Zero Trust Architecture
Level 1 (Concept) — Security model across TazLab layers.
Concept
TazLab enforces a Zero Trust security model across all layers: operator environment (TazPod), mesh networking (Tailscale), secrets management (Vault), and cluster workloads (Kubernetes). No component implicitly trusts another.
Implementation by Layer
| Layer | Zero Trust Mechanism |
|---|---|
| Tailscale | Tag-based ACL, OAuth-based ephemeral auth keys, no persistent pre-shared keys |
| TazPod vault | AES-256-GCM encrypted archive, RAM-only decryption, PBKDF2 key derivation |
| Vault runtime | TLS mutual auth, scoped tokens with policies, audit logging |
| Kubernetes | ExternalSecrets (no plaintext), NetworkPolicies, RBAC, ForwardAuth middleware |
| Operator | Secrets never in git, machine identity via Infisical OAuth, SSH keys per runtime |
Key Principles
- No implicit trust: Every access decision requires authentication and authorization
- Least privilege: ACLs and Vault policies grant minimum required access
- Ephemeral credentials: Short-lived auth keys (1h TTL) rather than long-lived tokens
- Defense in depth: Network ACLs + application auth + encryption at rest + encryption in transit
See Also
- Topic: Secret Flow
- Entity: Vault Security
- Topic: Tailnet Security