ArticlePDF Available

Abstract

Traditional-based security models are a threat to information security; they have been regarded as weak and ineffective to meet the dynamics of information system trust. An emerging framework, Zero Trust Architecture (ZTA) seeks to close the trust gap in information security through enforcing policies based on identity and continuous authentication and verification. This framework is built on several trust nodes and logical components that attempt to close the trust gap that exists in an information system. The adoption of this framework is still in its teething stage which is a result of several misleading deductions and assumptions. We attempt to explore the intricacies in the framework and close the existing knowledge gap. we surveyed the literature on ZTA and provided a foundational discussion on its implementation and effectiveness from prior studies. while we do not critique other models, this paper studied the strength and variables of the zero-trust security architecture and attempt to provide an overview of the model and close the knowledge gap on the effectiveness of adopting a Zero trust philosophy.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
Manuscript Received: 22 May 2022, Received in Revised form: 27 June 2022, Accepted: 01 July 2022 DOI: 10.46338/ijetae0722_15
140
Zero Trust Architecture: Trend and Impact on Information
Security
Onome Christopher EDO1, Theophilus Tenebe2, Egbe-etu Etu2, Atamgbo Ayuwu3, Joshua Emakhu3,
Shakiru Adebiyi3
1Auburn University at Montgomery, Department of Information Systems Alabama, United States
.2Texas State University, Ingram School of Engineering, Texas, United States.
2San Jose State University, Department of Marketing and Business Analytics, California, United States.
3Texas State University, Ingram School of Engineering, Texas, United States.
3Wayne State University, Department of industrial and System Engineering, Michigan, United State,
3Netapp Inc. San Jose, California, United States.
Abstract Traditional-based security models are a threat
to information security; they have been regarded as weak and
ineffective to meet the dynamics of information system trust.
An emerging framework, Zero Trust Architecture (ZTA)
seeks to close the trust gap in information security through
enforcing policies based on identity and continuous
authentication and verification. This framework is built on
several trust nodes and logical components that attempt to
close the trust gap that exists in an information system. The
adoption of this framework is still in its teething stage which is
a result of several misleading deductions and assumptions. We
attempt to explore the intricacies in the framework and close
the existing knowledge gap. we surveyed the literature on
ZTA and provided a foundational discussion on its
implementation and effectiveness from prior studies. while we
do not critique other models, this paper studied the strength
and variables of the zero-trust security architecture and
attempt to provide an overview of the model and close the
knowledge gap on the effectiveness of adopting a Zero trust
philosophy.
Keywords Cyberthreat, Information security, Risk,
Trust, Zero-trust
I. INTRODUCTION
Cybersecurity threats continue to rise on a magnitude
scale and remain a global concern. Organizations world
over have been victims of data theft arising from intrusion
and malicious attacks on servers and other hardware
components, individuals are susceptible to the risk, one will
think that the government would be left out of this matrix.
Surprisingly, the government remains the biggest target,
the year 2021 recorded over 1862 breaches, which is 68%
over the year 2020 [1] On a global outlook, over 11
significant security breaches were recorded in January
2022, with the government of Canada, Australia, and
Belarus as top victims, the United States Department of
Homeland security suffered the same fate in 2021 [2]
This entropy continues to foster distrust and users are
quite pessimistic about the security and privacy of their
data. Thus, limiting users‟ perception of information
technology. These threats are of various kinds; however,
recent trends and attacks are often in the form of
ransomware, data breaches, identity fraud, phishing, cloud
vulnerability, insider threats, and the internet of things.
These activities affect businesses and individuals, for
example, ransomware attacks have been linked to
information system downtime, poor turnaround time, and
productivity [3]. The outcome of this is consequential and
institutions such as healthcare and other critical
infrastructure have been limited to full capacity. In another
scenario, victims of this attack are requested to make
payments or risk the loss of their data, and this often
damages the organization‟s reputation [4]. Hackers intend
to gain access through the weakest link of an organization
and exploit the surface to their advantage, these weak
surfaces could be insiders within the organization or a
porous network surface. Several studies have identified
insiders as the weakest attack surface in information
security [5][12]
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
141
Although measures are deployed to combat the
possibility of an attack, hackers still gain access to
classified information, cyber-attacks do not necessarily
begin with software, the software does not exist on its own
[8], and hardware and insiders are critical factors in an
information security system and their vulnerability is a
conduit to an intrusion. the advent of remote working on a
cloud basis has widened the threat gap and a more nuanced
security approach is required to counter these attacks.
As technology continues to evolve, and with the advent
of virtual working, organizations must take proactive
measures to safeguard their assets and resources as a
perimeter-based security framework is not effective to meet
the demands of the dynamism in information security,
especially concerning cloud computing where data could be
access remotely. Hence an effective countermeasure and
preventive framework are required to meet these demands.
A more robust approach with emphasis on intermittent
security checks, user authentication, validation, and
verification is required for information security assurance,
while there are a ton of security architecture that aims to
repeal the effect of an attack, hackers still exploit an
organization‟s vulnerability. Thus, a comprehensive
framework is required in this regard, and the Zero-Trust
Architecture (ZTA) has continued to receive attention in
recent times.
The zero trust model addresses trust-based
vulnerabilities and it is premised on the philosophy of
“never trust” taking cognizance of factors within and
outside the organization‟s perimeter [9], first coined by
Stephen Paul Marsh in his doctoral thesis on computer
security [10] and adopted as a security tool by John
Kindervag, a Forrester Research Analyst in the year 2010
[11].
Although new in the cybersecurity domain, its potency,
however, overcome the information security threats posed
by hackers. however, its adoption remains at about 15% in
the Information technology domain [12]. A possible reason
for this is the knowledge gap, misleading deductions, and
difficulty in operationalizing the concept in a standard
information system. It thus becomes challenging to adopt
this methodology [17],[18]. although much has not been
published on ZTA, this study aims to review literature on
studies that have proposed or developed a ZTA and attempt
to close the knowledge gap by presenting an overview of
the concepts in the current information system setting and
the impacts of its adoption on business enterprises. This
will thus eliminate the scepticism of adopting ZTA and
provide a conceptual understanding of ZTA.
To address these objectives, the next section of the paper
discusses the methodology, section three is a review of the
prior information security framework, and section four
concludes the paper.
II. LITERATURE REVIEW
The concept of trust has been defined in a social context
and viewed from different perspectives, while our focus is
on the trust factor as a weak link to information security
vulnerability, it is however pertinent to provide a
conceptual definition of the term.[16] defined it as
assured reliance on the character, ability, strength, or
truth of someone or something” it is a behavioral
construct [17] and as such, could be unpredictable.
Research on ZTA is at its early stage, the
shortcomings of current legacy systems have informed a
more nuanced approach toward cyberthreats. To close the
trust gap [18] adopted the ZTA framework and proposed
a trust model in cloud environments, their study offered a
fine-grained model to enhancing trust in an
organization‟s information system reference components
from the National Institute of standard and technology
was adopted in the design, and performance analysis was
carried out to test the efficacy of the model, it was
evident that intrusion can be controlled with the
distribution of trust-based node. Owing to the
inefficiencies of current cyber security measures in
virtual power plants [19] adopted the ZTA to enhance
privacy and data protection in the energy sector, their
model was built on the ZTA foundation and performance
provided a feasible solution to data theft and breaches.
The use cases of zero trust have continued to rise since the
emergence of the pandemic and have changed the
dynamics of work the place environment. Thus
organizations sanctions remote working environment,
while remote work attempts to contain the viral spread of
the virus, however, it appears to increase the susceptibility
of network and system intrusion, hence zero trust model
appeals to the network intrusion gap and aims to close
these gaps, consequently, organizations continue to adopt
the model as a countermeasure to hacking, a significant
institution that has adopted the model in the United States
government specifically, the department of defense, the
department of health and services and the department of
homeland security [20], [21]. To further advance the
adoption of the model and its deployment, information
technology firms have developed a working model in
consonance with the framework as enshrined in the NIST
policy, prominent among these organizations is Microsoft.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
142
[22]researched zero trust architecture for transitioning in
the healthcare industry, they concluded that medical
devices could be secured with a combination of the model
and firewalls. Consequently, all unnecessary traffic will be
halted and result in network performance, this result aligns
with the summation of [23]
Another practical study [24] explored the implications of
adopting a Zero trust model in the banking sector, the study
revealed that the model is efficient and effective in
countering the prevalent of intrusion in the banking sector
and it serves as a strong forcess against security breaches in
the banking sector, technically, this helps solves the
prevalence of hacking various customer accounts and
enhances the reputation of the banking industry. Similarly
[25] proposed a ZTA network for managing microservices,
the model was based on access control principles and,
policy enforcement which is used to secure access and
monitor packets across the network, the endpoint of the
model showed an effective countermeasure against
vulnerability and intrusion.[26] investigated the impact of
ZTA in a university environment, after taking cognizance
of the components and policies they concluded that ethe
xisting security framework lacks the capabilities to halt
intrusion and cyber threats and support the deployment of
ZTA. Due to the weakness of the perimeter-based security
framework [27] proposed a trust scores framework in the
university environment for securing research work, the
model was designed to calculate the trust score based on
identity and access based control mechanisms, with the
validated core, the system is automated to release access to
users based on the level of trust identified by the system,
they concluded that the framework fosters security and
appears to be more viable compared to a permitter based
model [28] proposed a policy enforcement language for
operationalizing access and identity control in a ZTA, their
model was based on a policy language and firewalls rules,
the policy enforcement was developed on a rule-based
principle and integrated with the system firewall which is
triggered when an intrusion is detected, the architecture
was tested for efficiency and its effectiveness, and the
system proved to be anti-threat architecture.[29] proposes a
zero-trust cloud network with transport control and
authentication, The study proposed a novel idea by
incorporating two security mechanisms, a transport control
mechanism and a packet authentication, access to the
system network or resources is first authenticated for trust
with the transport control mechanism, and a second check
is authenticated using tokens to validate identity and
access. The combination of these mechanisms was built on
a trust foundation that helps mitigate unauthorized access
and identity theft. in another study[30] researched current
security architecture, they submitted that the current
framework cannot curtail recent security trends and
challenges, hence they proposed a combination of
blockchain-based security architecture and a ZTA as a
framework for the internet of things which promotes
authentication and secure access to devices and resources.
On a general note, the operational impact of the model
outweighs the cost [31], [32] and has been categorized as
effective over other security models in the business context,
telecommunication organizations such as At&T have
confirmed that its reduces organizational risk and closes
lapses in cloud control mechanisms, more so, it reduces the
risk of a data breach, thus saving organizations the cost of
litigations and unauthorized use of customer data for
espionage, and more importantly, it reduces the risk of
security breach both on-premise and virtually.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
143
Table 1
Summary of literature
Author
Year
Title
Scope
Performance
Ferretti, Magnanini, Andreolini,
and Colajanni
2021
Survivable zero trust for cloud computing
environments
ZTA and cloud
computing
The architecture is deemed
feasible and effective as a
countermeasure to
intrusion
Alagappan,Venkatachary,and
Andrews
2022
Augmenting Zero Trust Network
Architecture to enhance security in virtual
power plants
ZTA
The performance testing
closes the trust-based
vulnerability compared to
the traditional security
model
Tyler and Viana
2021
Trust no one? A framework for assisting
healthcare organizations in transitioning to
a zero-trust network architecture
ZTA
Closes data threat theft gap
and initiates policies at
different enforcement
points
Saini, Saini, and Singh
2019
Security and Trust Model Analysis for
Banking System
ZTA
Enhances user application
interface and promotes
access control mechanism
Dean, Fonyi, Morrell, Lanham,
and Teague
2021
Toward a Zero Trust Architecture
Implementation in a University
Environment
ZTA
Secure university
resources and research
from hackers
Zaheer, Chang, Mukherjee, and
Van Der Merwe
2019
EZTrust:Network-Independent Zero-Trust
Perimeterization for Microservices
ZTA,
microservices and
segmentation
Enforces policy and
promotes security
Lukaseder, Halter, and Kargi
2020
Context-based Access Control and Trust
Scores in Zero Trust Campus Networks
ZTA and access
control
Provides access control
and authentication tools
for accessing campus
resources
Vanickis,Jacob,Dehghanzadeh,
and Lee
2019
Access Control Policy Enforcement for
Zero-Trust-Networking
ZTA and access
control
Enforces policy and
promotes security
Decusatis,Liengtiraphan,Sager,
and Pinelli
2016
Implementing Zero Trust Cloud Networks
with Transport Access Control and First
Packet Authentication
ZTA and access
control
Closes data theft, and
secures network packets
Li, Iqbal, and Saxena,
2022
“Future Industry Internet of Things with
Zero-trust Security
ZTA and
blockchain
Secures devices and
includes authentication and
identification mechanism
A. Definition of Zero trust
Various definitions have been coined around the Zero
Trust Model, a common phrase in the definition is trust and
this extends to the users, devices, networks, and other
variables that interface within and outside the perimeters of
an organization‟s network. [33]
[34] defined it as a model that considers the internal and
external threats, preventing malicious insiders from
accessing information they are unauthorized to access, to
prevent threats throughout the network and ensure the
reduction of vulnerable systems‟ exposure
[35] sees it as a model that takes cognizance of an
attacker‟s presence within the environment, and that the
enterprise-owned environment does not differ from the
non-enterprise-owned environment as well as trust and
security are concerned.
Similarly, [36] explained that the model goes hand in
hand with its architecture. Zero Trust Architecture has to
do with technical controls put in place to prevent
unauthorized access as well as policies that boost a more
mobile and secure workforce.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
144
Despite several definitions, a common phenomenon is
the issue of trust, which attempts to explain that interacting
variables within a system should not be trusted, this is not
meant to hunt any variable, but to constantly audit, validate
and authorize verified identity. However, it is pertinent to
mention that the model itself is not a tool, but a philosophy
and this influences beliefs, thoughts, and decisions based
on the credibility of perceived information within the
authorizing engine.
B. Logical components of the model
The architectural design is an ideal framework and the
interactions with the framework, this architecture was
adapted from the United States National Institute of
Standards and technology, the core component is the policy
engine, this has a relationship with the policy administrator
and the policy enrollment point[21]. The relative
components are described below
FIGURE I LOGICAL COMPONENTS OF THE MODE, ADAPTED FROM
NIIST
1) Policy engine
Policy engine (PE): The policy engine is an important
factor in the model, the long-term and final decision to
yield access to a device or network is driven by the policy
engine. the design of the PE is programmed based on the
internal and external working policy adopted by the
organization and considers other external factors such as
CDM systems, threat intelligence, and activity logs as trust
algorithms to grant, deny, or revoke access to the resource.
The PE is paired with the policy administrator component.
The policy engine makes and logs the decision (as
approved, or denied), and the policy administrator executes
the decision [21]
2) Policy administrator
The policy administrator is an executor in primary terms,
it acts on the flow from the policy engine and is responsible
for granting access or shutting down communication path
based on the information from the policy engine, in
practical terms, the PA authenticates users‟ identity
through token or credential used by a client to access an
enterprise resource[21].
3) Policy enrollment point
This component enforces the decisions made by the
policy engine, specifically enables, monitors, and
terminates traffic between an agent and a client, it is the
conduit between the users and the system resources [21].
III. PILLARS OF ZERO TRUST
The model is built on six core factors (users, devices,
network, applications, automation, and analytics) that drive
the effectiveness and efficiency of the model, the core
factors cannot be implemented as a standalone, though
independent, there must be a significant interface between
the variables for effectiveness. Users are the first and
significant factor in the implementation prices because they
can be susceptible to compromise within and outside the
network perimeters and as such, they require continuous
verification and identification, they interface with the
devices which, these devices are also validated and
authenticated for effective security, the model requires fail-
safe applications and automation that interfaces with other
factors and an analytical tool that reports on the activities
of the operations of the model, below are a graphical
architecture of the trust variables.
FIGURE II INTERACTING VARIABLE OF ZERO TRUST
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
145
A. Elements of zero-trust security architecture
Like every other security framework, the zero-trust
model is not a stand-alone framework, it comprises
variables that drive the adoption and effective deployment
of the model. While there are several variables in the
deployment of the model, Ngo-Lam (2020) identified three
significant elements of the architecture, having considered
prior literature, we find these elements noteworthy in the
evaluation of the model, they are discussed hereunder.
1) No False sense of security
The idea that employees of an organization have passed
initial security checks is not enough criteria to validate trust
or breaches, while people should be held accountable for
their integrity and the belief that people will always remain
in consonance with security policies, thus validating trust.
However, the Zero Trust model demystify this principle,
the architecture protects against insider threat that may be
unassumed [37]. As people get familiar with an
organization or network, they tend to identify the
weaknesses in the network perimeters and insiders can be
more threatening in a security breach as they are
fundamentally aware of the loopholes in the system
architecture. Hence, the model is built on a zero-trust
philosophy, hence requiring constant validation of
credentials irrespective of the personnel [33].
2) Multi-Factor Authentication
As the name implies, multi-factor authentication is a
combination of more than one security application that
attempts to validate the identity of a user with two or more
factors, the idea is to reassure the system of the user
credentials and identity. In conceptual terms, [38] defines a
layered approach to application and system security
requiring a user to present a combination of two or more
credentials to verify a user‟s identity for login. The failure
of one thus denies the authorization to the targeted physical
space, computing device, network, or database. In specific
terms, it consists of something you know such as a
password, pins, something you have such as smart cards,
tokens, and something you do like fingerprinting, gestures,
signatures, etc.
3) Micro-segmentationion
The concept of micro-segmentation attempts to give the
least privilege to users and restrict access to the entire
organizations‟ network. It is based on the theory that users
should only have privileges to a segment of the
organizations‟ network that pertains to their job and ensure
proper authorization.
It guards against lateral weaknesses and prevents
unauthorized access to on-premise assets [37], [39].
4) Model requirements
The design and procedural implementation of zero trust
architecture follow a unique set of rules as set out in the
policy mandate by the NIST (2020), while several
organizations have a user-based procedure, we adopt the
methodology enshrined in the policy of the NIST 2020.
This includes seven procedural tenets are they are
discussed in three different domains namely granting
access, controlling access, and monitoring and securing
access [40]
5) Granting Access domain
Authentication and authorization: This domain expresses
concern on identity management and follows the least
privilege access to systems and infrastructure. The model
explains that identity should be thoroughly scrutinized, and
access is strongly authenticated before allowing entry into a
network [21], [40], [41].
Integrity: A critical requirement for implementing the ZTA
is to continuously examine the integrity of the security
architecture and devices on the network, and the model.
All-access request within the network should be validated
and continuously examined for intrusion. Thus, trust should
not be assumed and access must not be granted based on
identity but validated access and identity [21], [40].
Observable state: When an identity attempts to access a
resource, verify that identity with strong authentication, and
ensure access is compliant and typical for that identity.
Follow least privilege access principles
Figure III Zero trust drivers
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
146
IV. CONCLUSION
Traditional security framework is deployed on a
perimeter-based basis, and has resulted in data theft,
intrusion, malware, and ransomware attacks, with the
advancement in technology and cyber-attacks, the Zero
trust security model attempts to mirror these activities and
take strong measures to validate the intention and identity
of users, devices, and the interacting variables withing the
system atmosphere, these policies overrun the latency in
the traditional security model and as such adjudged as
efficient and effective. The ZTA thus fulfills this ideal,
however, little is known about this architecture and as such
creates a limitation for its adoption. We present a
conceptual overview of the ZTA architecture and an
appraisal of efficiency and effectiveness from the literature.
We thus find that ZTA closes the trust vulnerability that
exists in an organization‟s information system and the
model could be deployed and combined with another
security framework. From a policy point of view, the
architecture is built on a principle of “never trust” and
attempts to identify and authenticate users, and devices
before granting access to infrastructure and resources.
REFERENCES
[1] Identity Theft Resource Center, “Annual Data Breach Report Sets
New Record for Number of Compromises,” 2022. [Online].
Available: https://www.idtheftcenter.org/post/identity-theft-
resource-center-2021-annual-data-breach-report-sets-new-record-
for-number-of-compromises/.
[2] Center for Strategic and International Studies, “Significant Cyber
Incidents,” 2022. [Online]. Available:
https://www.csis.org/programs/strategic-technologies-
program/significant-cyber-incidents.
[3] N. Jones, “5 Ways Ransomware Can Negatively Impact Your
Business,” ignite Blog, 2022. https://www.egnyte.com/blog/post/5-
ways-ransomware-can-negatively-impact-your-business#:~:text=In
fact%2C Forbes Insights found,breaches or IT system failures.
[4] M. Ahmed, W. Ahmed, and S. Khan, “Ransomware: Attack, Human
Impact and Mitigation,” Int. J. Comput. Sci. Inf. Secur., vol. 18,
2020, doi: 10.5281/ZENODO.4425480.
[5] M. A. Sasse, S. Brostoff, and D. Weirich, “Transforming the
„weakest link‟ - A human/computer interaction approach to usable
and effective security, BT Technol. J., vol. 19, no. 3, 2001, doi:
10.1023/A:1011902718709.
[6] R. T. West, C. B. Mayhorn, J. B. Hardee, and J. Mendel, “The
weakest link: A psychological perspective on why users make poor
security decisions,” in Social and Human Elements of Information
Security: Emerging Trends and Countermeasures, 2008.
[7] S. Thomason, “People The Weak Link in Security,” Glob. J.
Comput. Sci. Technol. Network, Web Secur., vol. 13, no. 11, 2013.
[8] L. Edlyn and P. Algirde, “Hardware is a cybersecurity risk. Here‟s
what we need to know,” World Economic Forus, 2019.
https://www.weforum.org/agenda/2019/12/our-hardware-is-under-
cyberattack-heres-how-to-make-it-safe/.
[9] (Deloitte), “Zero Trust 2021 A revolutionary approach to Cyber or
just another buzz word?,” Cybersecurity, 2021, [Online]. Available:
https://www2.deloitte.com/content/dam/Deloitte/de/Documents/risk/
deloitte-cyber-zero-trust.pdf.
[10] S. P. Marsh, “Formalising Trust as a Computational Concept,”
Computing, vol. Doctor of, no. April, 1994.
[11] GSA, “Zero Trust Architecture (ZTA): Buyer guide,” 2021.
[Online]. Available: file:///C:/Users/OC Edo/Downloads/Zero Trust
Architecture Buyers Guide v11 20210810 (4).pdf.
[12] Cyberecurity Insiders, “Zero Trust Adoption Rate,” 2019.
https://www.cybersecurity-insiders.com/portfolio/2019-zero-trust-
adoption-report/#:~:text=Key Takeaways%3A,have zero trust in
place.
[13] C. Buck, C. Olenberger, A. Schweizer, F. Völter, and T. Eymann,
“Never trust, always verify: A multivocal literature review on
current knowledge and research gaps of zero-trust,” Comput. Secur.,
vol. 110, 2021, doi: 10.1016/j.cose.2021.102436.
[14] K. D. Uttecht, “Zero Trust (ZT) Concepts for Federal Government
Architecture,” 2020. [Online]. Available:
https://apps.dtic.mil/sti/citations/AD1106904.
[15] D. Padula, “Journal Indexing: Core standards and why they matter,”
LSE, 2019.
https://blogs.lse.ac.uk/impactofsocialsciences/2019/08/22/journal-
indexing-core-standards-and-why-they-matter/.
[16] Merriam Webster, “Merriam-Webster Dictionary,” Merriam-
Webster Dictionary. 1828.
[17] F. Li and S. C. Betts, Trust: What It Is And What It Is Not,” Int.
Bus. Econ. Res. J., vol. 2, no. 7, 2011, doi: 10.19030/iber.v2i7.3825.
[18] L. Ferretti, F. Magnanini, M. Andreolini, and M. Colajanni,
“Survivable zero trust for cloud computing environments,” Comput.
Secur., vol. 110, 2021, doi: 10.1016/j.cose.2021.102419.
[19] A. Alagappan, S. K. Venkatachary, and L. J. B. Andrews,
“Augmenting Zero Trust Network Architecture to enhance security
in virtual power plants,” Energy Reports, vol. 8, 2022, doi:
10.1016/j.egyr.2021.11.272.
[20] K. Macri, “What is Zero Trust? Federal Agencies Embrace
Cybersecurity Innovation,” Govcio Media and Research, 2021.
https://governmentciomedia.com/what-zero-trust-federal-agencies-
embrace-cybersecurity-innovation.
[21] NIST, “Zero Trust Architecture, SP 800-207,” Natl. Inst. Stand.
Technol. Spec. Publ., vol. SP 800-207, 2020.
[22] D. Tyler and T. Viana, “Trust no one? A framework for assisting
healthcare organisations in transitioning to a zero-trust network
architecture,” Appl. Sci., vol. 11, no. 16, 2021, doi:
10.3390/app11167499.
[23] N. Cavalancia, “Zero Trust Architecture explained,” At&T
Cybersecurity, 2020. https://cybersecurity.att.com/blogs/security-
essentials/what-is-a-zero-trust-architecture.
[24] D. K. Saini, H. Saini, and S. Singh, “Security and Trust Model
Analysis for Banking System,” Int. J. Sensors, Wirel. Commun.
Control, vol. 11, no. 1, 2019, doi:
10.2174/2210327910666191218130129.
[25] Z. Zaheer, H. Chang, S. Mukherjee, and J. Van Der Merwe,
“EZTrust: Network-Independent Zero-Trust Perimeterization for
Microservices,” 2019, doi: 10.1145/3314148.3314349.
International Journal of Emerging Technology and Advanced Engineering
Website: www.ijetae.com (E-ISSN 2250-2459, Scopus Indexed, ISO 9001:2008 Certified Journal, Volume 12, Issue 07, July 2022)
147
[26] E. Dean, S. Fonyi, C. Morrell, M. Lanham, and E. Teague, “Toward
a Zero Trust Architecture Implementation in a University
Environment,” Cyber Def. Rev., pp. 3745, 2021.
[27] T. Lukaseder, M. Halter, and F. Kargi, “Context-based Access
Control and Trust Scores in Zero Trust Campus Networks,” Lect.
Notes Informatics, vol. 53, pp. 5365, 2020.
[28] R. Vanickis, P. Jacob, S. Dehghanzadeh, and B. Lee, “Access
Control Policy Enforcement for Zero-Trust-Networking,” 2018, doi:
10.1109/ISSC.2018.8585365.
[29] C. Decusatis, P. Liengtiraphan, A. Sager, and M. Pinelli,
“Implementing Zero Trust Cloud Networks with Transport Access
Control and First Packet Authentication,” 2016, doi:
10.1109/SmartCloud.2016.22.
[30] S. Li, M. Iqbal, and N. Saxena, “Future Industry Internet of Things
with Zero-trust Security,” Inf. Syst. Front., 2022, doi:
10.1007/s10796-021-10199-5.
[31] O. C. Edo, A. Okafor, and Akhigbodemhe Emmanuel Justice,
“Corporate Taxes and Foreign Direct Investments: An Impact
Analysis,” Public Policy Adm. Res., 2020, doi: 10.7176/ppar/10-9-
07.
[32] O. C. Edo, A. Okafor, and A. E. Justice, “Tax Policy and Foreign
Direct Investment: A Regime Change Analysis.,” GATR J. Financ.
Bank. Rev., vol. 5, no. 3, 2020, doi: 10.35609/jfbr.2020.5.3(3).
[33] J. Petters, “What is Zero Trust? A Security Model,” Inside Out
Security Blog, 2021. https://www.varonis.com/blog/what-is-zero-
trust.
[34] L. Odell, B. Farrar-Folley, C. Fauntleroy, and R. Wagner, “In-Use
and Emerging Disruptive Technology Trend,” Inst. Def. Anal., 2015.
[35] F. K. Hansen, “6 Redistribution of Income in Denmark,” Int. J.
Sociol., vol. 16, no. 34, 1986, doi:
10.1080/15579336.1986.11769914.
[36] R. Bernard, G. Bowsher, and R. Sullivan, “Cyber security and the
unexplored threat to global health: a call for global norms,” Glob.
Secur. Heal. Sci. Policy, vol. 5, no. 1, 2020, doi:
10.1080/23779497.2020.1865182.
[37] V. Ngo-Lam, “Zero Trust Architecture: Best Practices for Safer
Networks,” Exabeamm, 2020.
https://www.exabeam.com/information-security/zero-trust-
architecture/#:~:text=For example%2C an attacker who,prioritizes
protection against insider threats.
[38] C. and infrastructure security Agency, “Multi-factor authentication,”
Defend Today Secure Tommorrow, 2021.
https://www.cisa.gov/sites/default/files/publications/CISA
MultiFactor Auth HDO_040721_508.pdf.
[39] AlgoSec, “Micro-segmentation from strategy to execution.”
[Online]. Available: https://www.algosec.com/wp-
content/uploads/2020/06/Micro-segmentation-eBook_FINAL.pdf.
[40] S. Tyagi, “7 Key Tenets of Zero Trust Architecture,” Colortokens,
2021. https://colortokens.com/blog/key-tenets-zero-trust-
architecture/.
[41] NIST, “[NIST SP 800-207] Zero Trust Architecture,” 2020.
... However, studies have highlighted the effectiveness of ZTA in reducing breach risks and enhancing overall security by implementing strict access controls and monitoring [38]. Zero trust systems have shown significant improvements in dealing with cyber threats in cloud environments [39], smart manufacturing [40], and healthcare [41]. ...
Preprint
Full-text available
The Zero Trust Architecture (ZTA) security system follows the "never trust, always verify" principle. The process constantly verifies users and devices trying to access resources. This paper describes how Microsoft Azure uses ZTA to enforce strict identity verification and access rules across the cloud environment to improve security. Implementation is time-consuming and difficult. Azure's extensive services and customizations require careful design and implementation. Azure administrators struggle to navigate and change configurations due to its complex user interface (UI). Each Azure ecosystem component must meet ZTA criteria. ZTA's comprehensive policy definitions, multi-factor and pass-wordless authentication, and other advanced features are tested in a mid-size business scenario. These configuration changes require a solid grasp of Azure's architecture and Zero Trust. Implementing an Azure ZTA reduces vulnerabilities and restricts authorized users' access to critical resources. Implementation is time-consuming and expensive, requires a significant commitment to changing IT procedures, and can be confusing because the same features are available in multiple places. Azure ZTA has shown great potential for both hybrid and cloud-native companies.
... TAM, initially proposed by Davis in 1989, posits that perceived usefulness and ease of use are primary determinants of an individual's intention to use a technology. Building upon TAM, UTAUT integrates additional factors such as social influence, facilitating conditions, and behavioral intentions, offering a more comprehensive understanding of technology adoption behavior [1], [2]. ...
Research
Full-text available
The COVID-19 pandemic has accelerated the adoption of financial technology (fintech) solutions across the globe as financial institutions seek innovative ways to serve customers remotely while ensuring operational resilience. This paper examines the application of two theoretical frameworks, namely the Technology Acceptance Model (TAM) and the Unified Theory of Acceptance and Use of Technology (UTAUT), in understanding and navigating fintech adoption within financial institutions during the pandemic. Through a comprehensive review of existing literature and empirical studies, the paper elucidates the key factors influencing fintech adoption, including perceived usefulness, ease of use, social influence, and facilitating conditions. Additionally, it explores how contextual factors such as organizational culture, regulatory environment, and customer demographics shape the adoption process. By synthesizing insights from TAM and UTAUT, financial institutions can develop targeted strategies to promote fintech adoption among employees and customers, thereby enhancing operational efficiency, improving customer experience, and fostering long-term competitiveness. The findings contribute to both theoretical understanding and practical implications for financial institutions seeking to harness the potential of fintech amidst the ongoing challenges posed by the pandemic.
... ZTA frameworks enable organizations to enforce strict authentication and authorization policies, segment network resources, and detect anomalous behavior patterns indicative of potential security incidents. This proactive approach to security helps healthcare organizations detect and respond to threats in real-time, minimizing the impact of cyberattacks and ensuring the integrity and availability of critical healthcare services [10], [11]. ...
Research
Full-text available
In the face of unprecedented global health challenges like the COVID-19 pandemic, securing digital health technologies becomes paramount. This study explores the implementation of Zero Trust Architecture (ZTA) in healthcare settings, drawing insights from frontline healthcare workers. ZTA is a security model based on the principle of "never trust, always verify," where every user and device accessing the network is continuously authenticated and authorized. Through interviews and surveys with healthcare professionals, this research elucidates the practical challenges and opportunities of adopting ZTA in the context of pandemic response. Findings reveal that while ZTA holds promise in bolstering security and privacy measures, its successful integration requires addressing several key factors. These include the need for robust authentication mechanisms for remote access, seamless interoperability with existing healthcare systems, and comprehensive training programs to ensure staff competency. Moreover, the study highlights the importance of a collaborative approach involving IT professionals, clinicians, and administrators to effectively implement and sustain ZTA frameworks. By embracing ZTA principles, healthcare organizations can enhance their resilience against cyber threats, safeguard patient data, and ensure the integrity of digital health services, thus contributing to more resilient and secure healthcare ecosystems in times of crisis and beyond.
... Furthermore, various data sources contribute input and policy. In addition, various data sources supply the PE with input and policy rules for access decision-making [13]. Local and foreign data sources are included. ...
Article
Full-text available
The Zero Trust safety architecture emerged as an intriguing approach for overcoming the shortcomings of standard network security solutions. This extensive survey study provides a meticulous explanation of the underlying principles of Zero Trust, as well as an assessment of the many strategies and possibilities for effective implementation. The survey begins by examining the role of authentication and access control within Zero Trust Architectures, and subsequently investigates innovative authentication, as well as access control solutions across different scenarios. It more deeply explores traditional techniques for encryption, micro-segmentation, and security automation, emphasizing their importance in achieving a secure Zero Trust environment. Zero Trust Architecture is explained in brief, along with the Taxonomy of Zero Trust Network Features. This review article provides useful insights into the Zero Trust paradigm, its approaches, problems, and future research objectives for scholars, practitioners, and policymakers. This survey contributes to the growth and implementation of secure network architectures in critical infrastructures by developing a deeper knowledge of Zero Trust.
... data without compromising individual privacy. Given the evolving threat landscape, future strategies for financial security will prioritize integrated cybersecurity training. Employees across all departments, including accounting, will receive continuous education on emerging cyber threats, fostering a culture of cybersecurity awareness (Das, 2023, Edo et. al., 2022, Majeed & Lee, 2020. ...
Article
Full-text available
In the contemporary landscape of rapidly evolving technological advancements and the increasing prevalence of cyber threats, organizations face a critical imperative to align their accounting practices with robust cybersecurity measures. This review explores the symbiotic relationship between accounting and cybersecurity in safeguarding data confidentiality and ensuring financial security. Focusing on the intersection of these two domains, we examine the strategic alignment required to fortify organizations against the escalating challenges posed by cyber threats to sensitive financial information. The review begins by delving into the intricate connection between accounting processes and the protection of financial data, emphasizing the pivotal role of accurate financial reporting and transparent disclosure in maintaining stakeholder trust. Subsequently, it scrutinizes the evolving threat landscape, identifying cyber risks that specifically target financial systems and data. The analysis underscores the need for a comprehensive strategic approach that integrates accounting practices with cybersecurity protocols to effectively mitigate these risks. Furthermore, the review investigates the contemporary tools and technologies that facilitate the integration of accounting and cybersecurity, enhancing organizations' ability to detect, prevent, and respond to cyber threats. It explores the adoption of advanced encryption methods, intrusion detection systems, and artificial intelligence-driven analytics to bolster data confidentiality and financial security. In examining case studies and best practices, this review highlights successful instances of organizations aligning accounting and cybersecurity strategies to achieve a cohesive defense against financial cyber threats. Lessons learned from these cases offer valuable insights for practitioners and decision-makers seeking to implement effective measures within their own organizational contexts. Ultimately, this review contributes to the evolving discourse on strategic alignment by emphasizing the imperative of synergizing accounting practices with cybersecurity initiatives. As organizations navigate an increasingly complex and interconnected business environment, a holistic approach that unifies financial integrity and cyber resilience becomes paramount for ensuring sustained success and safeguarding against the multifaceted challenges of the digital age.
Chapter
Full-text available
Safeguarding confidential data and information from increasingly complex cyberattacks is critical in the financial industry. This paper presents a novel framework that combines blockchain technology and the Zero Trust model to strengthen Identity and Access Management (IAM) systems, addressing prevalent security and privacy concerns. Traditional IAM systems often fail to counter advanced cyberattacks and insider threats effectively; this re-search advances towards a more resilient IAM system. Employing a mixed-methods approach, the study combines qualitative evaluations of security principles and threat modelling with quantitative analysis through the de-ployment and testing of a banking application. This application demonstrates the practical application of blockchain-enhanced IAM within a Zero Trust architecture, focusing on authentication, authorization, and transactional in-tegrity. Security and performance tests validate the framework's effective-ness in preventing unauthorised access and data breaches while ensuring scalability and user privacy. Blockchain technology enhances the security layers and introduces a decentralised trust mechanism, enriching the IAM ecosystem within financial services. Our study proposes a framework that significantly improves IAM systems' security and reliability in the financial sector, as evidenced by successful deployment and testing outcomes. Keywords: Identity and Access Management, Zero Trust, Blockchain, Hy-brid Access Control, Financial Services.
Article
Full-text available
As sixth-generation (6G) cellular networks emerge, promising unparalleled connectivity and capabilities, yet it amplifies concerns regarding security vulnerabilities. These networks include a broader array of devices and sensors compared to earlier generations, increasing the potential for attackers to exploit weaknesses. Existing security frameworks contribute to safeguarding enterprises against external threats that originate beyond the network perimeter. These frameworks operate under the assumption that all entities inside the defined perimeters are reliable, and their primary objective is to authorize access to resources based on assigned roles and permissions. However, this strategy could be more effective today since attacks might originate from any source, including within the network perimeter. To address this issue, a zero-trust architecture (ZTA) could be a potential solution that assumes neither users nor devices can be inherently trusted, and it consistently evaluates potential risks to decide whether to allowaccess to resources. This article will explore the zero-trust approach and its significance in contemporary network security. We describe the role of authentication and access control in ZTA and present an in-depth discussion of state-of-the-art authentication and access control techniques in different scenarios. This article examines the applicability of the zero-trust concept in 6G networks and analyzes the associated challenges and opportunities. This article also examines case studies demonstrating the practical application of the zero trust paradigm in 6G or comparable networks. It explores the research scope and tries to identify relevant research gaps in this area.
Article
This paper examines the growing cyber threats facing the United States' vital infrastructure, particularly those posed by state-sponsored threat actors. It discusses the significant risks these threats pose to economic stability and national security. It highlights the difficulties in protecting U.S. critical infrastructures from the constantly advancing and complex strategies employed by cybercriminals, who take advantage of the fundamental flaws in traditional security models. Furthermore, the paper presents an overview of the cyber threat environment in the United States and explains the strategies, tactics, and fundamental values for implementing Zero Trust security in critical infrastructure sectors. The study underscores the importance of technological solutions, security policies, governance, risk management, and the role of human elements in creating a robust cyberinfrastructure. Adhering to internationally recognized standards such as NIST, ISO/IEC 27001, and OWASP, this framework aims to bolster U.S. cyber defenses against a broad spectrum of cyber threats, thereby enhancing economic stability, national security, and the continuous delivery of critical services. The findings of this research have significant implications for the future of U.S. critical infrastructure security, emphasizing the need for a proactive and comprehensive approach to cybersecurity in the face of evolving threats.
Article
Full-text available
This paper examines the growing cyber threats facing the United States' vital infrastructure, particularly those posed by state-sponsored threat actors. It discusses the significant risks these threats pose to economic stability and national security. Ithighlights the difficulties in protecting U.S. critical infrastructures from the constantly advancing and complex strategiesemployed by cybercriminals, who take advantage of the fundamental flaws in traditional security models. Furthermore, thepaper presents an overview of the cyber threat environment in the United States and explains the strategies, tactics, andfundamental values for implementing Zero Trust security in critical infrastructure sectors. The study underscores theimportance of technological solutions, security policies, governance, risk management, and the role of human elements increating a robust cyberinfrastructure. Adhering to internationally recognized standards such as NIST, ISO/IEC 27001, andOWASP, this framework aims to bolster U.S. cyber defenses against a broad spectrum of cyber threats, thereby enhancingeconomic stability, national security, and the continuous delivery of critical services. The findings of this research havesignificant implications for the future of U.S. critical infrastructure security, emphasizing the need for a proactive andcomprehensive approach to cybersecurity in the face of evolving threats.
Preprint
Full-text available
The concept of Zero-Trust security framework model is a "Never Trust, Always Verify" concept. The primary objective of this architecture is to enhance cybersecurity through the removal of trust and ongoing network request validation. The adoption of Zero Trust Security (ZTS) has experienced significant growth in recent years. However, many firms are still reluctant to engage in this security method despite its growing popularity. Prior research addresses methods for implementing ZTS, its importance and difficulties, but only offers scant details on the instruments that are available, their costs, and ZTS's success rate. Zero Trust Security (ZTS) is an evolving security model that challenges traditional perimeter-based security approaches by assuming that threats exist both inside and outside the network. This paper explores how ZTS can be implemented in the wireless communication networks, where the proliferation of mobile devices and the increasing adoption of wireless technologies have introduced new security challenges. The abstract concept of trust is redefined in ZTS, emphasizing the need for continuous authentication, authorization, and encryption of network traffic, regardless of the device's location or network access method. Key components of ZTS in wireless networks include identity verification, micro-segmentation, fewest privilege access controls, and continuous monitoring of network activities. By implementing ZTS principles, organizations can enhance their security posture and mitigate the risks associated with wireless communication networks, ensuring confidentiality, integrity, and availability of sensitive information in the face of evolving cyber threats.
Article
Full-text available
The emerging techniques, such as the fifth-generation communications (5G), Internet of Things (IoT), blockchain, artificial intelligence, etc., are operating in unison will drive the transformation of global business forward. The 5G technology is expected to unleash a massive IoT ecosystems by providing massive connectivity for huge number of IoT devices with faster data rate, ultra-low latency, and low-cost access. The 5G networks will be designed to bring the level of performance needed for massive IoT and will enable a perceived fully ubiquitous connected world. Meanwhile, the blockchain being promoted as the fundamental for new business model in Future IoT (FIoT). This paper attempts to provide a set of new directions and ideas for research in 5G/6G enabled IoT and new technique trends in IoT. The current IoT are facing a number of challenges, such as massive IoT devices access, network performances, security, standardization, and critical applications. This paper investigates new technologies, such as 5G, zero-trust, and blockchain will catalyse the innovation in IoT. Specifically, a zero-trust security architecture for FIoT is proposed and a blockchain-based device authentication in IoT environment (BasIoT) is proposed that can provide massive secure device access in FIoT. Graphical AbstractUsing zero-trust secure the future Industry IoT
Article
Full-text available
The core concepts of Zero Trust Architecture have existed since the Jericho Forum in 1994 and have served as the goal of cyber security specialists for many years. Zero Trust Networks and Architectures are extremely appealing to institutions of higher learning because they offer the flexibility to support research and learning while protecting resources with different protection levels, depending on the sensitivity of the resource. This paper investigates how other universities can employ the Zero Trust Architectures using the West Point model.
Article
Full-text available
Traditional networks are designed to be hard on the outside and soft on the inside. It is this soft inside which has made the traditional perimeter model laughable to attackers, who can easily breach a network and run away with the data without even having to deal with the hardened perimeter. The zero-trust security model, created by John Kindervag in 2010, addresses the security flaws of the traditional perimeter model and asserts that all network traffic on the inside should not be trusted by default. Other core principles of zero trust include verification and continuous monitoring of all communication, as well as encryption of all data in transit and data at rest, since the goal of zero trust is to focus on protecting data. Although the zero-trust model was created in 2010, with some of the associated security practices existing even before that, many healthcare organisations are still choosing to focus primarily on securing the perimeter instead of focusing on the vulnerabilities within them. The current COVID-19 pandemic which healthcare providers are struggling with further highlights the need for improvements to security within the network perimeter, as many healthcare providers and vaccine developers are still using vulnerable, outdated legacy systems which could become compromised and indirectly have a detrimental effect on patient care. Legacy systems which are technologically limited, as well as medical devices which cannot be controlled or managed by network administrators, create boundaries to transitioning to a zero-trust architecture. It is challenges like this that have been explored during the research phase of this project in order to gain a better understanding of how a health organisation can adopt zero-trust practices despite the limitations of their current architecture. From the information gathered during this research, a framework was developed to allow a health organisation to transition to a more secure architecture based on the concept of zero-trust. Aspects of the proposed framework were tested in Cisco Modelling Labs (CML), and the results were evaluated to ensure the validity of some of the recommendations laid out in the framework. The main objective of this research was to prove that if a host within the local area network (LAN) were to be compromised, the damage would be limited to that host and would not spread throughout the rest of the network. This was successful after the qualitative research performed in CML. One of the other takeaways from testing the framework in CML was that medical devices could be secured by placing firewalls directly in front of them. This placement of firewalls may seem like an unorthodox approach and was shown to increase latency, but the blocking of all unnecessary traffic on the rest of the network will result in a performance boost and should balance it out in a real-world application.
Article
Full-text available
In response to weaknesses of current network security solutions, the zero-trust model follows the idea that no network – whether internal or external – is trustworthy. The concept of zero-trust is enjoying increasing attention in both research and practice due to its promise to fulfil complex new network security requirements. Despite zero-trust's advantages over traditional solutions, it has not yet succeeded in replacing existing approaches. Uncertainty remains regarding the concept's distinct benefits and drawbacks for organisations and individuals, which hinders a holistic understanding of zero-trust and wide-spread adoption. Research can make valuable contributions to the field by systematically providing new insights into zero-trust. To support researchers in this endeavour, we aim to consolidate the current state of the knowledge about zero-trust and to identify gaps in the literature. Thus, we conduct a multivocal literature review, analysing both academic and practice-oriented publications. We develop a research framework for zero-trust to structure the identified literature and to highlight future research avenues. Our results show that the academic literature has focused mainly on the architecture and performance improvements of zero-trust. In contrast, the practice-oriented literature has focused on organisational advantages of zero-trust and on potential migration strategies. However, economic analyses and user-related studies have been neglected by both academia and practice. Future research may rely on our findings to advance the field in meaningful ways.
Article
Full-text available
Cyber-attacks against hospitals, medical devices, and healthcare entities are becoming increasingly common; simultaneously, physical attacks against hospitals and healthcare entities are increasing. The purpose of this article is to explore the threat to healthcare from cyber-attacks. We undertake qualitative analysis of current and past cyber-attacks on healthcare system and look at these in the context of the increase in non-traditional threats. We conclude that there is a current and systemic threat to the healthcare sector from cyber-attacks by nation state and criminal groups, which is not currently being addressed in a systematic manner. Finally, we conclude that further discussion on key issues such as legislation and regulatory frameworks needs to take place at both a policy and practitioner level.
Article
Full-text available
We investigate the effects of corporate taxes on the flow of foreign direct investments (FDI) in Nigeria between 1983 and 2017. The study adopts the ex-post facto research design; secondary data were sourced from the World Bank Development indicator, Central Bank of Nigeria database, and Federal Inland Revenue database. Research data was analyzed using the Error Correction Model (ECM). The coefficient of determination (R 2) showed that about 77 percent of the systematic changes in FDI are attributed to the combined effect of all the explanatory variables captured in the study. We find that Company Income Tax, Value Added Tax, and Custom and Excise Duties have a significant but negative relationship with FDI. In contrast, Tertiary Education Tax has a positive association with FDI. Also, Exchange Rate had a negative but significant relationship with FDI; Inflation had an insignificant but positive association with FDI, while GDP growth rate and Trade Openness showed a positive and significant association with FDI. Our findings deviate from previous results, as we find new evidence that a higher Education tax rate influences FDI, and the emerging evidence on the effect of non-tax variables on FDI inflow.
Article
Zero Trust Network Architecture implementation is gaining popularity in the ICT sector to defend and deter cyber threats or cyber crime. Considering the architecture’s ability, it is unlikely that a single compromised endpoint in the zero-trust networks could spread laterally, infecting the whole network.This provides us with the ability to adopt the architecture in the energy sector. The popularity of the distributed generators helps us beself-reliant on the power and enables a consumer to supply the power to the grid. The pool of these small generators constitutes a virtual power plant. With this arrangement, its network is also exposed to security challenges. Protecting these physical systems, data protection, and information privacy becomes critical. Motivated by this convergence, this paper aims to present a comprehensive Zero trust security architecture to help reduce the risks and help secure the physical systems and ensure privacy and data protection.
Article
The security model relying on the traditional defense of the perimeter cannot protect modern dynamic organizations. The emerging paradigm called zero trust proposes a modern alternative that enforces access control on every request and avoids implicit trust based on the physical location of people and devices. These architectures rely on several trusted components, but existing proposals make the unrealistic assumption that attackers cannot compromise some of them. We overcome these assumptions and present a novel survivable zero trust architecture that can guarantee the necessary security level for cloud computing environments. The proposed architecture guarantees a high level of security and robustness and under specific conditions it can tolerate intrusions and can recover from failures and successful attacks.
Article
Background There are mainly three types of banking includes Traditional banking, online banking, and mobile banking. The use of the latter two i.e, online banking and mobile banking, over traditional methods should rise exponentially among the people. This will be the implication only if the customers are made aware of the new technologies and advancements in the banking sector. Therefore, appropriate securities to be implied on the digital methods of banking for reliability and trust of the customers. Objective In this paper, we formulate a model that represents a means for detecting and describing the transmission of malicious objects through various individual nodes in a server of banking. Method For a strong banking infrastructure, the challenge is to those concerned with information security to place a monetary value on the protection of information resources. In addition, a trust model for the banking system in online or offline modes is also provided. Results The results of this model can help in understanding the mechanism by which malicious object spread, to predict the future course of an outbreak and to evaluate the strategies to control. Conclusion The paper can be concluded to achieve its objective that how to maintain Trust in the banking system in different scenarios along with predicting the outbreak of a perticular malicious object.
Conference Paper
Emerging microservices-based workloads introduce new security risks in today's data centers as attacks can propagate laterally within the data center relatively easily by exploiting cross-service dependencies. As countermeasures for such attacks, traditional perimeterization approaches, such as network-endpoint-based access control, do not fare well in highly dynamic microservices environments (especially considering the management complexity, scalability and policy granularity of these earlier approaches). In this paper, we propose eZTrust, a network-independent perimeterization approach for microservices. eZTrust allows data center tenants to express access control policies based on fine-grained workload identities, and enables data center operators to enforce such policies reliably and efficiently in a purely network-independent fashion. To this end, we leverage eBPF, the extended Berkeley Packet Filter, to trace authentic workload identities and apply per-packet tagging and verification. We demonstrate the feasibility of our approach through extensive evaluation of our proof-of-concept prototype implementation. We find that, when comparable policies are enforced, eZTrust incurs 2--5 times lower packet latency and 1.5--2.5 times lower CPU overhead than traditional perimeterization schemes.