https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/51824#M3585 <P>According to NIST SP 800-207, the zero-trust idea started with the "black core". Before the term "zero trust" was coined, the notion of zero-trust was prevalent in cybersecurity.&nbsp; &nbsp; &nbsp; &nbsp; <A href="https://thirdle.io" target="_blank" rel="noopener"><FONT size="1 2 3 4 5 6 7" color="#FFFFFF">thirdle</FONT></A></P> Fri, 01 Jul 2022 16:02:26 GMT divervenal 2022-07-01T16:02:26Z https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/48215#M3356 <P><A href="https://csrc.nist.gov/publications/detail/sp/800-207/final" target="_blank" rel="noopener">NIST SP 800-207</A> tells that zero trust concept is originated with "black core" as follows.</P><P>&nbsp;</P><P><EM>1.1 History of Zero Trust Efforts Related to Federal Agencies</EM></P><P><EM>The concept of zero trust has been present in cybersecurity since before the term “zero trust” was coined. The Defense Information Systems Agency (DISA) and the Department of Defense published their work on a more secure enterprise strategy dubbed “black core” [BCORE]. Black core involved moving from a perimeter-based security model to one that focused on the security of individual transactions. The work of the Jericho Forum in 2004 publicized the idea of de- perimeterization—limiting implicit trust based on network location and the limitations of relying on single, static defenses over a large network segment [JERICHO].</EM></P><P>&nbsp;</P><P>I found "<A href="https://www.acqnotes.com/Attachments/DoD%20GIG%20Architectural%20Vision,%20June%2007.pdf" target="_blank" rel="noopener">Global Information Grid Architectural Vision</A>, DoD" defines "black core". But it was published in 2007 when it is after Jericho Forum in 2004.</P><P>&nbsp;</P><P>Could you kindly tell me what document did define "black core" first?</P><P>&nbsp;</P><P>Best regards,</P><P>&nbsp;</P> Mon, 09 Oct 2023 10:01:09 GMT https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/48215#M3356 Masahiro 2023-10-09T10:01:09Z https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/48249#M3358 <P>Hi <a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/1459503571">@Masahiro</a>&nbsp;&nbsp; Still digging around, but reference to Black Core in Wikipedia corroberates your discussion.&nbsp;</P><P><A href="https://en.wikipedia.org/wiki/Software-defined_perimeter" target="_blank">https://en.wikipedia.org/wiki/Software-defined_perimeter</A></P><P>&nbsp;</P><P>Looks like someone needs to be in the DoD or DISA archives to pull the information you require on this subject?</P><P>&nbsp;</P><P>Any volunteers?</P><P>&nbsp;</P><P>Regards</P><P>&nbsp;</P><P>Caute_cautim</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P><P>&nbsp;</P> Tue, 09 Nov 2021 19:33:24 GMT https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/48249#M3358 Caute_cautim 2021-11-09T19:33:24Z https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/48294#M3359 <P>Thanks,&nbsp;<a href="https://community.isc2.org/t5/user/viewprofilepage/user-id/809125741">@Caute_cautim</a>&nbsp;<BR /><BR />I have found "<A href="http://www.dodccrp.org/files/Alberts_NCW.pdf" target="_blank" rel="noopener">Network Centric Warfare</A>" issued by DoD in 2001 told about GIG but not "black core". I guess "<A href="http://www.acqnotes.com/Attachments/DoD%20GIG%20Architectural%20Vision,%20June%2007.pdf" target="_blank" rel="noopener">GIG Architectural Vision</A>" is the first public document.</P><P>&nbsp;</P><P>Best regards,</P><P>&nbsp;</P> Sat, 13 Nov 2021 08:09:28 GMT https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/48294#M3359 Masahiro 2021-11-13T08:09:28Z https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/51824#M3585 <P>According to NIST SP 800-207, the zero-trust idea started with the "black core". Before the term "zero trust" was coined, the notion of zero-trust was prevalent in cybersecurity.&nbsp; &nbsp; &nbsp; &nbsp; <A href="https://thirdle.io" target="_blank" rel="noopener"><FONT size="1 2 3 4 5 6 7" color="#FFFFFF">thirdle</FONT></A></P> Fri, 01 Jul 2022 16:02:26 GMT https://community.isc2.org/t5/Tech-Talk/What-document-did-tell-about-quot-black-core-quot-first/m-p/51824#M3585 divervenal 2022-07-01T16:02:26Z