Traditional network security focuses on perimeter defenses, but many organisations, systems and processes no longer have a clearly defined network perimeter.
To protect a modern digital enterprise, companies need a comprehensive strategy for securely accessing their IT resources (e.g. applications, physical access control systems, portals, data resources, and devices) wherever they are located.
APIs in supply chains and cyber-physical systems (CPS) are proliferating exponentially across the technology landscape, creating a huge attack surface that security teams struggle to understand and defend.
Zero Trust Architecture (ZTA) refers to security concepts and threat models that no longer assume that actors, systems or services operating within the security perimeter are automatically trusted, but instead must verify everything and everyone who attempts to connect via an API to their systems resources before granting access.
Hence, ZTA is an important design philosophy to establish security mechanisms at the API layer of each individual IT resource for increasing API Endpoint Security in both, corporate infrastructures and open systems. Identity and authorization credentials as well as policies are a key enabler of securing the API endpoints.
These different ZTA approaches include:
1) ZTA Using Enhanced Identity Governance,
2) ZTA Using Micro-Segmentation, and
3) ZTA Using Network Infrastructure and Software Defined Perimeters.
Our presentation will demonstrate how Trust Frameworks and Identity Governance (1) are the foundational layer for a credentialing infrastructure. With this layer in place credentials can be used enable SW-defined perimeters (3).
We will provide in-depth insides how ecosystems solutions such as the Open Credentialing Initiative and Gaia-X are applying design patters using decentralized identity and verifiable credentials for (3).