Cyber threats have become highly sophisticated, prompting a heightened concern for endpoint security, especially in critical infrastructure, to new heights. A security model, such as Zero Trust Architecture (ZTA), is required to overcome this challenge. ZTA treats every access request as new and assumes no implicit trust. Critical infrastructure like power plants, healthcare systems, financial systems, water supply, and military assets are especially prone to becoming targets for hackers and phishing attacks. This proposes a comprehensive framework for integrating tailored ZTA into organizations that manage sensitive operations. The paper highlights how the ZTA framework can enhance compliance, enabling continuous protection, thereby reducing attack surfaces. This paper aims to address the gap that exists in applying ZTA to endpoint management within cloud environments for critical infrastructure.
翻译:网络威胁已变得高度复杂,将端点安全(尤其是关键基础设施领域)的关注度提升至新的高度。为应对这一挑战,需要采用零信任架构等安全模型。ZTA将每次访问请求视为全新请求,且不预设任何隐式信任。发电厂、医疗系统、金融系统、供水系统及军事资产等关键基础设施尤其容易成为黑客攻击和网络钓鱼的目标。本研究提出一个综合性框架,旨在将定制化的ZTA集成至管理敏感业务的组织机构中。本文重点阐述ZTA框架如何通过增强合规性实现持续防护,从而缩减攻击面。本研究致力于填补关键基础设施在云环境端点管理中应用ZTA的理论与实践空白。