13:40 - 14:40
Talk (60 min)
What the Premier League can teach us about Zero Trust
The Zero Trust security model of ‘perimeter-less’ security is gaining a lot of hype. Network security can no longer be relied on in this world where we work from everywhere.
However, successfully implementing Zero Trust is challenging, since it cannot rely on a single product or reference architecture. Zero Trust is an approach which requires cooperation among multiple products not initially designed to work together in a secure and cohesive way.
When I first explored the concepts at the heart of Zero Trust, I realized that I was already familiar with these paradigms from the architecture of video security systems. Video is the ultimate ‘zero trust’ challenge because content providers do not have much (any!) faith in their viewers, and assume a constant threat of piracy.
This talk is for everyone who wants to build a secure system. You will leave this talk with an understanding of what Zero Trust is and isn't, beyond the buzzwords. We will explore the principles of Zero Trust, including an overview of concepts that can be used to build a zero trust system, such as a Trusted Computing Base (TCB), a chain of trust vs. trusted third parties, managed vs. unmanaged devices, identity authentication and cloning prevention. We will discuss what we can learn from video security, in order to design and implement a robust perimeter-less security model.