Zero trust

Definition

Zero trust is an architectural approach that replaces classical perimeter security. Trust is no longer inferred from network position; instead, identity, device, context, and risk are evaluated on every single request. The core principles are explicit verification, least-privilege access, and assuming breach. NIST formalizes zero trust in Special Publication 800-207.

How Swiss Knowledge Hub uses this term

Swiss Knowledge Hub follows zero-trust principles: authentication is mandatory for every request, fine-grained roles are managed through Membership/WorkspaceMember/CustomRole, selected fields use field-level encryption, tenants are isolated, and access is captured in audit logs. A SAML/OIDC SSO integration is not part of the standard scope at this time.

Related terms

• OpenID Connect / SAML SSO
• Field-level encryption
• Audit log
• Compliance frameworks (ISO 27001, SOC 2)

Sources

1. NIST SP 800-207 — Zero Trust Architecture — https://csrc.nist.gov/publications/detail/sp/800-207/final