SlideShare a Scribd company logo

Zero trust architecture and MIS.pdf

Central Pattana Public Company Limited (CPN), profile picture
Central Pattana Public Company Limited (CPN)

The document discusses Zero-Trust Architecture, highlighting its principle of 'never trust, always verify', which ensures that access to resources is authenticated and monitored regardless of location. It contrasts traditional security methods with Zero-Trust, emphasizing vulnerabilities in perimeter-based systems and outlining core components such as encryption, least privilege access, and continuous monitoring. Additionally, it explores the integration of Distributed Ledger Technology (DLT) with Zero-Trust frameworks and various consensus mechanisms to enhance security across decentralized networks.

Technology
Related topics:
Information Security Management Information System
1 of 19
Download to read offline
1
2
3
4
Most read
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
Zero-Trust Architecture Kawin Suwanban | GMBA R10749088 Management Information System 2022 04 20 1
Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 2
Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 3
What is Zero-trust architecture 4 History The term "Zero-trust" was coined in April 1994 by Stephen Paul Marsh in his doctoral thesis on computer security at the University of Stirling Concept The zero trust security model is an approach to the design and implementation of IT systems. The main concept behind the zero trust security model is "never trust, always verify” which means that devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified.
Traditional vs Zero-trust architecture 5
Traditional vs Zero-trust architecture 6 Architecture Trust policy Impact from attacker Security perimeter Traditional Trust is based on network location that an access request is coming from. Enables attackers to move laterally within a network to get to the important data. Doesn’t extend security to the new perimeter Zero-trust Trust is established for every access request regardless of where the request is coming from. Secure access across companies’ applications and network. Ensure only right users & devices have access. Extends trust to support a modern companies with BYOD, cloud apps, hybrid environments & more.
Zero-Trust architecture core components 7 Components Detail Access Segmentation Every access to a resource must be appropriately segmented, in order that no single entity can access the entire network or even a large part of it. Universal Authentication All entities, including users, devices, applications, and workloads, having any form of interaction with the corporate network must be authenticated regardless of their location in the network. Encrypt as Much as Possible ZTA assumes a breach (i.e., the worst-case scenario), therefore, the network is always considered hostile, and trust cannot be inherently granted. That said, one must always assume that a potential adversary can intercept any type of communication happening throughout the network. As a result, all communications should be end-to-end encrypted The Principle of Least Privilege All entities in a ZTA must be restricted to the least amount of privilege required for that specific entity to complete its mission or operation. Continuous Monitoring and Adjusting Every entity (internal or external) in a ZTA should be monitored. In this context, all network traffic, system events, and access attempts should be monitored and recorded regardless of failure or success. These must be continuously analysed and cross- checked against the security policy. The outcome should be then used to adjust the relevant policies when needed.
Improve visibility within network Discovering and classifying all devices on the network are essential in a ZT- security strategy Faster issue resolution Inherent transparency and visibility in ZT-security networks enable IT specialists with different disciplines to spot issues faster and collaborate more cohesively Isolation of security incidents Even if one identity type is compromised, the others are not Secure usage of public/hybrid clouds CSP responsible for physical access, shared responsibility for logical access Secures data sharing outside of organization Allows for confidential exchange and collaboration Of data and applications both within and across business entities 8 What it enable companies to do? Lower risk of data breach Trustless security protocols eliminate points of attach by relying on systematic identify verification, especially in remote scenarios. Reduced scope and cost of compliance Segmentation of networks simplifies audits given that only specific segments are in scope for regulation Reduced capital and operating expenditures Zero trust security approaches consolidate multiple security protocols across network, eliminating redundancies while reducing number of security-management consoles needed Business Impact
Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 9
Distributed Ledger DLTs are public or private networks recording transactions across distributed infrastructure. Stored transactions are encrypted through unique, unchangeable hashes (for example, SHA 256 algorithm). Multiple nodes verify items based on permissions or economic incentives to reach majority consensus to add transactions to the ledger, called consensus mechanisms. Blockchain is a type of DLT, a public network with a shared ledger without central authority controlled by economic incentives for nodes to update the ledger. In a public network, economic incentives for transaction verification promise rewards to nodes as they credibly prove that transactions are legitimate; this is called mining. 10
Distributed Ledger 11
How can DLTs integrate with companies use case 12
Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 13
Zero-Trust architecture and distributed ledger intersection elements 14 Traditional Perimeter-Based Architecture Zero Trust Architecture Distributed ledger Technology Overall Approach Centralised Decentralised Decentralised Architectural focus Perimeter-Focused Borderless / Distributed Distributed Infrastructure trust level Trusted or semi- trusted in some cases Untrusted or trust but verify in some cases Untrusted
Blockchian based intrusion system 15 Context Assuming a blockchain enabled IDS, where multiple nodes, function as peers, are spread throughout the network for monitoring, gathering and data correlation purposes, they must reach consensus somehow. Challenge: What should be appropriate consensus mechanic? There must be an effective, practical, dependable, efficient, continuous, and secure mechanism to guarantee that all events and alerts are received and sent and are real and unaltered while all peer members concur to the status of the ledger. That said, there are several consensus mechanisms providing such capabilities, each one with their different attributes Concept Proof of Work (PoW) is a decentralized consensus mechanism that requires members of a network to expend effort solving an arbitrary mathematical puzzle. Proof of Stake (PoS) With proof-of-stake (POS), cryptocurrency owners validate block transactions based on the number of coins a validator stakes instead of solving puzzle. Hence, less energy used compared to PoW Practical Byzantine Fault Tolerance (PBFT) In PBFT, a predefined group of individuals function as validators. Participants must reach consensus when a new event occurs while at the same time, they must verify that no data has been modified during the event transmission. If 2/3 of the participants reach consensus, then the decision is considered final. Potential Consensus Mechanism
Blockchian based intrusion system 16 Context Assuming a blockchain enabled IDS, where multiple nodes, function as peers, are spread throughout the network for monitoring, gathering and data correlation purposes, they must reach consensus somehow. Challenge: What should be appropriate consensus mechanic? There must be an effective, practical, dependable, efficient, continuous, and secure mechanism to guarantee that all events and alerts are received and sent and are real and unaltered while all peer members concur to the status of the ledger. That said, there are several consensus mechanisms providing such capabilities, each one with their different attributes Concept Potential Consensus Mechanism Consensus mechanisms PoW PoS PBFT Energy Consumption Require high amount of energy Require less energy consumption Require less energy consumption Advanced hardware requirement Required Not required Not required Centralization Decentralized Partially Centralized Centralized Double Spending Attack Possible Difficult N/A Scalability Not Scalable Scalable Scalable Memory Requirement Significant due to public ledger Significant due to public ledger Less than PoW or PoS Security Attack with 51% is possible Attack with 51% not possible May have a single point of failure
References 17 Kindervag, J. (2021, January 1). What is Zero Trust? IBM. Retrieved May 11, 2022, from https://www.ibm.com/topics/zero-trust Mckinsey Digital. (2021, January 1). The top technology trends. The top trends in tech. Retrieved May 10, 2022, from https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/the-top-trends-in-tech Pinto, R. (2018, August 23). Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Retrieved May 11, 2022, from https://www.forbes.com/sites/forbestechcouncil/2018/08/23/enhancing-security-by-leveraging-blockchain-tech-as-an-enabler-for- zero-trust-frameworks/?sh=6bd1dd0e3192 Raina, K. (2021, May 6). What is Zero Trust Security? Principles of the Zero Trust Model. CrowdStrike. Retrieved May 10, 2022, from https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/ Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020, August). Zero Trust Architecture.
References 18 Alevizos, L., Ta, V. T., & Eiza, M. H. (2021, November 15). Augmenting Zero Trust Architecture to Endpoints Using Blockchain: A State- of-The-Art Review. Retrieved April 29, 2022, from https://www.researchgate.net/publication/350577973_Augmenting_Zero_Trust_Architecture_to_Endpoints_Using_Blockchain_A_ Systematic_Review Encora. (2022, January 14). Factors Impacting the Adoption of Trust Architectures and Frameworks. Encora. Retrieved May 10, 2022, from https://www.encora.com/insights/the-factors-driving-the-adoption-of-trust-architectures-and-frameworks Forbes. (2018, August 13). Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Retrieved May 1, 2022, from https://www.forbes.com/sites/forbestechcouncil/2018/08/23/enhancing-security-by-leveraging-blockchain-tech-as-an-enabler-for- zero-trust-frameworks/?sh=4c28d2b93192 Gregory, M. (2019, January 1). What is a Trust Architecture and how service oriented systems help us think about trust in software development? Ockam. Retrieved May 11, 2022, from https://www.ockam.io/learn/blog/Introduction_to_Trust_Architectures
Thank You 19

More Related Content

PPTX
Top Blockchain App Development Company Driving Innovation in Web3 & Decentral...
Vegavid Technology
 
PDF
Comprehensive List Of Blockchain Security Tools
SoluLab1231
 
PDF
Decentralised Infrastructure_ The Future of Tech Made Simple.pdf
ZkaGi
 
DOCX
Use case of block chain unit 4 AKTU
Rohit Verma
 
PDF
BlockChain Enabled-Cloud Delivered For Network Secuirty
Happiest Minds Technologies
 
PDF
20MCE22 - BLOCKCHAIN TECHNOLOGY_NOTES.pdf
DSIVABALASELVAMANIMC
 
PPTX
622640_AYUSH KATIYAR_Cyber-Security In Blockchain Technology.pptx
ayushkatiyar972194
 
PPTX
Webinar-GBA Episode 7-Managing blockchain infrastructure for enterprise-grade...
Zeeve
 
Top Blockchain App Development Company Driving Innovation in Web3 & Decentral...
Vegavid Technology
 
Comprehensive List Of Blockchain Security Tools
SoluLab1231
 
Decentralised Infrastructure_ The Future of Tech Made Simple.pdf
ZkaGi
 
Use case of block chain unit 4 AKTU
Rohit Verma
 
BlockChain Enabled-Cloud Delivered For Network Secuirty
Happiest Minds Technologies
 
20MCE22 - BLOCKCHAIN TECHNOLOGY_NOTES.pdf
DSIVABALASELVAMANIMC
 
622640_AYUSH KATIYAR_Cyber-Security In Blockchain Technology.pptx
ayushkatiyar972194
 
Webinar-GBA Episode 7-Managing blockchain infrastructure for enterprise-grade...
Zeeve
 

Similar to Zero trust architecture and MIS.pdf (20)

PDF
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
PPTX
Iot 7-12-2021
GagninderKaur
 
PPTX
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
PDF
Blockchain Smart Manufacturing .pdf
JohnWard824710
 
PDF
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
IRJET Journal
 
PPTX
Blockchain Technology Unit 4.pptxmmmmmmmmm
Sneha167282
 
PPTX
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
PDF
IRJET- Blockchain-A Secure Mode for Transaction
IRJET Journal
 
PDF
br-security-connected-top-5-trends
Christopher Bennett
 
PPTX
Blockchain.pptx
praneelkumarperuru
 
PDF
A decentralized consensus application using blockchain ecosystem
IJECEIAES
 
PDF
Reputation-Based Consensus for Blockchain Technology in Smart Grid
IJNSA Journal
 
PPTX
Second line of defense for cybersecurity : Blockchain
Ahmed Banafa
 
PPTX
Machine learning presentation in using pyhton
masukmia.com
 
PPTX
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
PPTX
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
PPTX
Zero Trust Network Access
Er. Ajay Sirsat
 
DOCX
Block chain technology a myriad of possibilities
Ramanujam Vangipuram
 
PDF
Enterprise Blockchain: Top Considerations Before You Deploy
Kaleido
 
PDF
Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...
Martin Ruubel
 
(SACON) Jim Hietala - Zero Trust Architecture: From Hype to Reality
Priyanka Aash
 
Iot 7-12-2021
GagninderKaur
 
What is a secure enterprise architecture roadmap?
Ulf Mattsson
 
Blockchain Smart Manufacturing .pdf
JohnWard824710
 
A STUDY ON ADOPTION OF BLOCKCHAIN TECHNOLOGY IN CYBERSECURITY
IRJET Journal
 
Blockchain Technology Unit 4.pptxmmmmmmmmm
Sneha167282
 
How to Overcome Network Access Control Limitations for Better Network Security
Cryptzone
 
IRJET- Blockchain-A Secure Mode for Transaction
IRJET Journal
 
br-security-connected-top-5-trends
Christopher Bennett
 
Blockchain.pptx
praneelkumarperuru
 
A decentralized consensus application using blockchain ecosystem
IJECEIAES
 
Reputation-Based Consensus for Blockchain Technology in Smart Grid
IJNSA Journal
 
Second line of defense for cybersecurity : Blockchain
Ahmed Banafa
 
Machine learning presentation in using pyhton
masukmia.com
 
ZERO TRUST ARCHITECTURE - DIGITAL TRUST FRAMEWORK
Maganathin Veeraragaloo
 
Zero Trust: Redefining Security in the Digital Age
Arnold Antoo
 
Zero Trust Network Access
Er. Ajay Sirsat
 
Block chain technology a myriad of possibilities
Ramanujam Vangipuram
 
Enterprise Blockchain: Top Considerations Before You Deploy
Kaleido
 
Guardtime_KSI_Use_of_a_globally_distributed_blockchain_to_secure_SDN_whitepap...
Martin Ruubel
 
Ad

Recently uploaded (20)

PDF
Advanced IT Governance
University of Hertfordshire
 
PDF
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
DOCX
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
PDF
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
PPTX
Cloud computing and distributed systems.
kkkkkhan
 
PDF
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
PDF
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
PDF
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PDF
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
PDF
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
PDF
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
PDF
KodekX | Application Modernization Development
KodekX
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Advanced IT Governance
University of Hertfordshire
 
Optimiser vos workloads AI/ML sur Amazon EC2 et AWS Graviton
Julien SIMON
 
The AUB Centre for AI in Media Proposal.docx
GAONE9
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Advanced Soft Computing BINUS July 2025.pdf
University of Hertfordshire
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Per capita expenditure prediction using model stacking based on satellite ima...
IAESIJAI
 
Cloud computing and distributed systems.
kkkkkhan
 
Review of recent advances in non-invasive hemoglobin estimation
IAESIJAI
 
GDG Cloud Iasi [PUBLIC] Florian Blaga - Unveiling the Evolution of Cybersecur...
athlonica
 
[발표본] 너의 과제는 클라우드에 있어_KTDS_김동현_20250524.pdf
ssuserf8b8bd1
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
GamePlan Trading System Review: Professional Trader's Honest Take
SOFTTECHHUB
 
Machine learning based COVID-19 study performance prediction
IAESIJAI
 
Shreyas Phanse Resume: Experienced Backend Engineer | Java • Spring Boot • Ka...
SHREYAS PHANSE
 
KodekX | Application Modernization Development
KodekX
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Ad

Zero trust architecture and MIS.pdf

  • 1. Zero-Trust Architecture Kawin Suwanban | GMBA R10749088 Management Information System 2022 04 20 1
  • 2. Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 2
  • 3. Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 3
  • 4. What is Zero-trust architecture 4 History The term "Zero-trust" was coined in April 1994 by Stephen Paul Marsh in his doctoral thesis on computer security at the University of Stirling Concept The zero trust security model is an approach to the design and implementation of IT systems. The main concept behind the zero trust security model is "never trust, always verify” which means that devices should not be trusted by default, even if they are connected to a permissioned network such as a corporate LAN and even if they were previously verified.
  • 5. Traditional vs Zero-trust architecture 5
  • 6. Traditional vs Zero-trust architecture 6 Architecture Trust policy Impact from attacker Security perimeter Traditional Trust is based on network location that an access request is coming from. Enables attackers to move laterally within a network to get to the important data. Doesn’t extend security to the new perimeter Zero-trust Trust is established for every access request regardless of where the request is coming from. Secure access across companies’ applications and network. Ensure only right users & devices have access. Extends trust to support a modern companies with BYOD, cloud apps, hybrid environments & more.
  • 7. Zero-Trust architecture core components 7 Components Detail Access Segmentation Every access to a resource must be appropriately segmented, in order that no single entity can access the entire network or even a large part of it. Universal Authentication All entities, including users, devices, applications, and workloads, having any form of interaction with the corporate network must be authenticated regardless of their location in the network. Encrypt as Much as Possible ZTA assumes a breach (i.e., the worst-case scenario), therefore, the network is always considered hostile, and trust cannot be inherently granted. That said, one must always assume that a potential adversary can intercept any type of communication happening throughout the network. As a result, all communications should be end-to-end encrypted The Principle of Least Privilege All entities in a ZTA must be restricted to the least amount of privilege required for that specific entity to complete its mission or operation. Continuous Monitoring and Adjusting Every entity (internal or external) in a ZTA should be monitored. In this context, all network traffic, system events, and access attempts should be monitored and recorded regardless of failure or success. These must be continuously analysed and cross- checked against the security policy. The outcome should be then used to adjust the relevant policies when needed.
  • 8. Improve visibility within network Discovering and classifying all devices on the network are essential in a ZT- security strategy Faster issue resolution Inherent transparency and visibility in ZT-security networks enable IT specialists with different disciplines to spot issues faster and collaborate more cohesively Isolation of security incidents Even if one identity type is compromised, the others are not Secure usage of public/hybrid clouds CSP responsible for physical access, shared responsibility for logical access Secures data sharing outside of organization Allows for confidential exchange and collaboration Of data and applications both within and across business entities 8 What it enable companies to do? Lower risk of data breach Trustless security protocols eliminate points of attach by relying on systematic identify verification, especially in remote scenarios. Reduced scope and cost of compliance Segmentation of networks simplifies audits given that only specific segments are in scope for regulation Reduced capital and operating expenditures Zero trust security approaches consolidate multiple security protocols across network, eliminating redundancies while reducing number of security-management consoles needed Business Impact
  • 9. Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 9
  • 10. Distributed Ledger DLTs are public or private networks recording transactions across distributed infrastructure. Stored transactions are encrypted through unique, unchangeable hashes (for example, SHA 256 algorithm). Multiple nodes verify items based on permissions or economic incentives to reach majority consensus to add transactions to the ledger, called consensus mechanisms. Blockchain is a type of DLT, a public network with a shared ledger without central authority controlled by economic incentives for nodes to update the ledger. In a public network, economic incentives for transaction verification promise rewards to nodes as they credibly prove that transactions are legitimate; this is called mining. 10
  • 12. How can DLTs integrate with companies use case 12
  • 13. Agenda ● Zero-Trust architecture ● Distributed ledger technology (DLT) ● Zero-Trust + DLT 13
  • 14. Zero-Trust architecture and distributed ledger intersection elements 14 Traditional Perimeter-Based Architecture Zero Trust Architecture Distributed ledger Technology Overall Approach Centralised Decentralised Decentralised Architectural focus Perimeter-Focused Borderless / Distributed Distributed Infrastructure trust level Trusted or semi- trusted in some cases Untrusted or trust but verify in some cases Untrusted
  • 15. Blockchian based intrusion system 15 Context Assuming a blockchain enabled IDS, where multiple nodes, function as peers, are spread throughout the network for monitoring, gathering and data correlation purposes, they must reach consensus somehow. Challenge: What should be appropriate consensus mechanic? There must be an effective, practical, dependable, efficient, continuous, and secure mechanism to guarantee that all events and alerts are received and sent and are real and unaltered while all peer members concur to the status of the ledger. That said, there are several consensus mechanisms providing such capabilities, each one with their different attributes Concept Proof of Work (PoW) is a decentralized consensus mechanism that requires members of a network to expend effort solving an arbitrary mathematical puzzle. Proof of Stake (PoS) With proof-of-stake (POS), cryptocurrency owners validate block transactions based on the number of coins a validator stakes instead of solving puzzle. Hence, less energy used compared to PoW Practical Byzantine Fault Tolerance (PBFT) In PBFT, a predefined group of individuals function as validators. Participants must reach consensus when a new event occurs while at the same time, they must verify that no data has been modified during the event transmission. If 2/3 of the participants reach consensus, then the decision is considered final. Potential Consensus Mechanism
  • 16. Blockchian based intrusion system 16 Context Assuming a blockchain enabled IDS, where multiple nodes, function as peers, are spread throughout the network for monitoring, gathering and data correlation purposes, they must reach consensus somehow. Challenge: What should be appropriate consensus mechanic? There must be an effective, practical, dependable, efficient, continuous, and secure mechanism to guarantee that all events and alerts are received and sent and are real and unaltered while all peer members concur to the status of the ledger. That said, there are several consensus mechanisms providing such capabilities, each one with their different attributes Concept Potential Consensus Mechanism Consensus mechanisms PoW PoS PBFT Energy Consumption Require high amount of energy Require less energy consumption Require less energy consumption Advanced hardware requirement Required Not required Not required Centralization Decentralized Partially Centralized Centralized Double Spending Attack Possible Difficult N/A Scalability Not Scalable Scalable Scalable Memory Requirement Significant due to public ledger Significant due to public ledger Less than PoW or PoS Security Attack with 51% is possible Attack with 51% not possible May have a single point of failure
  • 17. References 17 Kindervag, J. (2021, January 1). What is Zero Trust? IBM. Retrieved May 11, 2022, from https://www.ibm.com/topics/zero-trust Mckinsey Digital. (2021, January 1). The top technology trends. The top trends in tech. Retrieved May 10, 2022, from https://www.mckinsey.com/business-functions/mckinsey-digital/our-insights/the-top-trends-in-tech Pinto, R. (2018, August 23). Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Retrieved May 11, 2022, from https://www.forbes.com/sites/forbestechcouncil/2018/08/23/enhancing-security-by-leveraging-blockchain-tech-as-an-enabler-for- zero-trust-frameworks/?sh=6bd1dd0e3192 Raina, K. (2021, May 6). What is Zero Trust Security? Principles of the Zero Trust Model. CrowdStrike. Retrieved May 10, 2022, from https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/ Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020, August). Zero Trust Architecture.
  • 18. References 18 Alevizos, L., Ta, V. T., & Eiza, M. H. (2021, November 15). Augmenting Zero Trust Architecture to Endpoints Using Blockchain: A State- of-The-Art Review. Retrieved April 29, 2022, from https://www.researchgate.net/publication/350577973_Augmenting_Zero_Trust_Architecture_to_Endpoints_Using_Blockchain_A_ Systematic_Review Encora. (2022, January 14). Factors Impacting the Adoption of Trust Architectures and Frameworks. Encora. Retrieved May 10, 2022, from https://www.encora.com/insights/the-factors-driving-the-adoption-of-trust-architectures-and-frameworks Forbes. (2018, August 13). Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Enhancing Security By Leveraging Blockchain Tech As An Enabler For Zero-Trust Frameworks. Retrieved May 1, 2022, from https://www.forbes.com/sites/forbestechcouncil/2018/08/23/enhancing-security-by-leveraging-blockchain-tech-as-an-enabler-for- zero-trust-frameworks/?sh=4c28d2b93192 Gregory, M. (2019, January 1). What is a Trust Architecture and how service oriented systems help us think about trust in software development? Ockam. Retrieved May 11, 2022, from https://www.ockam.io/learn/blog/Introduction_to_Trust_Architectures