Quantum mechanics offers numerous mysteries to ponder for laypeople and physicists alike, but none of these mysteries is more popular among the general public as the famous Schrödinger’s cat experiment. Conceived by Austrian physicist Erwin Schrödinger in 1935, the thought experiment used a hypothetical feline to illustrate a curious state known as a quantum superposition—with the cat being dead and alive at the same time. John von Neumann, who was regarded as the greatest mathematician of his time, argued that “the entire physical universe could be made subject to the Schrödinger equation (the universal wave function). He also described how measurement could cause a collapse of the wave function”—the very act of observation changing its subject—going from “I am not here” to “here I am” in an instance.
In its early days, IT systems security architecture drew inspiration from the high walls, deep moats, and strong-and-heavy gates of ancient Roman fortifications and medieval castles. Internet technologies, which led to opening up organizational security perimeter, made digital fortifications vulnerable. Since opening up their digital perimeter to the internet, organizations found themselves in the constant uphill race toward a new summit of systems security.
Zero Trust Architecture (ZTA) is an emerging security model that promises to give organizations an upper hand in their fight against increasingly sophisticated digital adversaries and threats. ZTA model assumes that every component of the system can be hostile. The supporting system that makes ZTA work is called the control plane, “while most everything else is referred to as the data plane, which the control plane coordinates and configures. Requests for access to protected resources are first made through the control plane, where both the device and user must be authenticated and authorized” (see Zero Trust Networks by Evan Gilman).
In essence, the automated adaptable control plane system plays the role of the quantum state observer whose intelligent authentication and authorization functions (a.k.a. measurement) determine if a ZTA system is “collapsed” into letting one in or not. Modern cloud infrastructure already enables virtualization or, given the context of our discussion, quantumization, of all but one component of the cloud system architecture—the system entry point locators, the IP addresses, which are used in conjunction with the DNS, to pinpoint the location of system components and facilitate data communication among them. The relatively slow convergence of the traditional DNS make any changes in IP assignments sticky. Yet we find ourselves just four steps away from a true Quantum Zero Trust Architecture (QZTA):
- We need to add another element—the Dynamic DNS, which has been around since 1997.
- We must hand over the control of the externally facing as well as internal (cloud infrastructure) DDNS mappings and DHCP IP lease assignments to the intelligent automated control plane component of the QZTA.
- The Time to Live (TTL) of the DDNS records and DHCP leases should be reduced to accommodate the highly dynamic nature of the system.
- In addition to its access control functions, the control plane component should also be able to perform automated provisioning and auto-scaling to shift the location, composition, and capacity of the system components within predefined parameters.
Once complete, the highly secure resilient auto-scalable system infrastructure we end up with has the ability to literally materialize in an instant for authorized users and systems and “vanish into the cloud” the very next moment for those to whom the control plane denies access.