Modeling and analyzing zero-trust architectures taking into account various quality objectives

Aus SDQ-Institutsseminar
Version vom 20. Januar 2024, 10:14 Uhr von Evgeni Cholakov (Diskussion | Beiträge)
(Unterschied) ← Nächstältere Version | Aktuelle Version (Unterschied) | Nächstjüngere Version → (Unterschied)
Vortragende(r) Evgeni Cholakov
Vortragstyp Masterarbeit
Betreuer(in) Nicolas Boltz
Termin Fr 2. Februar 2024
Vortragsmodus in Präsenz
Kurzfassung Integrating a Zero Trust Architecture (ZTA) into a system is a step towards establishing a good defence against external and internal threats. However, there are different approaches to integrating a ZTA which vary in the used components, their assembly and allocation. The earlier in the development process those approaches are evaluated and the right one is selected the more costs and effort can be reduced. In this thesis, we analyse the most prominent standards and specifications for integrating a ZTA and derive a general model by extracting core ZTA tasks and logical components. We model these using the Palladio Component Model to enable assessing ZTAs at design time. We combine performance and security annotations to create a single model which supports both performance and security analysis. By doing this we also assess the possibility of combining performance and security analyses.