Behavior-based Confidence Scoring to Support Access Management in Zero Trust Systems

Conference Paper
This paper describes machine learning approaches for using behavioral signatures to automate elements of the authentication and authorization process under the Zero Trust paradigm.
Publisher

Software Engineering Institute

Abstract

Zero Trust architectures for cybersecurity have become the default aspiration for organizations in industry and for the U.S. federal government. A significant change in Zero Trust compared to legacy paradigms is the principle that systems should grant access to resources (devices, internal websites, data, software as a service, etc.) on a per-session basis after conducting authentication and authorization that is dynamic and strictly enforced. This work uses simulated data from the CERT Insider Threat Test Dataset to examine two general approaches to using behavior data to support authentication and authorization decisions: deep learning and Bayesian hierarchical models. We discuss the performance levels of the two approaches and implications for regulating access management under Zero Trust.