Zero Trust Interoperability Working Group

Background

The variety of network topologies and security solutions in use, combined with the complexity of properly moving data across enterprises with varying security levels, make achieving Zero Trust Network Access (ZTNA) compatibility a challenging task. Complexities usually come from the requirement to integrate ZTNA with legacy systems, ensure easy access for cloud and on-premises apps, and maintain fine-grained control over user permissions in a variety of circumstances. When security concerns and user experience demands are balanced, the process becomes even more difficult; robust authentication methods and intricate coordination are required.

This project will investigate the compatibility of technologies such as SAML 2.0, OpenID Connect, and entitlement tokens, using NIST standards (SP 800-162 and SP 800-207) to enable fine-grained access control and zero trust principles. By addressing virtual to physical translation, service mesh adaptations, threat intelligence, CI/CD pipeline security, OT and 5G infrastructure, and secure database-driven applications, we aim to develop a robust framework for ZTNA interoperability.

This initiative will involve collaboration from multiple agencies and companies to harness diverse expertise in overcoming these challenges.

Overall Project Objective and Mission

The purpose of this project is to drive modernization and transformational efforts with Zero Trust, shaping the industry market landscape by addressing government-specific requirements and enhancing understanding across all Federal Government sectors.

Project Approach 

Monthly Working Group

Duration and Timeline 

6 Month – monthly meeting for 1 hour

Outcomes/Briefs:

●    Playbook for Implementations
●    Whitepaper/Research Results
●    Usable References/Frameworks
●    Debriefs/Forums
●    Policy Recommendations
●    Extending Partnerships/Collaborative Initiatives

Membership and Experience

Membership consists of Federal and industry cybersecurity professionals.  Various ranges of experience can be expected; we will look for briefings and discussions that will move the subject toward a productive outcome for all parties.  There will be a focus on a mixture of expertise from Defense and Civilian delivery teams. 

The deadline to sign up as a volunteer is August 9, 2024

 

VOLUNTEER NOW

For inquiries about participation in this project, please contact Reneta Din at [email protected]

Department of Defense

Playbook for implementations, Other
White paper/Research results, White Paper
Usable references/Frameworks, Other
Debriefs/Forums, Presentation
Policy Recommendations, Other

Click on e-mail address to send e-mail to a Project Lead.
Tammy Bean
Theodore Gates

Project Approved on

Status

In Progress

Project Completion

Feb 3, 2025

Reference Group(s)

Cybersecurity Community of Interest

Interests

Cybersecurity

RFA, Project, or Activity?

Project