Working Group Charter
The purpose of the Zero Trust Working Group is to support ASWF projects that need to function in a Zero Trust operating environment. As workflows and assets move to the cloud, perimeter security is no longer adequate in many situations. New models, such as Zero Trust, are being used that require many clients and services to become security aware. For example, they may need to integrate with authentication and authorization services or to interoperate with logging, monitoring, or threat detection systems.
The aim of this working group is to assist ASWF projects in determining their zero trust security needs and to share best practices on implementation approaches.
Goals of the working group
Assist community members in becoming aware of the use of zero trust security models and how that relates to ASWF projects.
Consolidate and share best practices for implementing those models including security by design.
Explore the value of having an ASWF project for Zero Trust framework and supporting elements that could be shared between multiple ASWF projects.
Non-goals of the working group
Maintain code for actual solutions beyond samples needed to support documentation.
Duplicate security work already being done in other Working Groups, such as CI.
Deliverables
Documentation of guidelines and best practices to help other ASWF projects incorporate the mechanisms and components necessary for operating in a ZT environment.
Proposals for other projects, such as frameworks or code, that the group may determine are needed.
Â