This project demonstrates the core principles of Zero Trust Architecture (ZTA) applied to a Critical Infrastructure (CI) scenario. As a Security Architect for the Golden State Water Treatment Facility, I designed a policy profile to protect sensitive Human Resources PII data.
- Component Definition: Defining the roles of the Policy Engine (PE), Policy Administrator (PA), and Policy Enforcement Point (PEP).
- Verify Explicitly: Applying the core ZT principle that requires continuous verification of every access request, regardless of network location.
- Signal Evaluation: Creating a policy table that uses Identity, Device Posture, and Network Context as signals for the Policy Engine.
ZT-Policy-Profile.md: The complete policy documentation and definitions.proof.png: Screenshot verification of the local development environment.