Last November, Google cloud communicates on a technological advance initiated in 2011, presenting itself as part of the principle of Zero-trust, named "Beyond Corp", which would ensure better security of their customers' data companies [1]
What is the Zero Trust?
In August 2020, the US NIST produced a standard of recommendations for Zero Trust architectures.[2]
In 2021, the Zero Trust strategy was the subject of two French reference publications:
The Zero Trust concept is not a turnkey solution, but an Implicit Trust model focused on the user, based on dynamic and granular controls:
- Access to resources should be granted on a need-to-know basis;
- access must be given on the basis of the lowest level of privilege necessary to perform the task;
- Access requests must be controlled in the same way regardless of their origin (the entity's "inside" or "outside" perimeter);
- The resource access policy must be dynamic and take into account a large number of attributes (identities of the accessor and the accessed resource, sensitivity of the resources requested, user behavioral analysis, access times, etc.);
- The entity must ensure the security of all its assets when access is requested and on a recurring basis during use;
- Authentications and access permissions to resources should be re-evaluated regularly.
Finally, in November 2022, the US DoD issued its Zero Trust strategy.[5]
We asked the artificial intelligence ChatGPT to define these principles... and the result is incredibly relevant.
Zero trust is a security approach that involves not automatically trusting a user, device or service, even if they are within the protected network area. This means that all access requests are authenticated and authorized before being granted, regardless of the user's location or prior knowledge. This principle is often used to enhance the security of enterprise networks and cloud systems.
Zero knowledge is an approach to data privacy that protects sensitive information while keeping it accessible to authorized users. It is an encryption method that allows a third party to verify the information without being able to read it. This means that the data is encrypted in such a way that only the owner can decrypt it, even if it is stored or passed through a third party. This technique is often used in cloud storage systems, encrypted email systems and online payment systems.
The "Zero Trust": a breakthrough principle finally on the agenda!
The good news in this communication from Google on Zero Trust is that, in line with NIST and DoD, and one month after Apple announced the availability of end-to-end encrypted storage on i-Cloud[6]a new GAFAM pillar officially recognizes that a new layer of end-to-end security is needed to confidently use its cloud-hosted data servers.
At a time when cyber threats have never been so important (espionage, sabotage and extra-territorial judicialization), at a time when Europe wants to impose digital sovereignty on its Administrations, its Companies and its Citizens, talking about security, and in particular about Zero Trust, is finally becoming an obligatory commercial argument that is arriving in force on the market and that is becoming unavoidable in order to sell quality secure services on the Cloud.
Security according to Google: "Trust!"
We have to admit that talking about Zero Trust as Google does in this techno-marketing article is a bit of a deception!
At best, we could talk about "Google Trust". Google's approach is based on a classic vision of security, which consists in considering that only what is in the internal network is trusted, even if Beyond Corp provides an undeniable layer of fine-grained rights management at the network level.
The Zero Trust according to Google would finally be presented as a security model based on the permanent verification of network requests but delegated to a third party, Google in this case. Trust Google!
But is the ZERO TRUST just that?
The "Beyond Corp" approach would finally be only a classical implementation of rights management that relies on a new Google service of intermediation and filtering of the flows.[1]
The Zero Trust according to Google = The "Google Trust
Google's approach is based on a fairly basic operation of the information system, which is still based on identity and control of flows by a proprietary trust system that accesses all information.
The problem with this approach is that it consists in always trusting three spies:
- the honest but curious internal admirer
- the cloud provider Google
- the US administration and US extraterritorial laws.
In this vision, we are moving from an intranet where everyone has access to everything, to a Zero Trust approach which means :
"Please finally implement satisfactory access control."
It is a necessary but not sufficient approach because its implementation consists in trusting a single external actor, namely Google, and behind it the framework set by the American administration.
While it provides protection from some external cyber threats in particular, the primary cyber threat, extraterritorial forensics, is completely unconverted. Thus, a dishonest administrator could change the data without the owner's approval and an honest but curious administrator could read the data over the shoulder of its legitimate owner.
But by the way, who REALLY holds the keys to my data?
Zero Trust according to Parsec = the end user trusts only himself
The Parsec approach[7 ] [8] is, on the contrary, the "ultimate" Zero Trust [9] and Zero Knowledge [10] where trust is never delegated: the user remains the sole and ultimate master of his data.
Beyond the first impression of marketing catch-all or buzzword, the concept of Zero trust is on the contrary a notion of basic IT security that goes far beyond what current architectures based on the centralized web can provide.
This concept consists in defying all intermediaries: Cloud providers, outsourcing providers, network or internet infrastructure providers, "honest but curious" system administrators, extra-territorial laws and, on the contrary, in entrusting the end-user with the responsibility of his security on his perimeter of responsibility, notably that of the data, at the hardware, human and software level.
Comparison of the threats between the two "Zero Trust" models
[1] https://cloud.google.com/blog/fr/topics/developers-practitioners/le-zero-trust-et-beyondcorp-de-google-cloud?hl=fr&pref=k
[2] SP 800-207 Zero Trust Architecture: https: //csrc.nist.gov/publications/detail/sp/800-207/final
[3] https://www.ssi.gouv.fr/agence/publication/le-modele-zero-trust/
[4]https://www.cigref.fr/wp/wp-content/uploads/2022/02/Vers-une-philosophie-Zero-Trust-Une-rupture-dans-la-continuite-pour-la-securite-des-applications-fevrier-2022.pdf
[5] https://dodcio.defense.gov/Portals/0/Documents/Library/DoD-ZTStrategy.pdf
[6]https://www.apple.com/newsroom/2022/12/apple-advances-user-security-with-powerful-new-data-protections/
[7] Open source software: https: //github.com/Scille/parsec-cloud/
[8] Software certified CSPN by the ANSSI : https://www.ssi.gouv.fr/entreprise/certification_cspn/parsec-version-2-0-0/
[9] No one but me has the key to my data.
[10] No one but me has access to my data in the clear.
