The Executive Order issued by the US White House on May 12, 2021, requires the federal government to modernize its approach to cybersecurity by advancing toward Zero Trust Architecture (ZTA) [1].<\/p>\n\n\n\n
A physically unclonable function (PUF) is a key technology that supports the identity-centric policy model of ZTA. A PUF enables inborn ID and self-generated keys within a semiconductor for security services that can facilitate device identification, authentication, encryption and platform integrity verification.<\/p>\n\n\n\n
This article gives a comprehensive overview of Zero Trust and its implications for PUF based Hardware Security.<\/p>\n\n\n\n
Introduction to ZTA Model <\/strong><\/p>\n\n\n\n Zero Trust is a new security model which requires strict identity verification: i.e., \u201cnever trust, always verify\u201d, \u201cexplicit permission\u201d and \u201cleast privilege\u201d for every user and device trying to access resources on an enterprise\u2019s network, regardless of whether an entity (human or machine) is within the network or accessing the network remotely. A detailed discussion of Zero Trust can be found in footnotes [2,3,4].<\/p>\n\n\n\n The five foundational technology components for ZTA are as follows:<\/p>\n\n\n\n In summary, Zero Trust is a holistic model for securing network, application, and data resources, with a focus on providing an identity-centric policy model for controlling access.<\/p>\n\n\n\n Zero Trust Implementation Strategies <\/strong><\/p>\n\n\n\n Experts remain undecided on the best strategy to implement Zero Trust for all organizations. Google\u2019s BeyondCorp system and Microsoft\u2019s internal implementation of the ZTA model are two best-practice implementations. Since BeyondCorp is an internal Google program and platform that\u2019s unavailable for licensing or re-use, Microsoft provides the best example.<\/p>\n\n\n\n Microsoft uses the internet as the default network with strong identity, device health enforcement and least privilege access to implement ZTA. The company identified four core scenarios and used a combination of four pillar technologies to help achieve different goals. The technologies recommended include: \u201cverify identity\u201d, \u201cverify device\u201d, \u201cverify access\u201d and \u201cverify service\u201d [6].<\/p>\n\n\n\n There are seven successful Zero Trust strategies [7] for implementing controls and technologies across all foundational elements including identities, devices, applications, data, infrastructure, and networks:<\/p>\n\n\n\n PUF <\/strong><\/p>\n\n\n\n A Root-of-Trust (RoT) is a set of hardware functions that are trusted by a device\u2019s operating system. A RoT contains keys for cryptographic functions and enables a secure boot process.<\/p>\n\n\n\n A PUF works like a semiconductor \u201cfingerprint\u201d providing a unique identity for a chip with tamper-proof qualities for secure authentication. As an excellent source of high entropy, a PUF can generate a unique intrinsic identity that lasts the life of a chip. A PUF can provide a strong RoT for security measures (e.g. firmware signing), as well as device identification\/authentication to assure a given chip\/device is genuine. For this reason, a chip-based PUF can provide a strong foundation for security [8].<\/p>\n\n\n\n Lessons Learned <\/strong><\/p>\n\n\n\n Security leaders say it\u2019s best to implement ZTA in a phased approach that targets specific areas by layering new functions on top of existing security infrastructure components, eliminating the need to scrap earlier investments. Once an organization has built confidence, they can extend ZTA throughout the digital estate, while embracing it as an integrated security philosophy and end-to-end strategy [7,9].<\/p>\n\n\n\n Vendor surveys show [9,10] the top ZTA solutions include technologies, policies and processes that authenticate user access, segment and manage access to data and continuously monitor the organization\u2019s network for malicious network activity. Most vendors check users by MFA and shun VPNs in favor of micro-segmentation and authentication throughout the network. Most zero-trust vendors offer either purely software-based or software-centric solutions for key features such as authentication methods, policies, monitoring and reports. <\/p>\n\n\n\n However, Google and Microsoft require hardware as a fundamental part of ZTA [4,6,11]. Microsoft implemented MFA using smart cards to control administrative access to servers, while Google requires a corporate-issued certificate stored in each device\u2019s TPM.<\/a><\/p>\n\n\n\n Based on NIST IR8320 [12], hardware-enabled security technologies such as RoT, HSM, TPM, Chain of Trust (CoT) for data protection and confidential computing are necessary to improve server platform security and data protection for cloud and edge computing. The same hardware security should be adopted to implement ZTA as well.<\/p>\n\n\n\n Adopt PUF in ZTA Implementation<\/strong><\/p>\n\n\n\n The value that a PUF adds to ZTA is as follows:<\/p>\n\n\n\n Therefore, hardware-anchored security like PUF is critical to support ZTA.<\/p>\n\n\n\n The device ID and keys provided by eMemory\u2019s NeoPUF IP solutions [13] can improve security and data protection for server and end-device platforms as part of Microsoft\u2019s three pillars of ZTA — \u201cVerify identity\u201d, \u201cVerify device\u201d and \u201cVerify access\u201d.<\/p>\n\n\n\n Conclusions <\/strong><\/p>\n\n\n\n Using identities to control access is the central concept of ZTA. PUF supports the \u201cidentity-centric policy model\u201d by providing a secure foundation with functions like non-forgeable user identities and credentials, robust authentication and secret keys for code signing, as well as secure boots, updates and access controls.<\/p>\n\n\n\n The path to Zero Trust starts with identity. A PUF-based HRoT and key management approach are central to every ZTA program.<\/p>\n\n\n\n References <\/strong><\/p>\n\n\n\n