The Zero Trust Framework

The Zero Trust Framework

by Ravindra Das
Released May 2023
Publisher(s): CRC Press
ISBN: 9781000922493

Read it now on the O’Reilly learning platform with a 10-day free trial.

O’Reilly members get unlimited access to books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Book description

In this book, we review both the concepts and mechanics behind the Zero Trust Framework. We also introduce advanced technologies into it as well, including the use of Biometrics, the Public Key Infrastructure, and Quantum Mechanics/Quantum Cryptography.

Table of contents

  1. Cover Page
  2. Half Title page
  3. Title Page
  4. Copyright Page
  5. Dedication
  6. Contents
  7. Acknowledgments
  8. 1 Introduction
  9. 2 The Fundamental Components of the Zero Trust Framework
    1. The Password
    2. The Rise of Two-Factor Authentication
    3. Multifactor Authentication
    4. An Introduction to Biometrics
    5. Definition and Unique Features
    6. The Process of Identification
    7. Other Important Concepts
    8. The Biometric Sensor
    9. A Review of Fingerprint Recognition
      1. The Process of Fingerprint Recognition
      2. Fingerprint Recognition Quality Control Checks
    10. A Review of Facial Recognition
      1. The Techniques of Facial Recognition – Unique Feature Extraction
    11. Iris Recognition
      1. The Physiological Structure of the Iris
      2. Iris Recognition: How It Works
    12. Conclusions
  10. 3 The Public Key Infrastructure and BioCryptography
    1. An Overview of the Public Key Infrastructure (PKI)
    2. What It Is All About
      1. The Public Key and the Private Key
      2. The Mathematical Algorithms of the PKI
      3. The Components of the PKI
      4. The Digital Certificates
      5. How Public Key Infrastructure Works
      6. Public Key Infrastructure Policies and Rules
      7. The LDAP Protocol
      8. The PKI Standards
      9. Parameters of Public Keys and Private Keys
    3. A Review into Biocryptography
      1. The Cipher Biometric Template
      2. Biocryptography in an MFA for the Zero Trust Framework
    4. Biocryptography and Virtual Private Networks
    5. The Hashing Mechanism
  11. 4 Quantum Physics
    1. The Origins of the Zero Trust Framework
      1. In 2011
      2. In 2018
      3. In 2019
      4. In 2021
      5. From 2021 to Present
    2. The Demise of Perimeter Security
    3. The Emergence of the Zero Trust Framework
      1. The Basic Zero Trust Framework Model
      2. What Is Segmentation?
    4. The Advantages of the Zero Trust Framework
    5. The Disadvantages of the Zero Trust Framework
    6. Some of the Best Practices
    7. The Flaws with the Traditional Zero Trust Framework Model
    8. The Use of Biometrics
    9. The Weakness of Repeated Authorization and Authentication
    10. The Strains of an On Prem PAM
    11. Why PAM Is Better Suited for the Cloud
    12. The Advantages of Using PAM in the Cloud
    13. A Best Practices Guide for Deploying a PAM-Based Solution
    14. The Mistakes that Are Made when Deploying PAM Solutions and How to Fix Them
    15. The Importance of Just in Time (JIT) Access
      1. The Types of JIT Access Accounts
      2. The Benefits of JIT Access
    16. The Four Pillars to PAM Success
    17. The Finer Points of Privileged Access Management
    18. The Use of Quantum Mechanics in Our Proposed Model of the Zero Trust Framework
    19. Quantum Cryptography
    20. The Literature Review
    21. The Quantum Key Distribution Center (QKDC)
    22. The Photon Particle Array Structures
    23. Our Proposed Zero Trust Framework Model
  12. 5 Threat Modeling/Threat Hunting
    1. What Exactly Is Threat Modeling?
    2. The Process Involved in Threat Modeling
    3. Making the Case for Threat Modeling
      1. To the Software Development Team
      2. From Upper Management
      3. From the Project Management Team
    4. How to Have Quality-Based Threat Modeling Meetings
      1. The Composition of the Team Meetings
      2. The Decision-Making Process
      3. The Components of an Effective Threat Modeling Meeting
      4. The Penetration Testing Process
      5. Automated Penetration Testing and Its Benefits
    5. How to Carry Out Threat Modeling in the Software Development Lifecycle
      1. The Waterfall Methodology
      2. The Agile Methodology
    6. Valuing Your Threat Modelers
    7. Measuring the Overall Value of Threat Hunting
    8. When Does Threat Modeling End in the Project Management or SDLC?
    9. Another Way to Measure Threat Modeling Success
    10. Who Leads the Threat Modeling Team?
    11. Widely Used Threat Modeling Techniques
    12. Sources for Chapter 5
  13. 6 Conclusions

Product information

  • Title: The Zero Trust Framework
  • Author(s): Ravindra Das
  • Release date: May 2023
  • Publisher(s): CRC Press
  • ISBN: 9781000922493