零信任技术与产业发展洞察

张 云畅, 柴瑶 琳*, 穆 琙博, 毕 立波, 党 小东
中国信息通信研究院

摘要


互联网技术的快速发展让网络系统愈发复杂化,网络安全问题层出不穷,传统安全模型的失效让个体、企
业、国家面临严峻的安全考验,零信任基于“从不信任,始终验证”的原则,分化出软件定义边界(SDP)、身份识
别与访问管理(IAM)与微隔离(MSG)三大技术路线,形成对所有用户、设备和应用程序的持续验证和动态授权
模型,有效的防止未经授权的访问和数据泄露,全面提升网络安全性。本文旨在对国内国际零信任技术与产业发展
现状进行梳理和对比,分析我国零信任产业发展中的问题,研提我国零信任宏观战略规划、技术创新发展、产业生
态建设方面的建议。

关键词


零信任;软件定义边界;身份识别与访问管理;微隔离

全文:

PDF


参考


[1]The Business Research Company. 2023年零信任安

全全球市场报告[R].2023

[2]The White House. Executive Order on Improving

the Nation’s Cybersecurity[EB/OL].(2021-05-12)

[2021-05-12]. https://www.whitehouse.gov/briefingroom/presidential-actions/2021/05/12/executive-orderon-improving-the-nations-cybersecurity/.

[3]Government of Canada. Network and Security

Strategy[EB/OL].(2021)[2021]. https://www.canada.

ca/en/shared-services/corporate/publications/networksecurity-strategy.html.

[4]Cyber Security Agency of Singapore. The Singapore

Cybersecurity Strategy 2021[EB/OL].(2021)[2021].

https://www.csa.gov.sg/Tips-Resource/publications/2021/

singapore-cybersecurity-strategy-2021.

[5]OFFICE OF MANAGEMENT AND BUDGET.

“Moving the U.S. Government Toward Zero Trust

Cybersecurity Principles,”, 2022.(2022-01-26)[2022-

01-26]https://www.whitehouse.gov/wp-content/

uploads/2022/01/M-22-09.pdf.

[6]Department of Defense. DoD Zero Trust

Strategy[EB/OL].(2022-11-07)[2022-11-07]. https://

dodcio.defense.gov/Portals/0/Documents/Library/DoDZTStrategy.pdf.

[7]Department of Defense. DoD Zero Trust Capability

Execution Roadmap (COA 1)[EB/OL]. (2023-01-06)

[2023-01-06]. https://dodcio.defense.gov/Portals/0/

Documents/Library/ZTCapabilityExecutionRoadmap.pdf.

[ 8 ] E u r o p e a n C o m m i s s i o n .“ P r o p o s a l f o r a

REGULATION OF THE EUROPEAN PARLIAMENT

AND OF THE COUNCIL laying down measures for a high

common level of cybersecurity at the institutions, bodies,

offices and agencies of the Union”.(2022-03-22)[2022-

03-22]. https://eur-lex.europa.eu/legal-content/EN/

TXT/?uri=CELEX:52022PC0122.

[9]European Commission. People First - Digitalising

the Commission[EB/OL].(2022-04)[2022-04].https://

commission.europa.eu/about-european-commission/

service-standards-and-principles/people-first-digitalisingcommission_en.

[10]European Commission.“SDP Specification

v1.0”.(2014-04-30)[2014-04-30]. https://

downloads.cloudsecurityalliance.org/initiatives/sdp/SDP_

Specification_1.0.pdf?_ga=2.228130653.1951536048.1669190

328-1229248686.1669036181.

[11]Cloud Security Alliance.“Software-Defined

Perimeter (SDP) Specification v2.0”.(2022-03-10)

[2022-03-10]. Software-Defined Perimeter (SDP)

Specification v2.0.

[ 1 2 ] C l o u d S e c u r i t y A l l i a n c e .“ Z e r o T r u s t

Architecture”.(2020)[2020]. https://nvlpubs.nist.gov/

nistpubs/SpecialPublications/NIST.SP.800-207.pdf.

[13]Cybersecurity and Infrastructure Security Agency.

“Zero Trust Maturity Model draft”.(2021-09-07)

[2021-09-07]. https://www.cisa.gov/sites/default/files/

publications/CISA%20Zero%20Trust%20Maturity%20

Model_Draft.pdf.

[14]Cybersecurity and Infrastructure Security Agency.

Zero Trust Maturity Model Version 2.0[EB/OL].(2023)

[2023]. https://www.cisa.gov/sites/default/files/2023-04/

zero_trust_maturity_model_v2_508.pdf.

[15]National Institute of Standards and Technology. A

Zero Trust Architecture Model for Access Control in CloudNative Applications in Multi-Location Environments[EB/

OL].(2023)[2023]. https://nvlpubs.nist.gov/nistpubs/

SpecialPublications/NIST.SP.800-207A.ipd.pdf.

[16]Markets and Markets. Zero Trust Security Market

by Solution Type (Data Security, Endpoint Security, API

Security,Security Analytics, and Security Policy Management),

Deployment Mode, AuthenticationType, Organization Size,

Vertical and Region - Global Forecast to 2027[EB/OL].

(2023)[2023]. https://www.marketsandmarkets.com/

Market-Reports/zero-trust-security-market-2782835.html.

[17]Research Dive. Zero Trust Security Market

Report[R].(2023)[2023]. https://www.researchdive.

com/5368/zero-trust-security-market.

[18]市 经 济 和 信 息 化 局.北 京 市“十 四 五 ” 时

期 智 慧 城 市 发 展 行 动 纲 要[EB/OL].(2021)[2021].

https://www.beijing.gov.cn/hudong/gfxwjzj/zjxx/202011/

P020201123406057449149.pdf.

[19]中华人民共和国工业和信息化部.网络安全产业

高质量发展三年行动计划[M].(2021).

[20]中国信息通信研究院.重磅发布!最新中国零

信 任 产 业 发 展 洞 察[EB/OL].(2023)[2023].https://

mp.weixin.qq.com/s/xdyup_x_alPyIjIC7e4c1w.

[21]International Data Corporation. IDC MarketScape:

中国零信任网络访问解决方案,2022年厂商评估[EB/

OL].(2022)[2022]https://www.idc.com/getdoc.jsp?cont

ainerId=CHC48944622&pageType=PRINTFRIENDLY.


Refbacks

  • 当前没有refback。