Information Technology (IT) security approaches traditionally attempt to translate perimeter-based security from locked doors, badges, and guns, to firewalls and digital access control policies. But this only works on localized IT systems. The state-of-art demonstrated how unsuited this approach becomes to security in federated, multi-party, cloud-based simulation environments. Neglecting security controls within such an infrastructure may leave open chances of misbehaviour and “honest but curious” behaviour. Without internal security controls, parties in the simulation may be able to gather far more details than they should. For instance, a simulation component that subscribes to more simulation data then absolutely required for a correct and valid interoperation with other components. Or a component that attempts to create responses from other components by publishing more simulation data than necessary. In other words, a traditional perimeter-based security approach to a federated cloud-based simulation environment may allow any component to easily exfiltrate (falsify, disrupt) information.

In recent years the Zero Trust approach to cybersecurity has gained increasing momentum, pushing the philosophy of “never trust, always verify”, and “assume compromise”. In essence, Zero Trust mandates that proof of trustworthiness cannot be derived from simply accessing an environment: it must be possible to verify to the most risk-relevant extent possible that processes and entities can be trusted continuously and according to a dynamic context.

This paper explores the application of Zero Trust approaches in the context of security in cloud-based simulation. We describe a framework to tailor Zero Trust concepts to the design and implementation of security functions in a simulation environment, and demonstrate the use of the framework by implementing security controls in an HLA-based simulation environment.

Keywords
CLOUD COMPUTING;DISTRIBUTED;HLA;M&S AS A SERVICE;SECURITY

Additional Keywords
ZERO TRUST, FEDERATED SIMULATION