NIST releases draft model for access control using ZTA in ‘cloud native applications in multi-cloud environments’

The National Institute of Standards and Technology has released a draft model for applying zero trust architecture to “cloud-native applications in multi-cloud environments,” in order to implement enterprise-wide access control policies.

“Enterprise application environments consist of geographically distributed and loosely coupled microservices that span multiple cloud and on-premises environments. They are accessed by a userbase from different locations through different devices,” according to the Thursday NIST announcement.

“This scenario calls for establishing trust in all enterprise access entities, data...