Context Aware Access - bobbae/gcp GitHub Wiki

https://cloud.google.com/context-aware-access/docs/overview

Envisioned in 2011, the BeyondCorp security model leverages identity and context to evaluate trust for access decisions rather than using the corporate network as the perimeter.

https://www.youtube.com/watch?v=Sq9gp8KBsY0

In the same way that BeyondCorp helped us to evolve beyond a perimeter based security model, BeyondProd represents a similar leap forward in our approach to production security. The BeyondProd approach describes a cloud-native security architecture that assumes no trust between services, provides isolation between workloads, verifies that only centrally built applications are deployed, automates vulnerability management, and enforces strong access controls to critical data. The BeyondProd architecture led Google to innovate several new systems in order to meet these requirements.

BeyondCorp and BeyondProd

https://cloud.google.com/blog/products/identity-security/applying-zero-trust-to-user-access-and-production-services

Zero Trust

Zero Trust is a security concept centered on the belief that organizations should not automatically trust anything inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access.

The philosophy behind a zero trust network assumes that there are attackers both within and outside of the network, so no users or machines should be automatically trusted.