In the context of zero-trust architecture, what is a term used to describe devices like laptops and desktops?

In the context of zero-trust architecture, the term used to describe devices like laptops and desktops is "subject." This term refers to any entity that can be authenticated and authorized to access resources within a system, including users, devices, and applications. In a zero-trust model, subjects must continuously verify their identity and the security posture of their devices before accessing any resources, which helps mitigate security threats.

The focus on subjects in zero-trust architecture emphasizes that every request for access must be treated as if it originates from an open network. This approach is a key component of zero-trust principles, which insists on proper authentication, strict access controls, and consistent monitoring of all entities, including users and their devices.

This definition differentiates subjects from other concepts in security architecture such as nodes, which generally refer to points of connection within a network, or agents, which can refer to software components that perform actions on behalf of a user or virtual entity but do not specifically denote physical devices. Understanding the role of subjects is crucial for implementing effective zero-trust security policies.