The study introduces a methodology that integrates Zero Trust Architecture (ZTA) principles and Transparent Shaping into an AWS-hosted Online File Manager (OFM) application. This approach aims to enhance the security of the application without requiring major code changes.
The researchers first deployed the OFM project in AWS and analyzed its architecture, which utilizes various AWS services such as Amazon Cognito, Amazon S3, Amazon Route 53, and Amazon API Gateway. They then used the Mozilla Observatory web security scanner to assess the initial security posture of the application.
To address the identified vulnerabilities, the researchers applied the Transparent Shaping model to separate the functional and non-functional concerns of the OFM application. This allowed them to incorporate ZTA principles, such as continuous authentication, least privilege access, and real-time monitoring, without modifying the core application logic.
The key enhancements made include:
After these modifications, the researchers conducted another security assessment using Mozilla Observatory, which demonstrated significant improvements in the application's security posture.
The findings of this case study validate the effectiveness of combining Transparent Shaping with ZTA to secure cloud-based applications hosted on AWS. The researchers highlight the importance of this approach in preserving application performance and user experience while enhancing security, and they provide a foundation for further research on Transparent Shaping and ZTA in cloud environments.
翻譯成其他語言
從原文內容
arxiv.org
深入探究