https://github.com/vm32/advanced-zero-trust-architecture
https://github.com/vm32/advanced-zero-trust-architecture
Last synced: 8 days ago
JSON representation
- Host: GitHub
- URL: https://github.com/vm32/advanced-zero-trust-architecture
- Owner: vm32
- Created: 2024-08-03T12:46:33.000Z (almost 2 years ago)
- Default Branch: main
- Last Pushed: 2024-08-03T12:49:00.000Z (almost 2 years ago)
- Last Synced: 2025-10-30T04:50:35.546Z (8 months ago)
- Language: Python
- Size: 5.86 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
Awesome Lists containing this project
README
# Advanced Zero-Trust Architecture Implementation
# Description
An advanced implementation of Zero-Trust Architecture principles using Python and Flask. This project provides a comprehensive backend system demonstrating key Zero-Trust concepts including continuous authentication, device health monitoring, and granular access control.
This implementation is designed to showcase advanced cybersecurity practices and serve as a foundation for building secure, modern applications. It incorporates industry-standard security measures and provides a platform for further enhancements and customizations.
Important! This is a proof-of-concept implementation. Additional security measures and thorough testing are required before considering production use.
## Key Features
- Advanced user authentication with password strength validation
- Device registration and health monitoring
- Role-based access control (RBAC)
- Continuous verification of user and device identity
- Detailed access logging and monitoring
- Integration with external services for IP reputation checking
- Rate limiting to prevent brute-force attacks
- Modular architecture for easy expansion and maintenance
# Usage
## Prerequisites
- Python 3.8+
- Docker (optional, for containerized deployment)
- Redis (for rate limiting)
## Installation
1. Clone the repository:
```
git clone https://github.com/vm32/advanced-zero-trust-architecture.git
```
2. Install dependencies:
```
pip install -r requirements.txt
```
3. Set up environment variables:
```
export SECRET_KEY='your-secret-key'
export JWT_SECRET_KEY='your-jwt-secret'
export DATABASE_URL='sqlite:///zero_trust_advanced.db'
export REDIS_URL='redis://localhost:6379'
```
4. Initialize the database:
```
flask db upgrade
```
## Running
Start the application:
```
python advanced-zero-trust-architecture.py
```
The server will start on `http://localhost:5000`. Use API testing tools like Postman or curl to interact with the endpoints.
## API Endpoints
- POST /auth/register - Register a new user
- POST /auth/login - Authenticate a user and receive a JWT
- POST /device/register - Register a new device (requires authentication)
- POST /device/health_check - Perform a device health check (requires authentication)
- GET /admin/user_activity - View recent user activity (requires admin role)
## Development and Testing
Run tests:
```
python -m unittest discover tests
```
## Removing
To stop the application, use CTRL+C in the terminal where it's running.
# Contributing
Contributions are welcome! Please feel free to submit a Pull Request.