{"title":"Towards Zero Trust: An Experience Report","authors":"Jason Lowdermilk, S. Sethumadhavan","doi":"10.1109/SecDev51306.2021.00027","DOIUrl":null,"url":null,"abstract":"Risk from supply chain attacks have gained prominence. In response to these attacks, regulators have suggested building systems on the principles of “zero-trust”, an aspirational motto that urges system designers to take measures to minimize trust. But, to what degree can one minimize trust in realistic systems? The answer to this question, of course, depends on the context. In this paper, we explore this question in the context of a satellite ground station front end processor – a critical component in satellite ground stations, in both standalone and cloud settings. Based on our design and implementation experience that spanned 18 months, we observe that it is possible to achieve a significant reduction in trust as measured by the lines of code. We also find that minimizing the lines of code improves productivity and the performance of our design. Finally, we find trust can be minimized to a greater extent for standalone systems than cloud systems.","PeriodicalId":154122,"journal":{"name":"2021 IEEE Secure Development Conference (SecDev)","volume":"47 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2021-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2021 IEEE Secure Development Conference (SecDev)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SecDev51306.2021.00027","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 1
Abstract
Risk from supply chain attacks have gained prominence. In response to these attacks, regulators have suggested building systems on the principles of “zero-trust”, an aspirational motto that urges system designers to take measures to minimize trust. But, to what degree can one minimize trust in realistic systems? The answer to this question, of course, depends on the context. In this paper, we explore this question in the context of a satellite ground station front end processor – a critical component in satellite ground stations, in both standalone and cloud settings. Based on our design and implementation experience that spanned 18 months, we observe that it is possible to achieve a significant reduction in trust as measured by the lines of code. We also find that minimizing the lines of code improves productivity and the performance of our design. Finally, we find trust can be minimized to a greater extent for standalone systems than cloud systems.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
