Zero Trust
As an end user, it is convenient to trust your laptop, specific people, and specific software applications. Much of the issues with security for any organization, whether physical or logical, comes from someone trusting. Security issues are often caused by accidents; it’s like leaving a gate open and letting a pet out. With the pet, it may not make sense to do a double gate system, whereby one gate has to be closed to open the other. With technology, we need to employ security far more effectively than two gates; we need both defaults to closed and fails closed.
Sessions in zero trust, once authorized, are trusted until they are terminated. Any new session between a subject and target actors must be reauthorized prior to passing either control or data plane traffic. In the future, life cycle sessions may monitor a session for indications of extraordinary behavior such as gross variations in throughput or quality. The life cycle session would have the ability to...
