Perimeter defense strategies are inadequate to ensure cybersecurity of infrastructures consisting of heterogeneous and dynamic resources. The Zero Trust security model emerges as the most promising solution to mitigate risks and protect assets, but significant organizational and implementation challenges hinder its adoption. Microsegmentation of networked systems composed by dynamic IT components and mobile devices cause several technological and management concerns. We present a comprehensive analysis of microsegmentation with the goal of identifying the key aspects that distinguish it from traditional perimeter defenses. We then propose a modular architectural design pattern that ensures adherence to the Zero Trust principles and satisfies its security constraints. This design is based on the concept of Security Domain, which represents the fundamental unit of network segmentation. By combining multiple Security Domains and following precise rules that provably preserve network security, it becomes possible to create complex infrastructures from elementary building blocks. We provide also a formal specification of the proposed design by means of the TLA+ modeling language. We leverage this model to verify its correctness and security properties even in the presence of insider threats.
Zanasi, C., Marchetti, M., Colajanni, M. (2024). Cybersecurity Domains: A design pattern for creating Zero Trust Architectures through microsegmentation. Institute of Electrical and Electronics Engineers Inc. [10.1109/dasc64200.2024.00009].
Cybersecurity Domains: A design pattern for creating Zero Trust Architectures through microsegmentation
Zanasi, Claudio
;Colajanni, Michele
2024
Abstract
Perimeter defense strategies are inadequate to ensure cybersecurity of infrastructures consisting of heterogeneous and dynamic resources. The Zero Trust security model emerges as the most promising solution to mitigate risks and protect assets, but significant organizational and implementation challenges hinder its adoption. Microsegmentation of networked systems composed by dynamic IT components and mobile devices cause several technological and management concerns. We present a comprehensive analysis of microsegmentation with the goal of identifying the key aspects that distinguish it from traditional perimeter defenses. We then propose a modular architectural design pattern that ensures adherence to the Zero Trust principles and satisfies its security constraints. This design is based on the concept of Security Domain, which represents the fundamental unit of network segmentation. By combining multiple Security Domains and following precise rules that provably preserve network security, it becomes possible to create complex infrastructures from elementary building blocks. We provide also a formal specification of the proposed design by means of the TLA+ modeling language. We leverage this model to verify its correctness and security properties even in the presence of insider threats.I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
