{"id":4494,"date":"2025-09-24T08:14:28","date_gmt":"2025-09-24T06:14:28","guid":{"rendered":"https:\/\/cybernemo.eu\/?p=4494"},"modified":"2025-09-25T11:50:58","modified_gmt":"2025-09-25T09:50:58","slug":"bringing-trust-to-cybernemo-the-notary-component-for-ztna","status":"publish","type":"post","link":"https:\/\/cybernemo.eu\/index.php\/2025\/09\/24\/bringing-trust-to-cybernemo-the-notary-component-for-ztna\/","title":{"rendered":"Bringing trust to Cybernemo: The Notary component for ZTNA"},"content":{"rendered":"\n<div style=\"height:29px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n\n\n\n<p>In CyberNEMO, we\u2019re building a Zero Trust Network Access (ZTNA) solution where every access decision is based on verifiable evidence. One of the core building blocks of this architecture is the Notary component, powered by our Transparent Notary Service (TNS).<\/p>\n\n\n\n<p><strong>What is the Transparent Notary Service (TNS)?<\/strong><\/p>\n\n\n\n<p>The TNS is essentially a <strong>digital notary for network evidence<\/strong>. Its job isn\u2019t to decide whether a piece of evidence is good or bad, but to make sure that once evidence is registered, it stays <strong>immutable, timestamped, and cryptographically verifiable<\/strong>.<\/p>\n\n\n\n<p>The TNS uses a lightweight append-only ledger. Each signed statement (such as a configuration attestation, event log, or policy proof) is stored in an immutable data structure like a Merkle tree. This allows anyone to verify inclusion and consistency without having to trust the notary itself.<\/p>\n\n\n\n<p><strong>How it works<\/strong><\/p>\n\n\n\n<ol>\n<li>Issuers sign statements using IETF\u2019s COSE (CBOR Object Signing and Encryption) with algorithms like ECDSA or EdDSA.<\/li>\n\n\n\n<li>The Notary logs the statement, storing it in the append-only ledger.<\/li>\n\n\n\n<li>A receipt is generated that acts as proof of inclusion<\/li>\n\n\n\n<li>A Transparent Statement is generated including the original statement along with its receipt<\/li>\n\n\n\n<li>Relying parties can verify the statement\u2019s authenticity and timestamp independently using the TNS public key<\/li>\n<\/ol>\n\n\n<div class=\"wp-block-image\">\n<figure class=\"aligncenter size-full is-resized\"><img loading=\"lazy\" decoding=\"async\" width=\"1204\" height=\"739\" src=\"https:\/\/cybernemo.eu\/wp-content\/uploads\/2025\/09\/cybernemo-blue-tank-.jpg\" alt=\"\" class=\"wp-image-4516\" style=\"width:782px;height:auto\" srcset=\"https:\/\/cybernemo.eu\/wp-content\/uploads\/2025\/09\/cybernemo-blue-tank-.jpg 1204w, https:\/\/cybernemo.eu\/wp-content\/uploads\/2025\/09\/cybernemo-blue-tank--300x184.jpg 300w, https:\/\/cybernemo.eu\/wp-content\/uploads\/2025\/09\/cybernemo-blue-tank--1024x629.jpg 1024w, https:\/\/cybernemo.eu\/wp-content\/uploads\/2025\/09\/cybernemo-blue-tank--768x471.jpg 768w, https:\/\/cybernemo.eu\/wp-content\/uploads\/2025\/09\/cybernemo-blue-tank--600x368.jpg 600w\" sizes=\"(max-width: 1204px) 100vw, 1204px\" \/><\/figure><\/div>\n\n\n<p>This design ensures that if someone tries to tamper with evidence or hide a log entry, it becomes immediately detectable.<\/p>\n\n\n\n<p><strong>Why this matters for ZTNA<\/strong><\/p>\n\n\n\n<p>ZTNA is all about \u201cnever trust, always verify.\u201d But verification needs to be trustworthy too. By introducing a tamper-evident, verifiable notary into CyberNEMO, we:<\/p>\n\n\n\n<ul class=\"ul-custom\">\n \t<li>\n<p lang=\"en-GB\">Create strong audit trails for security events.<\/p>\n<\/li>\n \t<li>\n<p lang=\"en-GB\">Improve accountability and compliance by preserving evidence.<\/p>\n<\/li>\n \t<li>\n<p lang=\"en-GB\">Allow independent verification of access decisions without centralizing\ntrust.<\/p>\n<\/li>\n<\/ul>\n\n\n\n<p>In other words, the Notary helps make our Zero Trust architecture provably trustworthy.<\/p>\n\n\n\n<div style=\"height:100px\" aria-hidden=\"true\" class=\"wp-block-spacer\"><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In CyberNEMO, we\u2019re building a Zero Trust Network Access (ZTNA) solution where every access decision is based on verifiable evidence. One of the core building blocks of this architecture is the Notary component, powered by our Transparent Notary Service (TNS). &hellip;<\/p>\n","protected":false},"author":4,"featured_media":4513,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"rank_math_lock_modified_date":false,"_mi_skip_tracking":false,"footnotes":""},"categories":[17],"tags":[],"cc_featured_image_caption":{"caption_text":"","source_text":"","source_url":""},"_links":{"self":[{"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/posts\/4494"}],"collection":[{"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/comments?post=4494"}],"version-history":[{"count":2,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/posts\/4494\/revisions"}],"predecessor-version":[{"id":4517,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/posts\/4494\/revisions\/4517"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/media\/4513"}],"wp:attachment":[{"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/media?parent=4494"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/categories?post=4494"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/cybernemo.eu\/index.php\/wp-json\/wp\/v2\/tags?post=4494"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}