An Interoperable Zero Trust Federated Architecture for Tactical Systems

In military and tactical missions, operational needs can require different domains and nations in a coalition to federate, to facilitate sharing of resource between domains. On the other hand, data and services need to be protected against unauthorized access. The zero trust paradigm provides principles for securing data and services, based on fine-grain compartmentalization of resources and least-privileged access policies. In zero trust architectures, every access to a resource is verified, without relying on implicit trust between the requester and the resource. However, state-of-the-art federation procedures weaken the zero trust security guarantees, as information on requesters, belonging to one domain, cannot be verified by another domain offering a resource. Therefore, access inherently relies on trust between domains, which contradicts zero trust principles. This paper presents a novel technique to create a zero trust federation, in which every access to a resource is explicitly verified, without trusting federation partners. In particular, due to the power constraints on devices composing tactical architectures, the presented solution does not require invasive software to be installed in requester devices.