The Trust over IP Foundation was established to bring trust into the virtual, online world where, all too often, there is low or no trust in data exchanges. In this post, on the topic of how the public sector should consider SSI, we examine the efforts of the US federal government to adopt zero trust architecture (ZTA) and its implications for using decentralized identity. As stated in federal guidance, “The foundational tenet of the Zero Trust Model is that no actor, system, network, or service operating outside or within the security perimeter is trusted. Instead, we must verify anything and everything attempting to establish access.”
The proliferation of cloud computing, mobile devices, Internet of Things (IoT), and wireless technology has changed the traditional paradigm of computing, and with it the traditional approach to cyber security leveraging access management and security controls at the network boundaries.
Recognizing this increasing threat, the US Government, through the Department of Defense (DoD) and National Institute of Standards and Technology (NIST) has led the development of a new approach to security and threat management called Zero Trust Architecture, or ZTA. A zero trust cybersecurity approach removes the assumption of trust typically given to devices, subjects (i.e., the people and things that request information from resources), and networks. It focuses on accessing resources in a secure manner, regardless of network location, subject, and asset, and enforcing risk-based access controls while continually inspecting, monitoring, and logging interactions.
Two weeks ago, the requirements of the Executive Order were further delineated in the Office of Management and Budget memo M 22-09, Moving the U.S. Government Toward Zero Trust Cybersecurity Principles, and set a deadline of October of 2023 for all federal agencies to implement ZTA standards and objectives in their technology infrastructure. Unfortunately, the opportunity to truly recognize “zero trust”, and by extension the principles of SSI, appear to be left as a gap. The ToIP framework provides an opportunity to implement design choices which help address this gap.
The role of Identity in Zero Trust
Identity plays a key role in ZTA. “Users” and “Devices” are two of the seven pillars of Zero Trust in DoD, and one of the Cybersecurity and Infrastructure Security Agency’s (CISA’s) “five pillars” for zero trust maturity (identities, devices, networks, applications and workloads, and data). The DoD implementation guide specifically references the Identity and Credential Access Management (ICAM) Reference Design as the basis for managing the identity of Person and Non Person Entities to support ZTA. The OMB guidance comes up short, only referencing “Using centrally managed systems to provide enterprise identity and access management services” to support an agency ZTA strategy. NIST and DoD have both laid the foundation for serious consideration of SSI and decentralized identity that appear to fail to make it to the guidance at a federal level.
Zero Trust and SSI
Zero Trust is based on the premise that “that no actor, system, network, or service operating outside or within (emphasis added) the security perimeter is trusted”. In the same respect, SSI ascribes to the principle that identity is retained by the person (entity) and only shared based on pre-agreed terms of trust – a Trust Framework. ZTA requires that “we must verify anything and everything attempting to establish access” while SSI prescribes selective disclosure and zero knowledge proofs that cryptographically confirm an identity without repeated disclosure of identity attributes for both authentication and authorization. ZTA and SSI then become “both sides of the same coin”, protecting both the entity (which must trust the verifier in sharing their information) and the network (which must verify the entity to trust it with access).
The President’s Executive Order makes one thing clear – “…the Federal Government needs to make bold changes and significant investments in order to defend the vital institutions that underpin the American way of life.” This bold change means moving from the traditional thinking of centralized, or even federated, identity structures and methods and recognizing “trust must go both ways” or expect no trust at all.
Although the ToIP Framework has yet to be demonstrated at the scale of full ZTA interoperability needed by the U.S. government—or other world governments—it is indeed the architecture they should be investing in to reach that level of interoperability at scale. It will also enable governments to do so without vendor lock-in, support “digital sovereignty” and—even better—it will enable peer-to-peer trust between any governments, their agents, and citizens based on their own governance frameworks and trust policies.
If You Are a Government…
Efforts are underway around the globe to promote new trust models between governments and citizens that promotes privacy and improves how trust is established between entities sharing information. Now is the time for the US government to consider and adopt the ToIP Framework as a starting point to not only support ZTA but promote greater privacy in information sharing within its ecosystem.
…and want to learn more about how ToIP can help give you the tools for designing and implementing interoperable decentralized digital trust infrastructure, please contact us.