Zero Trust ni muundo wa usalama unaotegemea kanuni kamwe usiamini, daima thibitisha — badala ya kuamini kitu chochote kulingana na eneo la mtandao (ndani vs nje), kila ombi la access linakabiliwa na uthibitisho, idhini, na uthibitisho. Inasuluhisha kushindwa kwa usalama wa kawaida unaotegemea mipaka.
Tatizo na usalama wa mipaka
TRADITIONAL ("castle and moat") security:
→ a strong PERIMETER (firewall); trust everything INSIDE the network
✗ once an attacker gets IN (breach, insider, compromised device), they move FREELY
(lateral movement) — the inside is implicitly trusted
✗ doesn't fit modern reality: cloud, remote work, mobile, distributed services (no clear
perimeter)
