Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

Applying Transparent Shaping for Zero Trust Architecture Implementation in AWS: A Case Study

Wenjia Wang, Seyed Masoud Sadjadi, Naphtali Rishe, Arpan Mahara

TL;DR

The paper addresses securing AWS-hosted applications beyond perimeter defenses by adopting Zero Trust Architecture (ZTA) and introducing Transparent Shaping. It proposes a methodology to retrofit ZTA into an existing AWS-hosted Online File Manager (OFM) with minimal code changes. The authors implement a custom ZTA strategy, apply Transparent Shaping to enforce security policies at the infrastructure level, and evaluate security improvements using Mozilla Observatory. Results show significant improvements in security posture, such as improved Content Security Policy and secure HTTP headers, while preserving functionality, suggesting a practical path for cloud security in AWS.

Abstract

This study introduces a methodology integrating Zero Trust Architecture (ZTA) principles and Transparent Shaping into an AWS-hosted Online File Manager (OFM) application, enhancing security without substantial code modifications. We evaluate our approach with the Mozilla Observatory, highlighting significant security improvements and outlining a promising direction for applying Transparent Shaping and ZTA in cloud environments.

Applying Transparent Shaping for Zero Trust Architecture Implementation in AWS: A Case Study

TL;DR

The paper addresses securing AWS-hosted applications beyond perimeter defenses by adopting Zero Trust Architecture (ZTA) and introducing Transparent Shaping. It proposes a methodology to retrofit ZTA into an existing AWS-hosted Online File Manager (OFM) with minimal code changes. The authors implement a custom ZTA strategy, apply Transparent Shaping to enforce security policies at the infrastructure level, and evaluate security improvements using Mozilla Observatory. Results show significant improvements in security posture, such as improved Content Security Policy and secure HTTP headers, while preserving functionality, suggesting a practical path for cloud security in AWS.

Abstract

This study introduces a methodology integrating Zero Trust Architecture (ZTA) principles and Transparent Shaping into an AWS-hosted Online File Manager (OFM) application, enhancing security without substantial code modifications. We evaluate our approach with the Mozilla Observatory, highlighting significant security improvements and outlining a promising direction for applying Transparent Shaping and ZTA in cloud environments.
Paper Structure (25 sections, 2 figures, 2 tables)

This paper contains 25 sections, 2 figures, 2 tables.

Table of Contents

  1. Introduction
  2. Problem
  3. Contribution
  4. Background and Related Work
  5. From Perimeter Security to Zero Trust
  6. Cybersecurity Landscape of Cloud Environments
  7. AWS Security Practices and Challenges
  8. AWS Shared Responsibility Model
  9. AWS Security Services
  10. AWS Security Compliance
  11. AWS Security Practices
  12. Security Challenges in AWS
  13. Security Enhancements in Cloud Networks using Zero Trust
  14. Toward Transparent Shaping
  15. Experiment
  16. ...and 10 more sections

Figures (2)

  • Figure 1: Original Architecture of "Online File Manager"
  • Figure 2: Online File Manager (OFM)