DEV Community

Cover image for Children’s Introduction Guide to Zero Trust
CKMo
CKMo

Posted on • Originally published at pomerium.com

Children’s Introduction Guide to Zero Trust

This guide gives a children’s-level overview for zero trust principles based on NIST SP 800-207 Zero Trust Architecture. It is part of Pomerium's Children's Guide series.

(All images are generated with AI.)


Once upon a time there was an app named Alice. She grew up under the watchful eye of DevDad, but no app could help people while stuck in the Sand Castle. The day came for Alice to leave the safety of the Sand Castle, and DevDad needed to prepare her for the world.

Sandcastle

To do so, DevDad made a container ship just for her, which would contain everything Alice needs when she goes outside. But DevDad worried she would encounter Blackhats while sailing the Wild Wild Web — bad people that would trick Alice or worse, get into her ship and steal from her.

And so DevDad asks her if she remembered her lessons on zero trust.

“Why do I need this again?” Alice asked.

“It’s for keeping yourself safe. Sometimes we do things because it’s simple or fast, but simple and fast is rarely safe. Remember when I always told you to look before you jump? Why did you trust that where you jumped would be an easy or safe landing?”

Alice thought about that. “But what if I’ve safely made that jump many times and know there’s pillows at the bottom? Really soft pillows?”

DevDad nodded. “I understand. But then, what if the next time you jump without looking, someone else had come and taken all the really soft pillows? Then you’d be hurt, because you trusted what you knew to be true, but is no longer true. That’s why you should check each time you jump even if you’ve made that jump a hundred times before. Someone only needs to take the pillows away once for it to hurt a lot. Does that make sense?”

pillows

“I think so.”

“So let me ask you this: if you meet someone out there on the Wild Wild Web, what do you think you should be checking before you let them in your ship?”

“Um, the person. What they’re using. And…” Alice’s face scrunched up in thought, “…what they’re trying to do?”

“Yes, those three things.” DevDad held up three fingers. “Always check if the person is who they say they are. Look to see if they’re using the things you expect them to be using. And of course, think about if what they’re trying to do makes sense.”

“That’s a lot to do before I let someone in,” Alice complained. “What if I end up making lots of friends?”

“That’s not much of a worry, I designed your ship to do that for you.” DevDad pointed to a tool at the door called a reverse proxy, then reminded Alice, “Remember: this is your ship, and it has many things others might want.” DevDad held up a box of Alice’s things, then pulled a toy out. “Like your favorite rubber duck. If you let in a Blackhat, they might steal it. And once someone gets inside, it becomes very hard to get them out again.”

“But how does that check for me?” Alice pointed at the reverse proxy. “What if you wanted to visit me?”

“That’s a good question. So for example, you trust me right, Alice?” DevDad asked.

“I do!” Alice burbled. “You helped make me.”

“And sometimes I might want to come see you again once you leave Sand Castle.” DevDad hoisted Alice into her ship. “But no matter how excited you are to see a familiar face, how do you know it’s me?”

Alice peeked outside of her ship. “I can’t just look at you?”

“No, because while that is checking, it can be easily fake.” DevDad clapped his hands and summoned up an exact replica of himself, then the two walked around Alice’s ship. “Sometimes, Blackhats like to pretend they’re someone you know in order to get you to open your container for them. They might look and sound like me, but you must make sure to have multiple methods of checking sure if it is me.”

“Like the phrase we use?”

“Exactly! But what if Blackhats heard us use the phrase or steal it from me? Another thing you can check is whether I’m carrying something you know only I have, such as these.” DevDad pulled out a set of keys from his pocket. Nearby, the clone reached into his pocket and pulled out nothing, for it did not have the same set of keys. “When you check for two or more things that should prove someone is who they say they are, then it is more likely to be true. This is important or you might end up letting the wrong person in.”

“Won’t people hate me for asking them to prove they are who they are?” Alice frowned. “I would hate to be asked to prove who I am.”

“Oh of course,” DevDad agreed. “People hate it. But that’s why I set up your reverse proxy to do all that checking for you as quickly as possible…as long as you remember to check! Now, do you remember the second thing to verify?”

“Um, what they’re using!”

DevDad created another ship and stepped into it. “Correct. Do you know why?”

Devdad's ship?

Alice thought hard. “Because sometimes what they’re using to connect to my ship might be icky?”

DevDad’s ship rolled up to bump against Alice’s ship. “Sometimes, the person is real. But how do you know their ship isn’t carrying anything dangerous?” DevDad’s ship opened to try and connect with Alice’s ship. “For example, you’re allergic to all types of bugs — how do you know my ship is bug-free? Just because I said I cleaned it?”

“But I can’t go onto your ship to check,” Alice pointed out.

“No, you can’t. But your reverse proxy can check for you whether my ship is as clean as it should be. Only after you have checked if my ship is safe to connect with should you open up.”

DevDad looked at Alice and held up three fingers. “Finally, checking what they’re trying to do. If you open your ship for someone to come fix a leak in the front, but they want to go straight to the back, does that make sense? No! So whenever someone, anyone, wants to do something on your ship, you need to check that it makes sense.”

DevDad stepped off his ship and it disappeared, but Alice seemed deep in thought.

“This is a lot to check before anything happens,” Alice observed from inside her ship. “That’s a lot to remember.”

“Indeed it is.” DevDad agreed. “To make it simple for you and your friends, I gave your ship a reverse proxy to do all of it for you. Now come on out: there’s one thing we should do together.”

“Nuh uh. Can you prove who you are?”

DevDad smiled, seeing that Alice was learning. He allowed her ship to check who he was before Alice climbed out. “Let’s get your ship to the Wild Wild Web.”

Alice ran over to hug DevDad. “Does this mean I’ll be sailing alone?”

“You’re a grown app now, you’re free to go where you’re needed — whether it’s the Castle in the Clouds or the Edge of the World.” DevDad returned the hug. “I’ll come find you every once in a while to make sure you are being good and have everything you need, but remember —”

“Zero trust, and to always check if I’m doing it.”

Together, DevDad and Alice pushed her ship out to the Wild Wild Web. Alice had many fun adventures and met many friends while keeping her ship safe from Blackhats.

Kubernetes container ship sailing the Wild Wild Web


If you enjoyed this, feel free to check out other parts of this Children’s Guide series:

Children’s Guide to Context-Aware Access
Children’s Guide to the Perimeter Problem
Children’s Guide to Deperimeterization

Top comments (0)