Application of Data Collected by Endpoint Detection and Response Systems for Implementation of a Network Security System based on Zero Trust Principles and the EigenTrust Algor

03/17/2022
by   Nitesh Kumar, et al.
0

Traditionally, security systems for enterprises have implicit access based on strong cryptography, authentication and key sharing, wherein access control is based on Role Based Access Control (RBAC), in which roles such as manager, accountant and so on provide a way of deciding a subject's authority. However, years of post-attack analysis on enterprise networks has shown that a majority of times, security breaches occur intentionally or accidently due to implicitly trusted people of an enterprise itself. Zero Trust Architecture works on the principle of never granting trust implicitly, but rather continuously evaluating the trust parameters for each resource access request and has a strict, but not rigid, set of protocols for access control of a subject to resources. Endpoint Detection and Response (EDR) systems are tools that collect a large number of attributes in and around machines within an enterprise network to have close visibility into sophisticated intrusion. In our work, we seek to deploy EDR systems and build trust algorithms using tactical provenance analysis, threshold cryptography and reputation management to continuously record data, evaluate trust of a subject, and simultaneously analyze them against a database of known threat vectors to provide conditional access control. However, EDR tools generate a high volume of data that leads to false alarms, misdetections and correspondingly a high backlog of tasks that makes it infeasible, which is addressed using tactical provenance analysis and information theory.

READ FULL TEXT
research
09/22/2022

Zero Trust Federation: Sharing Context under User Control toward Zero Trust in Identity Federation

To securely control access to systems, the concept of Zero Trust has bee...
research
05/04/2021

Intelligent Zero Trust Architecture for 5G/6G Tactical Networks: Principles, Challenges, and the Role of Machine Learning

In this position paper, we discuss the critical need for integrating zer...
research
08/21/2023

SCC5G: A PQC-based Architecture for Highly Secure Critical Communication over Cellular Network in Zero-Trust Environment

5G made a significant jump in cellular network security by offering enha...
research
03/15/2022

Zero Trust Architecture for 6G Security

The upcoming sixth generation (6G) network is envisioned to be more open...
research
12/23/2020

Enabling Secure and Effective Biomedical Data Sharing through Cyberinfrastructure Gateways

Dynaswap project reports on developing a coherently integrated and trust...
research
09/03/2021

A Trust Management System for the IoT domain

In modern internet-scale computing, interaction between a large number o...
research
11/16/2020

TDACS: an ABAC and Trust-based Dynamic Access Control Scheme in Hadoop

The era of big data has promoted the vigorous development of many indust...

Please sign up or login with your details

Forgot password? Click here to reset