Self-driving cars can no longer be viewed as a single system. These are cars with complex computer systems that independently make countless connections with the driver, with other vehicles, with the immediate environment and with various communication systems and networks. We want to be sure that these connected systems are reliable. As a result, IT Security Architects must work in a more intricate manner, as the interconnected networks are becoming too complex to oversee as a whole.
Decentralised design on the basis of zero trust.
Go straight to information on:
Decentralised design on the basis of zero trust
By decentralising the design of an IT architecture and thus dividing the design into a number of clear sub-divisions (each with its own responsibilities), an overview can be created. This provides certainty regarding the security of each sub-part, the connections which are relevant to this sub-part and how they can be protected. In this way, an organisation can get a better grip on possible attacks because they can already monitor them within a smaller sub-part. All of this is done on the basis of the Zero Trust philosophy. The foundation for Zero Trust is ‘never trust, always verify’. Whereas certain connections were always open to certain users in the past, a Zero Trust design has no prior assumptions on the degree of reliability regarding those who want access – regardless of whether this concerns organisations, users, hosts or datasets.
Implied trust zones methodology
Dividing an IT design into sub-parts
In the TNO Implied Trust Zones methodology, an IT architecture goes from a centralised process (with one architect at the helm) to a decentralised process with several responsible parties. The relationships and connections are clearly visualised and the system is set up through a series of separate Implied Trust Zones. As an example from the automotive industry, take a car that communicates with surrounding cars, traffic lights, road information, weather information and traffic information in order to drive safely and autonomously in as optimal a manner as possible (or: to support the driver). While this is very complex as a whole, the individual parts can remain clear with the right methodology.
Due to the decentralised design, individual components can now also be tested and validated separately. In other words, a smart traffic light can be deemed secure without the need to test all other connected systems (cars, other infrastructure) as well.
The method is currently being tested in the automotive industry within the SECREDAS project, and a healthcare case is being developed.
Potential impact for organisations
More secure and resilient: This methodology offers major advantages because the architecture becomes clear, processes remain transparent and responsibilities are straightforward. An architecture with a decentralised design conducts analyses more easily and acts faster and more effectively in the event of possible attacks. The Implied Trust Zones methodology ensures that the impact of an incident is kept to a minimum.
Better designs lead to a safer and more flexible environment: The method helps to identify and correct ‘errors’ and shortcomings in IT designs from the outset AND helps to better plan urgent measures to be taken, including where they best fit into the architecture.
Application areas
The Implied Trust Zones methodology is applicable in many areas of cybersecurity:
- For more secure information transactions, such as for financial or governmental organisations.
- For chain partners: organisations that have to work together and where information is frequently passed on, particularly when privacy and security are important.
- For organisations where the design of an IT architecture is large and complex, which could concern policy, people, suppliers, digital services, etc.
But the methodology also quickly helps to provide answers to questions such as:
- How do you debug a security architecture?
- Systems-of-systems: is the security solution in the right place?
- Secure and flexible infrastructures: how do you design them?
Collaboration
TNO has the unique expertise needed to advise you on customised solutions.
If you would like to collaborate with us and/or learn more about the Implied Trust Zones methodology?
Please contact Mark Buningh
Contact
Theme
More tech? Smarter Cybersecurity!
Picture this: autonomous vehicles that only make secure connections to their environment; always receiving the best treatment in hospital while your privacy is guaranteed; carefree online business in which... Read more
Our work
Carefree entrepreneurship thanks to security monitoring and detection
Technology, data and data-driven solutions are becoming increasingly important to the functioning of our society. The Netherlands is experiencing rapidly growing digitalisation in terms of processes... Read more
Roadmap
Multi-party computation: optimising care by encrypting patient data
Combining data from large groups of patients can lead to new insights and better treatment methods for patients. As a result, TNO and the Netherlands Comprehensive Cancer Organisation (IKNL) are working... Read more
Our work
Cybersecurity by quantum - safe crypto
Picture this: a quantum computer exists which can handle complex problems that are practically unsolvable for today’s computers as the calculations would take centuries. Which contributes to new products... Read more
Our work
The Digital Resilience of The Netherlands
Our Dutch defence and security organisations, including the national police and the NCTV, are jointly responsible for our national security – including in the digital domain. In addition to the sea, land,... Read more
- Artificial Intelligence
- Defence, Safety & Security
- Roadmaps
- Operations & Human Factors
- Climate Chambers for Research into Human Performance
- Desdemona: the next generation in movement simulation
- LT Lab: the TNO learning technology laboratory
- Performance and health monitoring
- Motion sickness and performance
- The neurobiology of Stress
- NetForce Command: an alternative to hierarchical command and control
- Operational military performance in a virtual world
- SUPRA
- Simulation Live Virtual and Constructive
- Concept Development & Experimentation
- IAMD: Integrated Air & Missile Defence
- JROADS
- FACSIM
- Helicopter studies
- Replacement of the F-16
- MARVEL / Comprehensive Approach
- TNO ACE: Advanced CD&E Environment
- Integrated approach to Dutch Royal Navy patrol ships
- Operational analysis during military operations
- SketchaWorld: from sketch to virtual world
- Information & Sensor Systems
- Digital Resilience of The Netherlands
- LFAS - Low Frequency Active Sonar
- Tanker Remote Vision System
- Platform signatures
- TNO shapes the future of MMICs and RFICs
- CARPET: Computer-Aided Radar Performance Evaluation Tool
- Underwater Warfare and Security
- Wide Area Motion Imagery WAMI
- SAKAMATA: sonar and marine mammals
- PARANOID: rapid information processing
- Mine analysis and threat evaluation
- Ship acoustics and underwater acoustic signatures
- PERSEUS Wind Turbine Radar Interference Assessment tool
- Electromagnetic security
- National Security
- A new vision on modernizing the emergency reporting process
- Social media in the security sector
- Automatic Video Compilation and Analysis System (AVACS)
- The Dutch Cyber Cube Method: Improving Human Capital for SOCs and CSIRTs
- Security Mission Information & Innovation Group (SMI2G)
- Critical infrastructure protection
- Concealed weapon detection
- FP7 Project IMPACT Europe
- Critical Infrastructure Protection (CIP) policies in Europe
- @MIGO: border control
- Smarter Surveillance, man, machine, synergy
- Cyber Security of Industrial Control Systems
- Protection, Munitions & Weapons
- Weapons systems control and analysis
- Weapon Effects & Protection Center
- Firepower
- Protection and survivability of vehicles
- Naval ship protection and survivability
- Protection and survivability of infrastructure
- World-class ballistics research
- Countering IEDs
- Materials for protection concepts
- Processing of Propellants, Explosives and Pyrotechnics
- Ammunition Safety
- Ballistic Performance and Personal Protection
- Chemical, Biological, Radiological and Nuclear (CBRN) Protection
- Expertise groups
- Intelligent Imaging
- Intelligent Autonomous Systems.
- Acoustics and Sonar
- Weapon Systems
- Explosions, Ballistics and Protection
- Chemical, Biological, Radiological and Nuclear (CBRN) Protection
- Energetic Materials
- Human Behaviour and Organisational Innovation
- Networked Organisations
- Training and Performance Innovations
- Perceptual and Cognitive Systems
- Military Operations
- Modelling, Simulation and Gaming
- Electronic Defence
- Radar Technology
- Energy Transition
- Roadmaps
- Towards ubiquitous Solar Energy
- Global leader with innovative solar panels
- From successful tests to real thin Film products
- Smart integration of solar energy into our environment
- Trial with solar panels on noise barriers along railway tracks
- SolaRoad
- Unique research floating solar panels
- Solar Highways
- Solar Powered Transportation
- National Consortium Solar in Landscape
- Higher yield and better integration in landscape with bifacial solar panels
- Optimal deployment of the infrastructure for generating solar energy
- Optimal energy generation with aesthetic solar panels
- First solar-powered passenger car: solar cells in the bodywork
- Solar electricity generation in public road infrastructure
- SolarBEAT outdoor test facility for BIPV(T)
- Solar panels on farmland
- Research innovative solar parks
- Solar panels in facades
- Solar cells on crash barriers
- Towards large-scale generation of wind energy
- Support structure just as important as the wind turbine itself
- Wind turbines, fully in motion
- Innovation towards 10-20 MW offshore wind turbines
- How to model 10MW+ turbines aerodynamically?
- Design for Reliable Power Performance (D4REL)
- Reduce costs and improve output through optimised tip design wind blades
- VortexLoads: Vortex-wake models in wind turbine design
- Modelling improvement wind turbine blades
- RealCoE: Converters for Clean, Low Cost and Competitive Electricity
- Haliade X: largest wind turbine ever
- Less production per wind turbine, still higher yield
- Logistics innovative strength at home and abroad
- Leader in wind turbine management and maintenance
- Wind farms in synergy with the environment
- Innovative methods for wind measurements
- Towards broad support for the energy transition
- Towards an energy-producing environment
- Towards CO2 neutral fuels and feedstock
- Biomass to fuels and feedstock
- ARBAHEAT - Sustainable future for coal-fired power stations possible through conversion to biomass
- AMBITION Advanced biofuel production from lignin rich residues
- BECOOL EU Brazilian cooperation on advanced biofuels
- Horti-BlueC - a new EU cooperation on reducing Bio-waste and CO2-footprint in horticulture
- UNRAVEL - valorization of lignocellulosic biomass
- MacroFuels advanced biofuels from seaweed
- BRISK2 Biofuel Research Infrastructure for Sharing Knowledge
- New facility for seaweed processing
- TORWASH technology successfully tested on pilot scale
- Traditional fuels and raw materials
- Hydrogen for a sustainable energy supply
- Optimising production hydrogen
- Hydrogen storage and transport
- Hydrogen, fuel and feedstock
- H-vision: blue hydrogen to accelerate carbon-low industry
- Ten things you need to know about hydrogen
- World first: an offshore pilot plant for green hydrogen
- New research centre for hydrogen production
- Identifying the future international chain of green hydrogen
- Oppertunities for green hydrogen for the manufacturing industry investigated
- Biofuels lab: Making transport more sustainable with biofuels
- Towards CO2 neutral industry
- Towards a reliable, affordable and fair energy system
- Sector coupling: the engine of a CO2-free society
- Energy Conversion and Storage
- Future-proof energy grids
- Future-proof energy markets
- A fair system without energy poverty
- Energy storage platform: working on energy storage after 2030
- Scenarios for a climate-neutral energy system
- Robustness and flexibility of the energy system
- Energy Transport Infrastructure
- Geological Survey of the Netherlands
- Geological Survey of the Netherlands
- 100 years of geological mapping
- GeoTOP
- Sand, gravel and clay extraction
- GIS and other tools for interactive planning
- DINO, Data and Information of the Dutch Subsurface
- BRO: the Dutch Key Register of the Subsurface
- Sustainable use and management Flemish-Dutch subsurface
- Petroleum Geological Atlas of the Southern Permian Basin
- 3D Subsurface mapping of the Dutch offshore
- Geological Survey of the Netherlands across borders
- Expertise
- Industry
- Roadmaps
- Flexible & Free-form Products
- Additive Manufacturing
- Integrating 3D printing and flexible post-processing
- Applied Research for Industrial Automation
- Glass powder printer
- PlanoColor® nanopigments
- High Viscous Material Inkjet Printer
- Line width roughness measurement
- Improved Micro-stereolithography
- Direct Metal Printing
- Rapid Manufacturing Demo Centre
- Continuous 3d printing: faster, cheaper and more flexible
- Large Area Electronics
- Development of new materials
- Next Generation Solar Production Equipment
- Space & Scientific Instrumentation
- Semiconductor Equipment
- Sustainable Chemical Industry
- Expertise groups
- Buildings, Infrastructure & Maritime
- Roadmaps
- Buildings & Infrastructure
- Infrastructure
- Sustainable buildings: towards an energy-producing built environment
- Building innovation
- Greenhouse design
- Digitisation in construction
- Maritime & Offshore
- Expertise groups
- Circular Economy & Environment
- Healthy Living
- Roadmaps
- Health Technology & Digital Health
- Biomedical Health
- Work
- Healthy, safe and productive working
- Safe working
- Sustainable employability vitality
- Future of work
- Cleaner production for textile industry in Bangladesh
- Asbestos innovations and research
- Exposure assessment and management of asbestos fibres
- Innovation and detecting asbestos in air, soil and water
- Technological innovations for applications in the asbestos industry
- Innovative and inclusive regional development
- Applied exposome programme: connecting the dots for effective prevention of disease
- Labour market mismatch demands matching based on skills
- Youth
- Expertise groups
- Traffic & Transport
- Roadmaps
- SMART and Safe Traffic and Transport
- Societal impact for accessibility and liveability
- Decision-making information based on facts for municipalities
- Making disruptive technologies practicable
- Accessible, healthy and vibrant cities
- CITYkeys – Performance evaluation framework for smart cities and projects
- Big data ecosystems: collaborating on data-controlled cities
- Knowledge mediator puts an end to bickering
- Intact – Climate resilient critical infrastructure
- Smart mobility and logistics
- Smart vehicles
- Sustainable Traffic and Transport
- Sustainable Mobility and Logistics
- Improving air quality by monitoring real-world emissions
- Emission factors for road traffic
- Measuring the emissions of powered two wheelers
- Emissions of particulate matter from diesel cars
- Random Cycle Generator
- EnViVer: model traffic flow and emissions
- Measuring real-world emissions with TNO’s Smart Emissions Measurement System (SEMS)
- Measuring the emissions of trucks and buses
- Reducing Greenhouse Gas Emissions in Commercial Road Transport
- Measuring the emissions of non-road mobile machinery
- The transition to CO2-neutral mobility in 2050
- Sustainable Vehicles
- Innovative technologies for zero-emission vehicles
- CO2 reduction by high-efficiency Flex Fuel technology with extremely low emissions
- Actual energy consumption and emissions
- Hydrogen and the fuel cell
- Automotive Battery Research
- Making transport more sustainable by means of electric vehicles
- Making transport more sustainable by means of electric vehicles (1)
- Energy Efficient Electric Bus E3Bus
- eCoMove
- Expertise groups
- Information & Communication Technology
- Strategic Analysis & Policy
Contact
Send question to Mark Buningh BSc
×
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.
Contact
Mark Buningh BSc
Send question to Mark Buningh BSc
×
Your question has been sent.
Sorry! Something unexpected happened. Please try again later.