Journal of Information Security Research ›› 2020, Vol. 6 ›› Issue (7): 608-614.

Previous Articles     Next Articles

A Survey of Zero Trust Research

  

  • Received:2020-07-05 Online:2020-07-05 Published:2020-07-05

零信任研究综述

张宇,张妍   

  1. 北京数字认证股份有限公司
  • 通讯作者: 张宇
  • 作者简介:张宇 博士,工程师,主要研究发现为网络安全. zhangyu18@bjca.org.cn 张妍 硕士,主要研究方向为PKI及其应用、密码学、网络与信息安全. zhangyan123@bjca.org.cn

Abstract: With the popularization of cloud computing, mobile office and other technologies, the enterprise network structure becomes complex. The traditional network security model is based on the idea of boundary protection, which can not meet the current needs. Zero trust is a new network security model, where no distinction is made between internal and external networks and all entities need authentication and authorization before accessing resources, which can be used to protect the network whose perimeter is increasingly fuzzy. This paper gives the definition of zero trust, introduces the architecture of zero trust, analyzes the core technology of zero trust, compares and analyses several representative zero trust schemes, summarizes the development status, points out the research direction needing attention in this field, which can provide reference for the research and application of zero trust.

摘要: 随着云计算,移动办公等技术的普及,企业网络结构变得复杂.传统的网络安全模型基于边界防护的思想,无法适应当前的需求.零信任是一种新的网络安全模型,不区分内外网,所有实体访问资源均需要认证、授权,能够用于防护边界日益模糊的网络.给出了零信任的定义,介绍了零信任的架构,分析了其依赖的核心技术,对代表性的几个零信任方案进行了对比分析,并总结了发展现状,指出了该领域中需要重点关注的研究方向,可为零信任的研究与应用提供参考.