Security needs to be Application-aware. Security must move from being based on a network-oriented model to an application-aware model, and it must be easy to implement and manage to be truly useful for DevSecOps.
Start with a Zero Trust Model
Forrester Research, who advise over 3500 organizations worldwide, prepared a landmark analysis on security for modern applications for NIST in which they state that “The traditional [security] mindset does not take into account the current environment”. Instead, a Zero Trust Model is put forward as a fundamentally better way to think about application security. Zero Trust takes into account the possibility of threats coming from internal as well as external sources and protects the organization from both types. This is important because, as the survey results below summarize, most threats actually come from within.
Attribute-Based Access Control
The NIST Cybersecurity Practice Guide SP 1800-3, Attribute-Based Access Control points out that there is a fundamental issue that arises when traditional Role Based Access Control (RBAC) is used to gate access to system resources. The heart of the problem? Each time a user or application component arrives or leaves, an administrator must manually change access rights accordingly – a difficult and inefficient method. Using only one factor, user identity is not as secure as a model where multiple factors are used to make the decision of whether to allow or deny access.
To overcome the problems inherent in RBAC, the National Cybersecurity Center of Excellence has developed a reference design for an Attribute Based Access Control (ABAC) system. This model takes multiple attributes about the entity (be it a person or a service) that wants to have access to an object. It further registers information about the object itself and relevant environmental information to create granular policies that are used to grant or deny access. Gartner recently predicted that “by 2020, 70% of enterprises will use attribute-based access control…as the dominant mechanism to protect critical assets, up from less than 5% today.”
Overview of the Aporeto Platform
The Aporeto Platform assumes a Zero Trust Model and uses Attribute Based Access Control (ABAC), as recommended by NIST. This creates a modern platform for enterprises that want to dramatically increase the security of cloud-native applications while signiﬁcantly lowering their administrative costs, even for very large scale applications. With Aporeto, each Processing Unit (Linux process or Docker container) is provided with a Trust Proﬁle that is automatically created using the ABAC model. This incorporates the id of the process and its host, its location, the user-id it is running under, a historical proﬁle, and any number of other environmental or assigned attributes of the PU.
A Zero Trust environment is assumed, so all PUs must be authenticated and subsequently authorized to perform any interaction with other PUs or resources across the data center, cloud, hybrid cloud, or multi-cloud environment. All interactions must be explicitly permitted based on a set of Policies that are enforced by the Aporeto Enforcer that runs on each physical or virtual host. The Aporeto Platform delivers superior security compared to the old model where security was provided by disparate ﬁrewalls, IPS, WAF, NAC, VPN gateways and other encryption products. It operates at the application-aware level, vastly simplifying and strengthening the security of modern applications. It secures cloud-native applications from attacks mounted from within or externally and its automated operation ensures that security settings are comprehensive, always in force, current, and easy to maintain.
To read more about why using IP addresses to secure applications in a cloud-native era is a terrible idea, read our blog here.