Security architecture that rigorously verifies every request regardless of origin, eliminating implicit trust in internal networks.
Zero Trust is a security model that eliminates implicit trust in corporate networks. The core principle is "never trust, always verify": every request is authenticated, authorized, and encrypted regardless of origin — whether from the internet or the internal network.
The term was coined by Forrester in 2009 and formalized by NIST in publication SP 800-207 (2020), which defines seven fundamental principles: explicit verification, least-privilege access, assume breach, microsegmentation, end-to-end encryption, continuous monitoring, and policy automation.
The traditional perimeter security model assumes everything inside the corporate network is trustworthy. This fails for three reasons:
The Policy Engine evaluates each request considering: user identity, device state, location, time, requested resource, and risk level. Being authenticated is not enough — context determines access.
Google published its Zero Trust implementation in 2014. Key principles:
Services like Cloudflare Access, AWS Verified Access, and Google IAP implement Zero Trust without VPN:
In a microservices architecture, microsegmentation applies access policies at the individual service level. With a service mesh like Istio:
apiVersion: security.istio.io/v1beta1
kind: AuthorizationPolicy
metadata:
name: product-service-policy
namespace: production
spec:
selector:
matchLabels:
app: product-service
action: ALLOW
rules:
- from:
- source:
principals: ["cluster.local/ns/production/sa/api-gateway"]
to:
- operation:
methods: ["GET"]
paths: ["/api/products/*"]
when:
- key: request.auth.claims[iss]
values: ["https://auth.example.com"]This policy allows only the api-gateway to access the product-service, only with GET method, only on specific paths, and only with a valid JWT token from the correct issuer. Any other combination is blocked by default.
| Characteristic | Traditional perimeter | Zero Trust |
|---|---|---|
| Trust model | Implicit within network | Per-request verification |
| Segmentation | VLANs and subnets | Per-service microsegmentation |
| Authentication | Single session (VPN) | Continuous (JWT + mTLS) |
| Lateral movement | Possible after entry | Blocked by default |
| Visibility | Network boundaries | Granular per resource and request |
| Remote work | Requires VPN | Native (IAP) |
| Attack surface | Wide after penetration | Minimal by design |
CISA defines five pillars for Zero Trust maturity:
Zero Trust is not a product you buy — it is an architectural shift that affects identity, network, applications, and data. Implementation is incremental: start with multi-factor authentication and identity-based access, then advance toward microsegmentation and continuous monitoring. For teams with microservices and service mesh, microsegmentation with mTLS is the most natural entry point.
Architectural style structuring an application as a collection of small, independent, deployable services, each with its own business logic and data.
Infrastructure layer dedicated to managing communication between microservices, providing observability, security, and traffic control transparently.
Industry standards for delegated authorization (OAuth 2.0) and federated authentication (OpenID Connect), enabling third-party login and secure API access.
AWS identity and access management service controlling who can do what in your account, with granular policies based on the principle of least privilege.