Chapter 3. Secure Connectivity
Networks no longer play a role in access control in general. While secure, efficient, scalable connectivity is the backbone of computing infrastructure, the network perimeter is no longer in charge. All subjects and objects, clients and resources—all hardware, software, and peopleware—must be able to communicate securely over untrusted networks regardless of their location. This is Zero Trust access, an important foundation for identity-based infrastructure access.
This chapter reviews patterns and techniques for modern connectivity management and lays the foundation for a set of practices that don’t rely on a network to provide security. Zero Trust is an important part of identity-native infrastructure access because it prevents an attacker from pivoting from one compromised system to the next. The identity-native approach routes all connectivity through Identity-Aware Proxies (IAPs) that permit only authenticated and encrypted connections.
Before we move further into this book, it is important to revisit the basic principles of cryptography, as cryptography is at the core of every technology that enables us to properly implement identity-native infrastructure access.
Cryptography
Securing communications with cryptography is not a new scheme. As far back as the time of Julius Caesar, substitution ciphers were used to conceal secret messages. Cryptography became important in World War I, as the invention of radio made it possible to transmit strategic ...
Get Identity-Native Infrastructure Access Management now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
