Papers
Topics
Authors
Recent
Gemini 2.5 Flash
Gemini 2.5 Flash
169 tokens/sec
GPT-4o
7 tokens/sec
Gemini 2.5 Pro Pro
45 tokens/sec
o3 Pro
4 tokens/sec
GPT-4.1 Pro
38 tokens/sec
DeepSeek R1 via Azure Pro
28 tokens/sec
2000 character limit reached

Zero Trust Implementation in the Emerging Technologies Era: Survey (2401.09575v1)

Published 17 Jan 2024 in cs.CR

Abstract: This paper presents a comprehensive analysis of the shift from the traditional perimeter model of security to the Zero Trust (ZT) framework, emphasizing the key points in the transition and the practical application of ZT. It outlines the differences between ZT policies and legacy security policies, along with the significant events that have impacted the evolution of ZT. Additionally, the paper explores the potential impacts of emerging technologies, such as AI and quantum computing, on the policy and implementation of ZT. The study thoroughly examines how AI can enhance ZT by utilizing Machine Learning (ML) algorithms to analyze patterns, detect anomalies, and predict threats, thereby improving real-time decision-making processes. Furthermore, the paper demonstrates how a chaos theory-based approach, in conjunction with other technologies like eXtended Detection and Response (XDR), can effectively mitigate cyberattacks. As quantum computing presents new challenges to ZT and cybersecurity as a whole, the paper delves into the intricacies of ZT migration, automation, and orchestration, addressing the complexities associated with these aspects. Finally, the paper provides a best practice approach for the seamless implementation of ZT in organizations, laying out the proposed guidelines to facilitate organizations in their transition towards a more secure ZT model. The study aims to support organizations in successfully implementing ZT and enhancing their cybersecurity measures.

Definition Search Book Streamline Icon: https://streamlinehq.com
References (124)
  1. Quantum approximate counting, simplified, in: Symposium on simplicity in algorithms, SIAM. pp. 24–32.
  2. An analysis of zero-trust architecture and its cost-effectiveness for organizational security. Computers & Security 122, 102911.
  3. Integrated protection of industrial control systems from cyber-attacks: the atena approach. International Journal of Critical Infrastructure Protection 21, 72–82.
  4. Improving iot privacy, data protection and security concerns. International Journal of Technology, Innovation and Management (IJTIM) 1.
  5. Protection of sensitive data in zero trust model, in: Proceedings of the international conference on computing advancements, pp. 1–5.
  6. Intelligent cybersecurity classification using chaos game optimization with deep learning model. COMPUTER SYSTEMS SCIENCE AND ENGINEERING 45, 971–983.
  7. Augmenting zero trust network architecture to enhance security in virtual power plants. Energy Reports 8, 1309–1320.
  8. Anomaly detection for industrial internet of things cyberattacks. Computer Systems Science & Engineering 44.
  9. Bidirectional encoder representations from transformers (bert): A sentiment analysis odyssey. arXiv preprint arXiv:2007.01127 .
  10. Multifactor Authentication Using Zero Trust. Ph.D. thesis. Rochester Institute of Technology.
  11. A maturity framework for zero-trust security in multiaccess edge computing. Security and Communication Networks 2022.
  12. Ensemble unsupervised autoencoders and gaussian mixture model for cyberattack detection. Information Processing & Management 59, 102844.
  13. Incident readiness. Applied Incident Response .
  14. Why the time has come to embrace the Zero-Trust model of cybersecurity. [Online; accessed 13-November-2022].
  15. Towards a zero-trust micro-segmentation network security strategy: an evaluation framework, in: NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, IEEE. pp. 1–7.
  16. Services for zero trust architectures-a research roadmap, in: 2021 IEEE International Conference on Web Services (ICWS), IEEE. pp. 14–20.
  17. Zero trust validation: from practice to theory: An empirical research project to improve zero trust implementations, in: 2022 IEEE 29th Annual Software Technology Conference (STC), IEEE. pp. 93–104.
  18. Strategic cyber environment management with zero trust and cyber counterintelligence. Journal of Information Warfare 21.
  19. Gpthreats-3: Is automatic malware generation a threat?, in: 2023 IEEE Security and Privacy Workshops (SPW), IEEE. pp. 238–254.
  20. How machine learning changes the nature of cyberattacks on iot networks: A survey. IEEE Communications Surveys & Tutorials 24, 248–279.
  21. Never trust, always verify: A multivocal literature review on current knowledge and research gaps of zero-trust. Computers & Security 110, 102436.
  22. Beyond zero trust: Trust is a vulnerability. Computer 53, 110–113.
  23. Automation and orchestration of zero trust architecture: Potential solutions and challenges. Elsevier .
  24. Analyzing openapi specifications for security design issues, in: 2021 IEEE Secure Development Conference (SecDev), IEEE. pp. 15–22.
  25. A security awareness and protection system for 5g smart healthcare based on zero-trust architecture. IEEE Internet of Things Journal 8, 10248–10263.
  26. Universal wellpad control: An open automation and control platform with zero-trust and zero-touch provisioning system, in: Abu Dhabi International Petroleum Exhibition and Conference, SPE. p. D011S027R002.
  27. The challenge of achieving zero trust remote access in multi-cloud environment. ABC Journal of Advanced Research 9, 89–102.
  28. An implementation method of zero-trust architecture, in: Journal of Physics: Conference Series, IOP Publishing. p. 012010.
  29. Access control enforcement in iot: state of the art and open challenges in the zero trust era, in: 2021 third ieee international conference on trust, privacy and security in intelligent systems and applications (tps-isa), IEEE. pp. 159–166.
  30. The zero trust extended (ztx) ecosystem. Forrester, Cambridge, MA .
  31. Cyber security integration with smart new age sustainable startup business, risk management, automation and scaling system for entrepreneurs: An artificial intelligence approach, in: 2023 7th International Conference on Intelligent Computing and Control Systems (ICICCS), IEEE. pp. 1357–1363.
  32. Implementing zero trust cloud networks with transport access control and first packet authentication, in: 2016 IEEE International Conference on Smart Cloud (SmartCloud), IEEE. pp. 5–10.
  33. Identity and access management: High-level conceptual framework. Cardiometry , 393–399.
  34. Exploring How Universities Can Reduce Successful Cyberattacks by Incorporating Zero Trust. Ph.D. thesis. Colorado Technical University.
  35. Securing iot devices using zero trust and blockchain. Journal of Organizational Computing and Electronic Commerce 31, 18–34.
  36. Building a zero trust architecture using kubernetes, in: 2021 6th international conference for convergence in technology (i2ct), IEEE. pp. 1–8.
  37. Digital twins for cyber-physical systems security: State of the art and outlook. Security and Quality in Cyber-Physical Systems Engineering: With Forewords by Robert M. Lee and Tom Gilb , 383–412.
  38. Autonomic security for zero trust networks, in: 2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON), IEEE. pp. 288–293.
  39. Machine learning based trust management framework for vehicular networks. Vehicular Communications 25, 100256.
  40. Zero trust network model. Tufts University: Medford, MA, USA .
  41. Identification of vulnerable lines in smart grid systems based on affinity propagation clustering. IEEE Internet of Things Journal 6, 5163–5171.
  42. Zero Trust Security: An Enterprise Guide. Springer.
  43. Xdr: The evolution of endpoint security solutions-superior extensibility and analytics to satisfy the organizational needs of the future. International Journal of Advanced Research in Science, Communication and Technology (IJARSCT) 8, 493–501.
  44. Zero trust networks. O’Reilly Media, Incorporated.
  45. The untold story of notpetya, the most devastating cyberattack in history. Wired, August 22.
  46. Applying the principles of zero-trust architecture to protect sensitive and critical data. Network Security 2021, 7–9.
  47. Tactical provenance analysis for endpoint detection and response systems, in: 2020 IEEE Symposium on Security and Privacy (SP), IEEE. pp. 1172–1189.
  48. Zero trust federation: sharing context under user control towards zero trust in identity federation, in: 2021 IEEE International Conference on Pervasive Computing and Communications Workshops and other Affiliated Events (PerCom Workshops), IEEE. pp. 514–519.
  49. Forrester Pushes ’Zero Trust’ Model For Security. [Online; accessed 13-November-2022].
  50. A novel intrusion detection model for detecting known and innovative cyberattacks using convolutional neural network. IEEE Open Journal of the Computer Society 2, 14–25.
  51. Executive order on improving the nation’s cybersecurity. The White House .
  52. Digital twin virtualization with machine learning for iot and beyond 5g networks: Research directions for security and optimal control, in: Proceedings of the 2022 ACM Workshop on Wireless Security and Machine Learning, pp. 81–86.
  53. Designing the Extended Zero Trust Maturity Model A Holistic Approach to Assessing and Improving an Organization’s Maturity Within the Technology, Processes and People Domains of Information Security. Master’s thesis. University of Agder.
  54. Source idc: Future of industry ecosystems: Shared data and insights. IDC .
  55. Zero Trust Evolution & Transforming Enterprise Security. Ph.D. thesis. CALIFORNIA STATE UNIVERSITY SAN MARCOS.
  56. Adaptive observation of emerging cyber attacks targeting various iot devices, in: 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM), IEEE. pp. 143–151.
  57. Implementing a zero trust architecture. National Institute of Standards and Technology 2020, 17–17.
  58. A chaotic complexity measure for cognitive machine classification of cyber-attacks on computer networks. International Journal of Cognitive Informatics and Natural Intelligence (IJCINI) 8, 45–69.
  59. Certified malware: Measuring breaches of trust in the windows code-signing pki, in: Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security, pp. 1435–1448.
  60. Build security into your network’s dna: The zero trust network architecture. Forrester Research Inc 27.
  61. A clustering-based approach to detect cyber attacks in process control systems, in: 2015 IEEE 13th international conference on industrial informatics (INDIN), IEEE. pp. 142–148.
  62. Analysis of intrusion detection in cyber attacks using deep learning neural networks. Peer-to-Peer Networking and Applications 14, 2565–2584.
  63. Performance comparison between chaos and quantum-chaos based image encryption techniques. Multimedia Tools and Applications 80, 33213–33255.
  64. Applications of defense-in-depth and zero-trust cryptographic products in emergent cybersecurity environments, in: Emergent Behavior in System of Systems Engineering. CRC Press, pp. 93–117.
  65. Grover’s algorithm: Quantum database search. arXiv preprint quant-ph/0301079 .
  66. Future industry internet of things with zero-trust security. Information Systems Frontiers , 1–14.
  67. Shor’s algorithm for integer factorization. A primer on quantum computing , 57–77.
  68. Trust computation model for iot devices using machine learning techniques, in: Proceeding of First Doctoral Symposium on Natural Computing Research: DSNCR 2020, Springer. pp. 195–205.
  69. Grover algorithm with zero theoretical failure rate. Physical Review A 64, 022307.
  70. Deep learning for security in digital twins of cooperative intelligent transportation systems. IEEE transactions on intelligent transportation systems 23, 16666–16675.
  71. MarketsandMarkets, . Zero trust security market by solution type.
  72. Formalising trust as a computational concept. Ph.D. thesis .
  73. Digital-analog quantum algorithm for the quantum fourier transform. Physical Review Research 2, 013012.
  74. Establishing a zero trust strategy in cloud computing environment, in: 2020 International Conference on Computer Communication and Informatics (ICCCI), IEEE. pp. 1–6.
  75. Quantum fingerprint scrambling algorithm based on chaos theory, in: 2023 17th International Conference on Engineering of Modern Electric Systems (EMES), IEEE. pp. 1–4.
  76. Large-scale monitoring for cyber attacks by using cluster information on darknet traffic features. Procedia Computer Science 53, 175–182.
  77. Chaos-based interleave division multiple access scheme with physical layer security, in: 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC), IEEE. pp. 1–2.
  78. A guide to securing industrial control networks: Integrating it and ot systems. IEEE Industry Applications Magazine 26, 47–53.
  79. Design and implementation of a consensus algorithm to build zero trust model, in: 2020 IEEE 17th India Council International Conference (INDICON), IEEE. pp. 1–5.
  80. Factors affecting reputational damage to organisations due to cyberattacks, in: Informatics, MDPI. p. 28.
  81. Quantum resistant public key cryptography: a survey, in: Proceedings of the 8th Symposium on Identity and Trust on the Internet, pp. 85–93.
  82. A comprehensive framework for migrating to zero trust architecture. IEEE Access 11, 19487–19511.
  83. Study of zero trust architecture for applications and network security, in: 2022 IEEE 19th International Conference on Smart Communities: Improving Quality of Life Using ICT, IoT and AI (HONET), IEEE. pp. 111–116.
  84. Zero trust architecture. Technical Report. National Institute of Standards and Technology.
  85. Insider Threat: Replacing the Trusted Security Model. Ph.D. thesis. Capella University.
  86. An ensemble of deep recurrent neural networks for detecting iot cyber attacks using network traffic. IEEE Internet of Things Journal 7, 8852–8859.
  87. Zero-trust hierarchical management in iot, in: 2018 IEEE international congress on Internet of Things (ICIOT), IEEE. pp. 88–95.
  88. Integrating zero trust and devsecops. Technical Report. Tech. rep.
  89. How a zero trust approach can help to secure your aws environment. Network Security 2018, 5–8.
  90. Anomaly events classification and detection system in critical industrial internet of things infrastructure using machine learning algorithms. Multimedia Tools and Applications 80, 12619–12640.
  91. Enabling a zero trust architecture in smart grids through a digital twin, in: Dependable Computing-EDCC 2021 Workshops: DREAMS, DSOGRI, SERENE 2021, Munich, Germany, September 13, 2021, Proceedings 17, Springer. pp. 73–81.
  92. Chaos theory and its application: an essential framework for image encryption. Chaos Theory and Applications 2, 17–22.
  93. Zero trust using network micro segmentation, in: IEEE INFOCOM 2021-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS), IEEE. pp. 1–6.
  94. The state of zero trust in the age of fluid working. Network Security 2021, 15–17.
  95. Toward a zero trust metric. Procedia Computer Science 204, 123–130.
  96. Zero trust architecture. NIST Special Publication 800, 207.
  97. Zero trust architecture (zta): A comprehensive survey. IEEE Access 10, 57143–57179.
  98. The “cyber security via determinism” paradigm for a quantum safe zero trust deterministic internet of things (iot). IEEE Access 10, 45893–45930.
  99. Deep autoencoder-based anomaly detection of electricity theft cyberattacks in smart grids. IEEE Systems Journal 16, 4106–4117.
  100. Migrating to zero trust architecture: Reviews and challenges. Security and Communication Networks 2021, 1–10.
  101. Never trust, always verify: a roadmap for trustworthy ai? arXiv preprint arXiv:2206.11981 .
  102. Trust no one? a framework for assisting healthcare organisations in transitioning to a zero-trust network architecture. Applied Sciences 11, 7499.
  103. Factors influencing cloud computing adoption in a zero-trust environment. researchsquare .
  104. Verizon, 2021. Verizon 2021 data breach investigations report. from Verizon Business, https://enterprise.verizon.com/en-gb/resources/reports/dbir/ .
  105. Adaptive density-based spatial clustering of applications with noise (dbscan) according to data, in: 2015 International Conference on Machine Learning and Cybernetics (ICMLC), IEEE. pp. 445–451.
  106. Secure access method of power internet of things based on zero trust architecture, in: International Conference on Swarm Intelligence, Springer. pp. 386–399.
  107. Zero trust network security model in containerized environments. University of Amsterdam: Amsterdam, The Netherlands .
  108. Implementation of the quantum fourier transform. Physical review letters 86, 1889.
  109. The Jericho principle: How companies use strategic collaboration to find new sources of value. John Wiley & Sons.
  110. Real identity based access control technology under zero trust architecture, in: 2021 International Conference on Wireless Communications and Smart Grid (ICWCSG), IEEE. pp. 18–22.
  111. Zero trust: Never trust, always verify, in: 2021 international conference on cyber situational awareness, data analytics and assessment (cybersa), IEEE. pp. 1–4.
  112. Sok: context and risk aware access control for zero trust systems. Security and Communication Networks 2022.
  113. Power iot security protection architecture based on zero trust framework, in: 2021 IEEE 5th International Conference on Cryptography, Security and Privacy (CSP), IEEE. pp. 166–170.
  114. A zero trust method based on blp and biba model, in: 2021 14th International Symposium on Computational Intelligence and Design (ISCID), IEEE. pp. 96–100.
  115. Artificial intelligence safety and cybersecurity: A timeline of ai failures. arXiv preprint arXiv:1610.07997 .
  116. Survey on zero-trust network security, in: Artificial Intelligence and Security: 6th International Conference, ICAIS 2020, Hohhot, China, July 17–20, 2020, Proceedings, Part I 6, Springer. pp. 50–60.
  117. Dynamic access control and authorization system based on zero-trust architecture, in: Proceedings of the 2020 1st International Conference on Control, Robotics and Intelligent System, pp. 123–127.
  118. Zero trust cybersecurity: Critical success factors and a maturity assessment framework. Computers & Security , 103412.
  119. Feature extraction and selection method of cyber-attack and threat profiling in cybersecurity audit, in: 2019 International Conference on Cybersecurity (ICoCSec), IEEE. pp. 1–6.
  120. A zero trust approach for the cybersecurity of industrial control systems, in: 2022 IEEE 21st International Symposium on Network Computing and Applications (NCA), IEEE. pp. 1–7.
  121. Flexible zero trust architecture for the cybersecurity of industrial iot infrastructures. Available at SSRN 4481853 .
  122. Depth optimization of quantum search algorithms beyond grover’s algorithm. Physical Review A 101, 032346.
  123. A machine learning based trust evaluation framework for online social networks, in: 2014 IEEE 13th International Conference on Trust, Security and Privacy in Computing and Communications, IEEE. pp. 69–74.
  124. Automatic fine-grained access control in scada by machine learning. Future Generation Computer Systems 93, 548–559.
Citations (2)
View on Semantic Scholar

Summary

We haven't generated a summary for this paper yet.

Ai Sparkles Streamline Icon: https://streamlinehq.com Summarize Now