INITECH, a company specializing in information security, announced on June 26 that it has been selected as the final participant in the "2025 Zero Trust Pilot Project" by the Korea Internet & Security Agency (KISA).
The company has set a goal to lead the next-generation zero trust architecture demonstration for protecting AI-based cloud environments and to spearhead the "K-Zero Trust" initiative. The pilot project aims to establish a new standard for cloud security in the AI era.
The core objective of the pilot project is "AI cloud infrastructure protection." This is a significant national-level demonstration project designed to proactively detect and defend against security vulnerabilities in cloud infrastructures where AI services are actively operated. The INITECH consortium will implement all key elements of the zero trust security model using purely domestic technologies, which is significant in establishing a foundation for genuine localization.
As the lead company, INITECH will provide the core technology for integrated authentication and policy-based access control (ICAM-PDP), playing a pivotal role in solidifying the trust foundation between users and systems. Through this, INITECH will thoroughly implement the fundamental zero trust principle of "never trust, always verify" even in AI cloud environments.
The pilot project involves a consortium of various domestic security companies. Astron Security will provide real-time threat detection and visibility for dynamic assets such as cloud-native environments and containers through its Cloud Native Application Protection Platform (CNAPP) technology. PNP Secure will strictly enforce the principle of least privilege in internal data access using its expertise in database and system access control technology and zero-touch authentication. QBT Security will enhance endpoint-level threat response capabilities with its endpoint-based anomaly detection and control technology.
SK Telecom will participate as a demand institution, contributing to verifying and enhancing the effectiveness of security in actual AI cloud operating environments. SK Telecom will utilize its existing XDR (Extended Detection and Response) solutions and plans to transfer technology in the future, participating as an active partner rather than merely as a demand institution.
Under the core zero trust principle of "Never Trust, Always Verify," INITECH presents as key values: enhanced authentication systems, micro-segmentation, software-defined perimeter (SDP), and continuous, intelligent, and automated integration and visibility. Through these, the company aims to improve response to security attacks, prevent insider threats, strengthen data protection, as well as enhance business agility and operational efficiency.
The core of INITECH's zero trust architecture is the integrated Identity, Credential, and Access Management (ICAM) platform. This platform manages user identity, credentials, and access, centering on Policy Decision Point (PDP) and Policy Enforcement Point (PEP) functions, and is integrated with Software Defined Perimeter (SDP), CNAPP, and Extended Detection and Response (XDR). The integrated PDP features a logical structure that automatically determines policies through access conditions and trust evaluations, and allows flexible policy settings via a workflow-based visual user interface (UI).
INITECH plans to lead future security technologies based on its zero trust solution. The company will implement DevSecOps for software development security in cloud-native environments and apply Post-Quantum Cryptography (PQC) technology to communication channels, thereby further strengthening user authentication, endpoint security, application and service protection, and data transmission security.
Yoo Byungjae, Executive Director and General Project Manager at INITECH, stated, "The KISA Zero Trust demonstration project is an important national milestone to meet the advanced security requirements of AI cloud environments." He added, "We will do our utmost to ensure that the zero trust architecture, completed with domestic technology, becomes the standard for enhancing security levels in public, financial, and private cloud sectors."
© The Asia Business Daily(www.asiae.co.kr). All rights reserved.
