual networks in each source. To eliminate this, the paths to the resources are minimized. As a result of this, the verification of access is mandatory.

The role of Blockchain in strengthening the security of the Zero-Trust frameworks

The effect of the blockchain on computer security has grown considerably. Even if the effects are minimal, the future will see a drastic change in the blockchain security mechanisms. Access management, user authentication and transaction security are three security points that the blockchain will implement. For example, imagine a current employee trying to access a workplace system. It is expected that the blockchain technology will recognize them (especially if they have just made access), authenticate their trust and allow them access. Alternatively, a new contractor working on a project that attempts to access the same system can not access the system. This is because the registry found that the user has not interacted with the system or device in the past. This also happens when they try to access the network from an unidentified location.

Because of its ability to improve IT security, several organizations can sufficiently enhance their security network by using distributed ledger technology (DLP). Using a distributed computer network, the ledger is subsequently shared among a group of participants. The "highly accessible" system is also transparent and visible to the participants. For this reason, most companies or organizations maintain a visible corporate blockchain. Therefore, every transaction in the organization is visible to restricted operators.

The implementation of a zero reliability policy can be further secured by a blockchain because of its pure and immutable nature. In summary, the blockchain mechanism in zero-security frameworks includes:

Suspicious detection in some online transactions

Isolation of the connection

Restriction of access to & User until a security team or system administrator sanctions the transactions.

Best practices for obtaining a Zero-Trust framework

Blockchain is not the only way to configure a zero trust framework. Zero trust can also be achieved through any system or platform that respects these basic principles:

Always use multi-factor authentication methods. (HOTP / TOTP as an example).

Validation and verification of the authenticity of a device at each access attempt.

Enable access mechanisms with minimum privileges throughout the IT infrastructure. [19659003] • Enables privileged access management (PAM) for sensitive applications.

Make sure all systems have the latest security patches and keep them up-to-date.

monitoring and vulnerability assessments.

In the current risk scene, well-funded and incredibly skilled cybercriminals are continually trying to gather crucial data from organizations. Where current security approaches fail to ensure the security of digital assets, zero trusts can help protect your systems and resources.

Forbes Technology Council is an invitation-only community for CIOs, CTOs and world-class technology executives.
Do I qualify?

">

The most recent concept that has improved user interactions with networks and between them is the zero-trust framework. Although the applications of this framework are extensive, it has a different angle of network security. We understand the basics and practical aspects of the structure and evaluate the use of blockchain as an enabling factor.

The traditional security model

In the perimeter of an organization, traditional security approaches are initially designed for optimal protection of that organization. Before it could be entered, the verification of trust had to be conducted. In reality, there were no requirements for further checks. For example, traditional network security is like a castle with a moat. The moat is similar to a system that prevents villains from entering the castle. As long as someone trusts, we let them enter the castle.

So, what's wrong with this traditional model?

In truth, most people assume that everything within the network of an organization is reliable. However, this hypothesis is very obsolete. After all, this era is plagued by a series of threats, sophisticated attacks and different methods to connect with networks. Data, applications, devices and users are gradually surpassing the control center of organizations. Therefore, the compatibility of new age business models and complex traditional models tends to zero. In short, devices, applications, and users are moving outside and have become a source of destruction for the once-reliable organization perimeter.

In the traditional castle-moat model, there are many possibilities. One of these examples is when an attacker is inside the perimeter. The question is: what happens to such a person inside the castle? Since the user is already inside the network, it is considered to be tested and reliable. As a result, this authenticated user performs an unauthorized operation. This movement is known as a "lateral movement".

Attackers mainly use lateral movement to maneuver a network when they look for the raw data treasure in organizations. Surprisingly, the infiltration point is usually not in the destination location. For example, infiltration at the end point means that the attacker must circumvent a network in a sideways movement to reach the target database. Several years ago, Target witnessed an IT attack. What hackers did was to compromise the company's HVAC provider. In the end, they stole personal information and payment from Target customers. This shows that hackers could violate the perimeter and enter the network to wreak havoc.

The Zero-Trust framework

With this technology, each service in the perimeter is validated without a selective trust. A simple analogy is guards at the entrance to a building. The traditional model is to mount the guards at the gate that will keep the infiltrators out, but the zero-trust structure mounts the guards at the entrance to each door of the building to checkmate the threats. The framework confirms the "verification and never trust" principle. This led to the elimination of users or trusted applications. Therefore, security runs deep within the network's DNA.

This "verification and never trust" model is used by companies to prevent threats or filter them from their system. Regardless of where the request comes from, the zero-trust framework is designed to provide better access to services. However, there may be different authorization rights for the individual networks in each source. To eliminate this, the paths to the resources are minimized. As a result of this, the verification of access is mandatory.

The role of Blockchain in strengthening the security of the Zero-Trust frameworks

The effect of the blockchain on computer security has grown considerably. Even if the effects are minimal, the future will see a drastic change in the blockchain security mechanisms. Access management, user authentication and transaction security are three security points that the blockchain will implement. For example, imagine a current employee trying to access a workplace system. It is expected that the blockchain technology will recognize them (especially if they have just made access), authenticate their trust and allow them access. Alternatively, a new contractor working on a project that attempts to access the same system can not access the system. This is because the registry found that the user has not interacted with the system or device in the past. This also happens when they try to access the network from an unidentified location.

Because of its ability to improve IT security, several organizations can sufficiently enhance their security network by using distributed ledger technology (DLP). Using a distributed computer network, the ledger is subsequently shared among a group of participants. The "highly accessible" system is also transparent and visible to the participants. For this reason, most companies or organizations maintain a visible corporate blockchain. Therefore, every transaction in the organization is visible to restricted operators.

The implementation of a zero reliability policy can be further secured by a blockchain because of its pure and immutable nature. In summary, the blockchain mechanism in zero-security frameworks includes:

Suspicious detection in some online transactions

Isolation of the connection

Restriction of access to & User until a security team or system administrator sanctions the transactions.

Best practices for obtaining a Zero-Trust framework

Blockchain is not the only way to configure a zero trust framework. Zero trust can also be achieved through any system or platform that respects these basic principles:

Always use multi-factor authentication methods. (HOTP / TOTP as an example).

Validation and verification of the authenticity of a device at each access attempt.

Enable access mechanisms with minimum privileges throughout the IT infrastructure. [19659003] • Enables privileged access management (PAM) for sensitive applications.

Make sure all systems have the latest security patches and keep them up-to-date.

monitoring and vulnerability assessments.

In the current risk scene, well-funded and incredibly skilled cybercriminals are continually trying to gather crucial data from organizations. Where current security approaches do not take into account the security of digital assets, zero trusts can help protect systems and resources.

Source link