| Title | BYOZ: Protecting BYOD Through Zero Trust Network Security |
| Publication Type | Conference Paper |
| Year of Publication | 2022 |
| Authors | Anderson, John, Huang, Qiqing, Cheng, Long, Hu, Hongxin |
| Conference Name | 2022 IEEE International Conference on Networking, Architecture and Storage (NAS) |
| Date Published | oct |
| Keywords | authentication, Authorization, BYOD, Companies, Continuous Authentication, COVID-19, human factors, Metrics, Network security, network security policy, Pandemics, privacy, pubcrawl, Resiliency, Scalability, security policies, zero trust |
| Abstract | As the COVID-19 pandemic scattered businesses and their workforces into new scales of remote work, vital security concerns arose surrounding remote access. Bring Your Own Device (BYOD) also plays a growing role in the ability of companies to support remote workforces. As more enterprises embrace concepts of zero trust in their network security posture, access control policy management problems become a more significant concern as it relates to BYOD security enforcement. This BYOD security policy must enable work from home, but enterprises have a vested interest in maintaining the security of their assets. Therefore, the BYOD security policy must strike a balance between access, security, and privacy, given the personal device use. This paper explores the challenges and opportunities of enabling zero trust in BYOD use cases. We present a BYOD policy specification to enable the zero trust access control known as BYOZ. Accompanying this policy specification, we have designed a network architecture to support enterprise zero trust BYOD use cases through the novel incorporation of continuous authentication & authorization enforcement. We evaluate our architecture through a demo implementation of BYOZ and demonstrate how it can meet the needs of existing enterprise networks using BYOD. |
| DOI | 10.1109/NAS55553.2022.9925513 |
| Citation Key | anderson_byoz_2022 |
BYOZ: Protecting BYOD Through Zero Trust Network Security