Home / Blog / On the Federal Zero Trust Strategy

On the Federal Zero Trust Strategy

The Office of Management and Budget (OMB) recently released a Federal Zero Trust Strategy in support of the Executive Order on Improving the Nation’s Cybersecurity to push the adoption of zero trust principles across civilian agencies’ enterprise security architecture.

 

The content of the executive order and the OMB memorandum is worth examination in its entirety however here we highlight some sections that has direct impact in how our Identity and Access Management (IAM) is implemented, deploy, and managed.

In the OMB memorandum, under the section “”Identity””, the vision is that agency staffs should use enterprise-managed identities to access applications they use. In particular, they should use phishing-resistant MFA to protect personnel from sophisticated online attacks.

 

As part of the actions to fulfill this vision, agencies must use strong multi-factor authentication (MFA) throughout their enterprise, which must be enforced at the application layer instead of the network layer. Additionally, when authorizing users to access resources, agencies must consider at least one device-level signal alongside identity information about the authenticated user.

 

As for phishing-resistant authenticators and approaches to MFA, the federal strategy points to the World Wide Web Consortium (W3C)’s open “Web Authentication” standard along side with FIDO2  as effective approaches to meet the requirements of the Federal Zero Trust Strategy.

 

One of the implications of the Federal Zero Trust Strategy is that it creates options for agencies to use FIDO instead of authentication based on Personal Identity Verification (PIV) or public-key infrastructure (PKI).

 

Spectra is Algemetric’s IAM solution for machine-to-machine communication (M2M), much needed in a wide variety of IoT scenarios. Spectra implements FIDO2’s standards: WebAuthn and CTAP for establishing the role of trusted administrators for creating and managing IAM for IoT applications. Spectra provides extensive IAM controls for M2M following zero trust principles. Additionally, Spectra is designed based on approved public-key cryptography in a data-centric fashion, which does not required PKI and does not depend on the security of the network.

 

Spectra was designed to contemplate zero trust principles for the get-go. Spectra the result of a powerful combination of data organization, advanced cryptographic protocols, and features satisfying modern IAM requirements.

On the Federal Zero Trust Strategy

The Office of Management and Budget (OMB) recently released a Federal Zero Trust Strategy in support of the Executive Order on Improving the Nation’s Cybersecurity to push the adoption of zero trust principles across civilian agencies’ enterprise security architecture. In this post we discuss immediate implications of this announcement and how Spectra by Algemetric relates to it.

Algemetric Joins W3C

The World Wide Web Consortium (W3C) is an international organization that develops Web standards in collaboration with member organizations, a full-time staff, and the general public. W3C, which is led by Web inventor and Director Tim Berners-Lee and CEO Jeffrey Jaffe, aims to guide the Web to its full potential.

The Power of Data-Centric Technologies

While virtually all digital technologies take advantage of data at some capacity, some technologies are enabled and sometimes even defined in terms of how data is expressed, represented, organized, manipulated, transmitted, stored, among other aspects. This type of solution is what data-centric technologies (DCTs) are about. DCTs are not only interesting in their own merits, but they can also enable other powerful solutions with unprecedented results.

Algemetric joins the MPC Alliance

There is a whole new series of security and privacy solutions powered by threshold security, multiparty computation (MPC), and related technologies. Those are methodologies and mechanisms that are helping to shape the secure computation of the future.