Securing Amazon Web Services with Zero Trust Architecture
Loading...
URL
Journal Title
Journal ISSN
Volume Title
Perustieteiden korkeakoulu |
Master's thesis
Unless otherwise stated, all rights belong to the author. You may download, display and print this publication for Your own personal use. Commercial use is prohibited.
Authors
Date
2024-07-31
Department
Major/Subject
Security and Cloud Computing
Mcode
SCI3113
Degree programme
Master’s Programme in Security and Cloud Computing (SECCLO)
Language
en
Pages
92
Series
Abstract
Securing cloud infrastructure has become a crucial priority for organizations worldwide in the rapidly evolving technological landscape. As businesses increasingly depend on cloud-based systems, safeguarding sensitive information against potential threats is essential. AWS is one of the public cloud providers offering various services for organizations. Despite its widespread adoption, AWS faces significant security challenges, evidenced by notable breaches such as the Capital One and Imperva incidents. These breaches underscore the need for proactive security measures to address the security challenges in AWS. Traditional security models, such as perimeter-based or trust-based, are insufficient for protecting AWS environments due to the dynamic nature of cloud resources and the porous network perimeters. ZTA provides a more robust approach by operating under the assumption that threats can originate inside and outside the network. It advocates for granular access controls, micro-segmentation, and continuous authentication and authorization to minimize the attack surface and prevent lateral movement within the network. This thesis focuses on enhancing the security of AWS using ZTA. It comprehensively reviews the state-of-the-art techniques for implementing ZTA tenets and addresses AWS security challenges. It offers insights and solutions to enhance AWS security through the adoption of ZTA principles. Furthermore, it presents a Proof-of-Concept (POC) implementation of a ZTA system to securely manage AWS resources. The POC implementation was conducted in collaboration with Sikt - The Norwegian Infrastructure Provider for Research and Education.Description
Supervisor
Jiang, YumingThesis advisor
Lund, ThomasKeywords
Zero Trust architecure, Amazon Web Services Security, cloud security, ZTA implementation, ZTA challenges