Adoption of zero trust cybersecurity faces hurdles

Significance The deadline was issued in a May 12 executive order, which also called for the sharing of threat intelligence and enhanced detection and remediation of cyber incidents across government. Unlike traditional network architectures and cybersecurity approaches, ZTNA removes any implicit trust in hardware, software and people. Impacts Critical infrastructure such as health, finance and defence will lead on ZTNA adoption, as well as those adopting 5G and cloud services. ZTNA adoption will become a common requirement in M&A and cybersecurity insurance negotiations. Given the complexity of mature zero trust models, IT supply chains and subcontractors will remain attractive hacking targets.

A blockchain-based IoT trust model

The Internet of Things (IoT) is a heterogeneous network of interconnected objects or ‘things’ that are typically connected via the Internet. Trust in most IoT networks is presumed implicitly. This implicit trust assumption can be abused by adversaries to disrupt the network and manipulate reputations of trusted devices. To tackle IoT trust issues, we use permissioned blockchains that utilize Smart Contracts (executable policies) to evaluate and refine IoT devices’ trust. Blockchains replicate a permanent append-only record of all transactions occurring on a network on multiple devices. This prevents adversaries from modifying previous transactions to influence trust evaluations. In this thesis, we propose an IoT trust model that uses Blockchains to record and validate IoT devices’ identities and dynamically evaluates the trustworthiness of devices in the IoT network. Moreover, our model allows for different levels of security based on the sensitivity of data being transmitted across the IoT network.

A blockchain-based IoT trust model

The Internet of Things (IoT) is a heterogeneous network of interconnected objects or ‘things’ that are typically connected via the Internet. Trust in most IoT networks is presumed implicitly. This implicit trust assumption can be abused by adversaries to disrupt the network and manipulate reputations of trusted devices. To tackle IoT trust issues, we use permissioned blockchains that utilize Smart Contracts (executable policies) to evaluate and refine IoT devices’ trust. Blockchains replicate a permanent append-only record of all transactions occurring on a network on multiple devices. This prevents adversaries from modifying previous transactions to influence trust evaluations. In this thesis, we propose an IoT trust model that uses Blockchains to record and validate IoT devices’ identities and dynamically evaluates the trustworthiness of devices in the IoT network. Moreover, our model allows for different levels of security based on the sensitivity of data being transmitted across the IoT network.

Migrating to Zero Trust Architecture: Reviews and Challenges

Zero trust (ZT) is a new concept involving the provisioning of enterprise/organization resources to the subjects without relying on any implicit trust. Unlike the perimeter-based architecture in which any subject behind the wall (i.e., inside the predefined perimeter) is considered trusted, zero trust architecture (ZTA) processes any request and provides a resource to the subject without relying on implicit trust. In this paper, based on NIST Special Publication SP800-207, the concept of ZT and ZTA is introduced. Also, challenges, steps, and things to consider when migrating from the legacy architecture to ZTA are presented and discussed.

Research on Collaborative Filtering Recommendation Based on Trust Relationship and Rating Trust

In the Internet age, how to dig out useful information from massive data has become a research hotspot. The emergence of recommendation algorithms effectively solves the problem of information overload, but traditional recommendation algorithms face problems such as data sparseness, cold start, and low accuracy. Later social recommendation algorithms usually only use a single social trust information for recommendation, and the integration of multiple trust relationships lacks an efficient model, which greatly affects the accuracy and reliability of recommendation. This paper proposes a trust-based approach. Recommended algorithm. First, use social trust data to calculate user trust relationships, including user local trust and user global trust. Further based on the scoring data, an implicit trust relationship is calculated, called rating trust, which includes scoring local trust and scoring global trust. Then set the recommendation weight, build the preference relationship between users through user trust and rating trust, and form a comprehensive trust relationship. The trust relationship of social networks is integrated into the probability matrix decomposition model to form an efficient and unified trusted recommendation model TR-PMF. This algorithm is compared with related algorithms on the Ciao and FilmTrust datasets, and the results prove that our method is competitive with other recommendation algorithms.

A mobile services recommendation system fuses implicit and explicit user trust relationships

In recent years, with the development of advanced mobile applications, people’s various daily behavior data, such as geographic location, social information, hobbies, are more easily collected. To process these data, data cross-boundary fusion has become a key technology, and there are some challenges, such as solving the problems of the cross-boundary business integrity, cross-boundary value complementarity and so on. Mobile Services Recommendation requires improved recommendation accuracy. User trust is an effective measure of information similarity between users. Using trust can effectively improve the accuracy of recommendations. The existing methods have low utilization of general trust data, sparseness of trust data, and lack of user trust characteristics. Therefore, a method needs to be proposed to make up for the shortcomings of explicit trust relationships and improve the accuracy of user interest feature completion. In this paper, a recommendation model is proposed to mine the implicit trust relationships from user data and integrate the explicit social information of users. First, the rating prediction model was improved using the traditional Singular Value Decomposition (SVD) model, and the implicit trust relationships were mined from the user’s historical data. Then, they were fused with the explicit social trust relationships to obtain a crossover data fusion model. We tested the model using three different orders of magnitude. We compared the user preference prediction accuracies of two models: one that does not integrate social information and one that integrates social information. The results show that our model improves the user preference prediction accuracy and has higher accuracy for cold start users. On the three data sets, the average error is reduced by 2.29%, 5.44% and 4.42%, suggesting that it is an effective data crossover fusion technology.