Ravindra Das

The Zero Trust Framework

Leading to a Passwordless World

• Gebundenes Buch

Produktbeschreibung

Learn what the Zero Trust Framework is and how it can be used to eliminate the need for any kind of password. This book discusses how each zone in this framework has its own layer of security, and it is highly recommended that users incorporate at least three or more layers of authentication mechanisms, which will create the environment for multifactor authentication (MFA).

You will learn how biometric technologies can be used (iris, facial, fingerprint recognition). Another important concept covered is privileged access management. Once an end user has their respective templates created, they will be saved and used for subsequent authentication attempts on an automatic basis.

Although the biometric templates are well-fortified, they do need an extra layer of protection, and this is where the concepts of biocryptography come into play. You will learn about further encryption of the iris, facial, and fingerprint recognition templates.

The book also delves into quantum mechanics and shows you how to use hashing algorithms to make sure that biometric templates have maintained their integrity from the point of authorization to the point of authentication. But these, too, are prone to cyberattacks. The use of quantum mechanics and photon particles is discussed and you will know how they can provide better levels of integrity.

You will learn about:

An examination of the latest cryptography algorithms.Fundamentals of Iris Recognition and its algorithms (Gabor Wavelets).Fundamentals of Facial Recognition and its algorithms (Hidden Markov Models).Fundamentals of Fingerprint Recognition and its algorithms (Hexademcial Algorithms).Biocryptography from a one to many approach.Biocryptography from a hosted approach.How Biometrics can play the role of MFA in the ZTF.Details about the point of authentication to the point of authorization for shared resources.

Who This Book Is For

CISOs and IT security managers who are looking at getting away from the traditional perimeter defense line of thinking

Produktdetails

• Verlag: Apress / Springer, Berlin
• Artikelnr. des Verlages: 978-1-4842-9356-0
• 1st ed.
• Seitenzahl: 180
• Erscheinungstermin: 21. September 2023
• Englisch
• Abmessung: 235mm x 155mm
• ISBN-13: 9781484293560
• ISBN-10: 1484293568
• Artikelnr.: 67454728

Autorenporträt

Ravi Das is Business Development Specialist/Technical Writer for BN.Net, Inc., a leading technical communications firm based in greater Chicago area. He has been an IT professional for more than 20 years. His vast experience includes software configuration management, database administration, and IT security, with a specialization in biometrics. He has written and published two other books. His accomplishments also include a comprehensive online training book for the CSA exam. Ravi holds an MS degree in Agribusiness Economics (International Trade) from Southern Illinois University, and an MBA (MIS/Computer Science) from Bowling Green State University.

Inhaltsangabe

Chapter 1: Introduction to book

Chapter 2: A Review Into Cryptography:

The Basics

An examination of the latest cryptography algorithms

A review of the PKI

Chapter 3: A Review Into The Biometrics Into the ZTF:

Fundamentals of Iris Recognition and its algorithms (Gabor Wavelets)

Fundamentals of Facial Recognition and its algorithms (Hidden Markov Models)

Fundamentals of Fingerprint Recognition and its algorithms (Hexademcial Algorithms)

Chapter 4: A Deep Dive Into Biocryptography

The strength of the algorithms

Why further encryption is needed (implementing cryptography over the Fingerprint, Iris, and Facial Recognition templates)

Biocryptography from a one to many approach

Biocryptography from a hosted approach

Chapter 5: The Zero Trust Framework (ZTF):

What It is

The advantages/disadvantages of it

How Biometrics can play the role of MFA in the ZTF

Details about the point of authentication to the point of authorization for shared resources

Once authenticated, the end user will not have to be authorized again - this is where the use of Privileged Access Management (PAM), Cloud Infrastructure Entitlements Management (CIEM), and Privileged Identity Management (PIM) will come into play, especially if the ZTF is going to be used in a hosted environment. The goal here is to eliminate the usage of passwords entirely.

The need to make sure that the integrity of the Biometric Templates from the point of authentication to the point of authorization needs to be assured. Typically, Hashing Algorithms are used for this, but they too are prone to Cyberattacks.

The next best thing to use is Quantum Mechanics and Photon Particle Array Structures. In theory, this has shown to be far superior to Hashing Algorithms. A discussion will be provided on this.

So far, the assumption is that one user is using the ZTF. But in the real world, there will be hundreds of them. Therefore, the concepts of Quantum Key Distribution Centers will be discussed in the setting of a ZTF being deployed in a PKI infrastructure, where Public Keys and Private Keys are used.

Chapter 6: Conclusions

Ultimate goal is to have a passwordless organization

Logins are automatic

Ultimate goal is to get rid of the traditional of the traditional model of Perimeter Security, as everything is divided into zones with the ZTF.