Modelling and Analysing Zero-Trust-Architectures Regarding Performance and Security

Integrating a Zero Trust Architecture (ZTA) into a system is a step towards establishing a
good defence against external and internal threats. However, there are different approaches
to integrating a ZTA which vary in the used components, their assembly and allocation. The
earlier in the development process those approaches are evaluated and the right one is selected
the more costs and effort can be reduced.
In this thesis, we analyse the most prominent standards and specifications for integrating
a ZTA and derive a general model by extracting core ZTA tasks and logical components.
We model these using the Palladio Component Model to enable assessing ZTAs at design
time. In our components, we encapsulate different variations of the functionality of these
components to make them reusable and adaptable to the varying ZTA approaches. We make
our components extensible to allow developers to adjust them to their design requirements. We
combine performance and security annotations to create a single model which supports both
performance and security analysis. By doing this we also assess the possibility of combining
performance and security analyses.
... mehr
We demonstrate the ability to analyze different ZTAs in Palladio and assess the applicability
of our model by modelling different ZTAs from the literature using the created in this thesis
elements. We evaluate whether we can detect performance impact induced by different ZTA
configurations by comparing the performance simulation of a Palladio example system with
and without ZTA. For the security analyses, we evaluate unauthorized and unauthenticated
access to resources as well as violations of the least privilege principle by using Data Flow
Analysis.
From the evaluation, we conclude that we can model ZTA using Palladio without needing
to extend the Palladio Component Model with new features. Our components can be used
off-the-shelf with little adjustments to legacy systems and even less when designing a system
with security in mind from the beginning. During the performance and security analyses, we
identified compatibility issues when combining performance and security annotations. However,
the model still allowed the detection of performance impact induced by new components
as well as the detection of security violations such as unauthorized and unauthenticated access
and violations of the least privilege principle.