Konferenzbeitrag
Context-based Access Control and Trust Scores in Zero Trust Campus Networks
Lade...
Volltext URI
Dokumententyp
Text/Conference Paper
Dateien
Zusatzinformation
Datum
2020
Autor:innen
Zeitschriftentitel
ISSN der Zeitschrift
Bandtitel
Quelle
Verlag
Gesellschaft für Informatik e.V.
Zusammenfassung
Research networks are used daily by thousands of students and scientific staff for education and research and therefore have a large number of sensitive and valuable resources. The currently predominant perimeter security model is failing more and more often to provide sufficient protection against attackers. This paper analyses to what extent the zero trust model that is popular in some commercial networks can also be applied to the open and heterogeneous research network of a German university. The concept presented herein to implement such an identity-based network model focuses in particular on the components which are necessary for authentication and authorization. The feasibility of the model is demonstrated by a self-implemented prototype that protects access control to a prominent eLearning system called Moodle. Non-functional performance tests show an increase in performance compared to the current system where access control is only conducted inside the web application. The Zero Trust Model enables the determination of the trustworthiness of individual identities and thus offers valuable new ways to secure a research network.