Zero-Trust-Based Access Control in a Multi-Layered and Micro-Segmented Network Infrastructure

dc.contributor.authorEskelinen, Jesse
dc.contributor.departmentfi=Tietotekniikan laitos|en=Department of Computing|
dc.contributor.facultyfi=Teknillinen tiedekunta|en=Faculty of Technology|
dc.contributor.studysubjectfi=Tietotekniikka|en=Information and Communication Technology|
dc.date.accessioned2026-06-15T19:32:23Z
dc.date.issued2026-06-02
dc.description.abstractThe cybersecurity field is constantly evolving alongside different technological ad vances in products designed for purposes such as asset protection. Although ad vances in technology are present and different frameworks and standards are created, organizations might not be confident in implementing concepts in more complex environments. Zero-trust is one of these concepts and, more specifically, zero-trust based access control. This thesis investigates how an organization could approach zero-trust-based access control solutions in complex environments that topologically consist of multiple lay ers and micro-segmented networks. The main focus is on how zero-trust-based access control can be designed for different access scenarios in this type of environment and how the designs can be implemented. To get insight into how this type of implementation can be done, a case study was carried out in which a generalized design was first introduced for zero-trust-based access control and then the said design was tailored to different access scenarios with the existing firewall solution in mind. Due to existing firewall solutions, a good base was already present in the environment for this type implementation, but the designs are still adaptable to other environments. After the designs were implemented in the case study, validation was performed through which it was deemed that the implementation was effective in securing traffic. As no major issues were observed during the case study, it can be deemed that it is not difficult to implement this type of solution. Overall, since the case study was a success and was carried out in a complex environment, it shows that organizations can move towards zero-trust-based access control even in complex environments. In conclusion, the thesis explores a well-known concept through a case study and proves through practical tests and a literature review that organizations can imple ment such a concept. The thesis additionally acknowledges that further research is possible through different scaling methods, which can lead to further validation.
dc.format.extent74
dc.identifier.urihttps://www.utupub.fi/handle/11111/61995
dc.identifier.urnURN:NBN:fi-fe2026061569958
dc.language.isoeng
dc.rightsfi=Julkaisu on tekijänoikeussäännösten alainen. Teosta voi lukea ja tulostaa henkilökohtaista käyttöä varten. Käyttö kaupallisiin tarkoituksiin on kielletty.|en=This publication is copyrighted. You may download, display and print it for Your own personal use. Commercial use is prohibited.|
dc.rights.accessrightsavoin
dc.subjectidentity
dc.subjectnetworking
dc.subjectmicro-segmentation
dc.subjectOSI
dc.subjectinfrastructure
dc.subjectfirewalls
dc.subjectlayering
dc.subjectzero-trust
dc.titleZero-Trust-Based Access Control in a Multi-Layered and Micro-Segmented Network Infrastructure
dc.type.ontasotfi=Diplomityö|en=Master's thesis|

Tiedostot

Näytetään 1 - 1 / 1
Ladataan...
Name:
Eskelinen_Jesse_Thesis.pdf
Size:
3.36 MB
Format:
Adobe Portable Document Format