ediverse Explore the platform

Spotlight PEPPOL BIS Billing 3.0 The EU e-invoicing mandate is here — France Sept 2026, Belgium Jan 2026, Germany 2025.

Zero Trust Architecture

"Never trust, always verify." No more trust zone — every connection is treated as if it came from the internet, even when it does.

Problem

The "castle-and-moat" model (perimeter firewall → trusted internal network) collapses in the cloud / SaaS / external partner world. An attacker who gains internal access (employee phishing, compromised container, supply chain) moves freely. Major breaches (Target 2013, OPM 2015, SolarWinds 2020) all exploited a porous perimeter.

Forces

  • The network perimeter has disappeared (cloud, BYOD, partners, SaaS).
  • Insider (or insider-compromise) attackers are increasingly common.
  • End-to-end encryption is now cheap (mTLS, JWT, OIDC).
  • The cost of granular policy ("who can do what") is now sustainable thanks to modern IDPs.
  • NIST SP 800-207 (August 2020) formalises principles for US federal agencies; OMB M-22-09 (2022) makes it mandatory.

Solution

Every access goes through a Policy Enforcement Point (PEP) that consults a Policy Decision Point (PDP) on each request. The decision is based on identity (user + device + workload), the requested resource attribute, and context (time, geolocation, risk level). The connection is always encrypted (mTLS, TLS 1.3). Identity is strong (MFA, device-bound certificates). Authorisation is minimal and instantly revocable. Network micro-segmentation reinforces this on the infrastructure side.

Seven NIST pillars

  1. All data sources and services are resources.
  2. All communications are secured, regardless of network location.
  3. Access granted per session, with least privilege.
  4. Access determined by dynamic policy (identity, device posture, behaviour).
  5. Posture monitoring and integrity measurement of all assets.
  6. Dynamic authentication and authorisation before each access.
  7. Granular log collection to feed policy improvement.

EDI implementation

An EDI hub exposes AS2/AS4/SFTP endpoints to hundreds of partners. Under Zero Trust: (a) mTLS on every endpoint, with per-partner certificates (90-day rotation); (b) per-partner access policies — Walmart can only send INVOICs, Stellantis only DESADVs; (c) monitoring of unusual patterns (10x volume, abnormal hours) with automatic quarantine; (d) ZTNA for admin access (BeyondCorp / Cloudflare Access / Tailscale) — no more VPN-perimeter. Consequence: a compromised partner certificate only grants access to that partner's own flows.

Anti-patterns

  • "Zero Trust" as marketing label while keeping a single perimeter firewall — security theatre.
  • Static policies with no context (time, geolocation, risk score) — too-coarse granularity.
  • Centralised non-replicated PEP — SPOF.
  • Logs without retention or analysis — feedback loop broken.
  • All-or-nothing adoption — leaving exploitable "legacy non-ZT" pockets.

Sources

  • NIST SP 800-207 — Zero Trust Architecture, August 2020. NIST SP 800-207 PDF
  • Google BeyondCorp — A New Approach to Enterprise Security. research.google/pubs/pub43231/
  • Kindervag J. — No More Chewy Centers: Introducing The Zero Trust Model of Information Security, Forrester 2010.
  • OMB M-22-09 — Federal Zero Trust Architecture Strategy, January 2022.