Zero Trust Architecture

The Special Publication 800-series reports on The Information Technology Laboratory’s (ITL) research, guidelines, and outreach efforts in information system security, and its collaborative activities with industry, government, and academic organizations.

This document is intended to describe zero trust for enterprise security architects, cybersecurity managers, network administrators, and managers. It is meant to aid understanding of zero trust for civilian unclassified systems and provide a road map to migrate and deploy zero trust security concepts to an enterprise environment. It is not intended to be a single deployment plan for ZTA as an enterprise will have unique business use cases and data assets that require safeguards. Starting with a solid understanding of the organization’s business and data will result in a strong approach to zero trust.