cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Masahiro
Newcomer III

What document did tell about "black core" first?

NIST SP 800-207 tells that zero trust concept is originated with "black core" as follows.

 

1.1 History of Zero Trust Efforts Related to Federal Agencies

The concept of zero trust has been present in cybersecurity since before the term “zero trust” was coined. The Defense Information Systems Agency (DISA) and the Department of Defense published their work on a more secure enterprise strategy dubbed “black core” [BCORE]. Black core involved moving from a perimeter-based security model to one that focused on the security of individual transactions. The work of the Jericho Forum in 2004 publicized the idea of de- perimeterization—limiting implicit trust based on network location and the limitations of relying on single, static defenses over a large network segment [JERICHO].

 

I found "Global Information Grid Architectural Vision, DoD" defines "black core". But it was published in 2007 when it is after Jericho Forum in 2004.

 

Could you kindly tell me what document did define "black core" first?

 

Best regards,

 

Haneda, Masahiro
Certification: CISSP, CCSP, CCSK, PMP, ITIL Foundation V3
Location: Japan
My LinkedIn Profile
3 Replies
Caute_cautim
Community Champion

Hi @Masahiro   Still digging around, but reference to Black Core in Wikipedia corroberates your discussion. 

https://en.wikipedia.org/wiki/Software-defined_perimeter

 

Looks like someone needs to be in the DoD or DISA archives to pull the information you require on this subject?

 

Any volunteers?

 

Regards

 

Caute_cautim

 

 

 

 

Masahiro
Newcomer III

Thanks, @Caute_cautim 

I have found "Network Centric Warfare" issued by DoD in 2001 told about GIG but not "black core". I guess "GIG Architectural Vision" is the first public document.

 

Best regards,

 

Haneda, Masahiro
Certification: CISSP, CCSP, CCSK, PMP, ITIL Foundation V3
Location: Japan
My LinkedIn Profile
divervenal
Viewer

According to NIST SP 800-207, the zero-trust idea started with the "black core". Before the term "zero trust" was coined, the notion of zero-trust was prevalent in cybersecurity.        thirdle