The cloud, as most know, offers many benefits, such as scalability, flexibility, and cost-efficiency. However, it also introduces new risks, such as data breaches, ransomware, and cyberattacks. To cope with these threats, a new paradigm of data security that can address the complexity and diversity of the cloud environment is needed.
One of the key aspects of this new paradigm is the ability to define and enforce data security policies across the entire computing infrastructure, including the cloud. Data security policies are the rules and regulations that govern how data is accessed, stored, processed and shared. They should be expressed in a clear and concise way, so that they can be easily understood and audited by the stakeholders.
Data security policies should also be automatically enforced by the security systems, so that there is no room for human error or malicious manipulation. By having a unified and consistent way of managing data security policies, organizations can ensure that their data is protected at all times, regardless of where it resides or who accesses it.
Of course, that is easier said than done. That is why Oracle, through a new initiative, will collaborate with Applied Invention, other major technology providers and other organizations from across industries, including Nomura Research Institute to enable networks to collectively enforce shared security policies, enhancing the security architecture organizations already use without changing existing applications and networks.
To support this new initiative, Oracle (News - Alert) plans to release the Oracle Zero-Trust Packet Routing Platform based on the new standard that helps organizations prevent unauthorized access or use of their data without adding extra hurdles for legitimate activities.
Zero trust packet routing, or ZPR, is an industrywide initiative to create a new open standard for network and data security that will help organizations better protect their data in distributed IT environments.
“Organizations need a way to describe their data security policies in one place where they be can easily understood and audited, and they need a way to ensure those policies are enforced across their entire computing infrastructure, including their clouds," said Mahesh Thiagarajan, Executive Vice President, Security and Developer Platforms, Oracle Cloud Infrastructure. "Oracle is working with Applied Invention and other technology leaders to launch an effort to create an open, Zero-Trust Packet Routing (ZPR) standard.”
The new security standard, being developed and supported by Oracle and Applied Invention, allows organizations to secure their data from creation to deletion, without modifying the existing architecture that involves their distributed cloud environments. The standard will rely on a security policy that is based on the intended outcome, and that can be easily read, audited and understood by humans.
This policy will be implemented at the network layer, with all traffic carrying verified information about the sender, receiver and kind of data in transit. The network uses this information to restrict where that data can go.
Technology providers and users that adopt or work with the standard will be able to use their network devices to help monitor and stop threats to their data wherever it is stored, creating a consistent layer of security. As a result, it will be harder to exploit many common security weaknesses that arise from coordinating and configuring large numbers of devices and security mechanisms.
For example, if an authorized user of an application tries to move data to another environment where it could be misused, the policy could detect the breach of security intent, block data movement and create an alert on the incident.
"ZPR is how the Internet would have been designed from the start if modern security technologies had been available," said Danny Hillis, co-founder, Applied Invention. "This initiative is an opportunity to make a generational improvement in cybersecurity for the entire world.”
This new standard is built on technology created by Danny Hillis and the team at Applied Invention with the goal of adding a unified layer of security on top of existing solutions to ensure data remains secure even behind the scenes.
Edited by Alex Passett