TY - GEN
T1 - BYOZ
T2 - 16th IEEE International Conference on Networking, Architecture and Storage, NAS 2022
AU - Anderson, John
AU - Huang, Qiqing
AU - Cheng, Long
AU - Hu, Hongxin
N1 - Publisher Copyright:
© 2022 IEEE.
PY - 2022
Y1 - 2022
N2 - As the COVID-19 pandemic scattered businesses and their workforces into new scales of remote work, vital security concerns arose surrounding remote access. Bring Your Own Device (BYOD) also plays a growing role in the ability of companies to support remote workforces. As more enterprises embrace concepts of zero trust in their network security posture, access control policy management problems become a more significant concern as it relates to BYOD security enforcement. This BYOD security policy must enable work from home, but enterprises have a vested interest in maintaining the security of their assets. Therefore, the BYOD security policy must strike a balance between access, security, and privacy, given the personal device use. This paper explores the challenges and opportunities of enabling zero trust in BYOD use cases. We present a BYOD policy specification to enable the zero trust access control known as BYOZ. Accompanying this policy specification, we have designed a network architecture to support enterprise zero trust BYOD use cases through the novel incorporation of continuous authentication & authorization enforcement. We evaluate our architecture through a demo implementation of BYOZ and demonstrate how it can meet the needs of existing enterprise networks using BYOD.
AB - As the COVID-19 pandemic scattered businesses and their workforces into new scales of remote work, vital security concerns arose surrounding remote access. Bring Your Own Device (BYOD) also plays a growing role in the ability of companies to support remote workforces. As more enterprises embrace concepts of zero trust in their network security posture, access control policy management problems become a more significant concern as it relates to BYOD security enforcement. This BYOD security policy must enable work from home, but enterprises have a vested interest in maintaining the security of their assets. Therefore, the BYOD security policy must strike a balance between access, security, and privacy, given the personal device use. This paper explores the challenges and opportunities of enabling zero trust in BYOD use cases. We present a BYOD policy specification to enable the zero trust access control known as BYOZ. Accompanying this policy specification, we have designed a network architecture to support enterprise zero trust BYOD use cases through the novel incorporation of continuous authentication & authorization enforcement. We evaluate our architecture through a demo implementation of BYOZ and demonstrate how it can meet the needs of existing enterprise networks using BYOD.
KW - BYOD
KW - continuous authentication
KW - network security policy
KW - zero trust
UR - https://www.scopus.com/pages/publications/85142291158
U2 - 10.1109/NAS55553.2022.9925513
DO - 10.1109/NAS55553.2022.9925513
M3 - Conference contribution
AN - SCOPUS:85142291158
T3 - 2022 IEEE International Conference on Networking, Architecture and Storage, NAS 2022 - Proceedings
BT - 2022 IEEE International Conference on Networking, Architecture and Storage, NAS 2022 - Proceedings
PB - Institute of Electrical and Electronics Engineers Inc.
Y2 - 3 October 2022 through 4 October 2022
ER -