ztLang : A Modelling Language for Zero Trust Networks

Abstract: This work explores how zero trust architectures can be modelled in order to assess and improve network security. Cyber attacks are severely damaging and costly, and the frequency of such attacks continues to increase. Improving network security is imperative for preempting such attacks. Zero trust is a novel paradigm in network design that improves network security by requiring a trust evaluation on every network access of a protected resource. Data science research methodologies were employed in order to develop a new modelling language for the zero trust domain. This language was developed using the Meta Attack Language, which is a new framework for developing network modelling languages. Modelling languages for domains such as AWS and smart car systems have already been developed using MAL, but no such language previously existed for zero trust. This paper presents a new zero trust modelling language and discusses how well suited MAL is for the purpose of modelling zero trust networks. Based on our results we conclude that MAL shows promise for modelling enterprise level zero trust networks, however MAL is restricted in its capabilities. Therefore, other means of modelling zero trust architectures should be explored.