Clarifying Zero Trust: The Model, the Philosophy, the Ethos

Friday, November 03, 2017 - 9:45 am10:30 am

Evan Gilman; Doug Barth, Stripe

Abstract: 

The world is changing, though our network security models have had difficulty keeping up. In a time where remote work is regular and cloud mobility is paramount, the perimeter security model is showing its age—badly.

We deal with VPN tunnel overhead and management. We spend millions on fault-tolerant perimeter firewalls. We carefully manage all entry and exit points on the network, yet still we see ever-worsening breaches year over year. The Zero Trust model aims to solve these problems.

Zero Trust networks are built with security at the forefront. No packet is trusted without cryptographic signatures. Policy is constructed using software and user identity rather than IP addresses. Physical location and network topology no longer matter. The Zero Trust model is very unique, indeed.

In this talk, we'll discuss the philosophy and origin of the Zero Trust model, why it's needed, and what it brings to the table.

Evan Gilman[node:field-speakers-institution]

Evan Gilman is a Network Engineer turned SRE. With experience in protocol analysis, distributed systems design and network security, Evan has been building systems in untrusted networks his entire life. An open source contributor, author, and speaker, Evan's passion lies in designing systems which strike a balance with the network they run on.

Doug Barth, Stripe

Doug is a software generalist with extensive operational experience. Currently an SRE at Stripe, Doug has run the gamut of technical responsibility. Having previously worked with Evan Gilman as an SRE at PagerDuty, he and Evan are co-authors of the upcoming O'Reilly book "Zero Trust Networks".

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

Presentation Audio

BibTeX
@conference {207185,
author = {Evan Gilman and Doug Barth},
title = {Clarifying Zero Trust: The Model, the Philosophy, the Ethos},
year = {2017},
address = {San Francisco, CA},
publisher = {{USENIX} Association},
}