Risks to Zero Trust in a Federated Mission Partner Environment
Keith Strandell, Sudip Mittal
TL;DR
Problem: Federating diverse identity solutions within Zero Trust Architectures across international mission-partner networks risks data leakage and weakened trust decisions. Approach: The paper analyzes how micro-segmentation, data tagging, and federated identity models interact, identifies risk vectors including supply-chain and geopolitical threats, and proposes two research avenues to mitigate these risks. Contributions: a risk framing for federated ZTA, concrete examples of data-sharing constraints, and two concrete augmentation proposals (blockchain-based SSI and ANFIS). Significance: informs federal governance and future research on securing cross-partner authentication and authorization in federated missions.
Abstract
Recent cybersecurity events have prompted the federal government to begin investigating strategies to transition to Zero Trust Architectures (ZTA) for federal information systems. Within federated mission networks, ZTA provides measures to minimize the potential for unauthorized release and disclosure of information outside bilateral and multilateral agreements. When federating with mission partners, there are potential risks that may undermine the benefits of Zero Trust. This paper explores risks associated with integrating multiple identity models and proposes two potential avenues to investigate in order to mitigate these risks.