Zero Trust security model permits to secure cloud native applications while encrypting all network communication, authenticating, and authorizing every request. The service mesh can enable Zero Trust using a side-car proxy without changes to the application code. To the best of our knowledge, no previous work has provided a performance analysis of Zero Trust in a multi-cloud environment. This paper proposes a multi-cloud framework and a testing workflow to analyze performance of the data plane under load and the impact on the control plane, when Zero Trust is enabled. The results of preliminary tests show that Istio has reduced latency variability in responding to sequential HTTP requests. Results also reveal that the overall CPU and memory usage can increase based on service mesh configuration and the cloud environment.

中文翻译：

---

零信任多云的性能分析

零信任安全模型允许在加密所有网络通信，认证和授权每个请求的同时保护云本机应用程序的安全。服务网格可以使用边车代理启用零信任，而无需更改应用程序代码。据我们所知，在多云环境中，以前的工作都没有对“零信任”进行性能分析。本文提出了一个多云框架和一个测试工作流程，以分析启用零信任时负载下数据平面的性能以及对控制平面的影响。初步测试的结果表明，Istio在响应顺序HTTP请求时减少了延迟差异。结果还显示，基于服务网格配置和云环境，总体CPU和内存使用量可能会增加。