skip to main content
10.1145/3607947.3608067acmotherconferencesArticle/Chapter ViewAbstractPublication Pagesic3Conference Proceedingsconference-collections
research-article

Zero trust security model: Defining new boundaries to organizational network

Published: 28 September 2023 Publication History

Abstract

The zero-trust security model is a modern alternative to traditional perimeter network security and has been gaining popularity over the last several years. Traditional perimeter security suffers the problem of single-point failure and is compelling enterprises to move away from perimeter security. The paradigm of zero trust addresses this vulnerability through the handling of every host as though they are faced with the Internet. As the number of organizations moving towards working from home increases and continues to be the new normal, the definition of trust also needs to be evolved. This paper discusses the zero trust protection model architecture, its accomplishment measures and benefits relative to other network models. We propose a multi-layer zero trust architecture which includes three cascaded layers, four enablers and five security attributes. We also suggest a six-stage implementation framework along with the tools aiding the stage. We summarize the paper by reinforcing the advantages of the zero-trust paradigm and listing down future research directions. This paper can contribute to the knowledge base by directing organizations towards a successful paradigm shift to the zero-trust environment.

References

[1]
DelBene K, Medin M, Murray R. The Road to Zero Trust (Security). DIB Zero Trust White Paper. 2019 Jul 9;9.
[2]
Buck C, Olenberger C, Schweizer A, Völter F, Eymann T. Never trust, always verify: A multivocal literature review on current knowledge and research gaps of zero-trust. Computers & Security. 2021 Nov 1;110:102436. https://doi.org/10.1016/j.cose.2021.102436
[3]
Zero Trust Security: A New Paradigm for a Changing World. Centrify. (2018). Retrieved from CIO Summints: https://www.ciosummits.com/wp-zero-trust.pdf.
[4]
Kindervag J. Build security into your network's dna: The zero trust network architecture. Forrester Research Inc. 2010 Nov 5;27.
[5]
He Y, Huang D, Chen L, Ni Y, Ma X. A survey on zero trust architecture: Challenges and future trends. Wireless Communications and Mobile Computing. 2022 Jun 15;2022. https://doi.org/10.1155/2022/6476274
[6]
Eidle D, Ni SY, DeCusatis C, Sager A. Autonomic security for zero trust networks. In2017 IEEE 8th Annual Ubiquitous Computing, Electronics and Mobile Communication Conference (UEMCON) 2017 Oct 19 (pp. 288-293). IEEE.
[7]
Liu H, Ai M, Huang R, Qiu R, Li Y. Identity authentication for edge devices based on zero‐trust architecture. Concurrency and Computation: Practice and Experience. 2022 Oct 25;34(23):e7198. https://doi.org/10.1002/cpe.7198
[8]
Elmadani S, Hariri S, Shao S. Blockchain Based Methodology for Zero Trust Modeling and Quantification for 5G Networks. In2022 IEEE/ACS 19th International Conference on Computer Systems and Applications (AICCSA) 2022 Dec 5 (pp. 1-9). IEEE.
[9]
Syed NF, Shah SW, Shaghaghi A, Anwar A, Baig Z, Doss R. Zero trust architecture (zta): A comprehensive survey. IEEE Access. 2022 May 12.
[10]
Xiao S, Ye Y, Kanwal N, Newe T, Lee B. SoK: context and risk aware access control for zero trust systems. Security and Communication Networks. 2022 Jun 30;2022. https://doi.org/10.1155/2022/7026779
[11]
Vanickis R, Jacob P, Dehghanzadeh S, Lee B. Access control policy enforcement for zero-trust-networking. In2018 29th Irish Signals and Systems Conference (ISSC) 2018 Jun 21 (pp. 1-6). IEEE.
[12]
DeCusatis C, Liengtiraphan P, Sager A, Pinelli M. Implementing zero trust cloud networks with transport access control and first packet authentication. In2016 IEEE International Conference on Smart Cloud (SmartCloud) 2016 Nov 18 (pp. 5-10). IEEE.
[13]
Rong C, Geng J, Hacker TJ, Bryhni H, Jaatun MG. OpenIaC: open infrastructure as code-the network is my computer. Journal of Cloud Computing. 2022 Dec;11(1):1-3. https://doi.org/10.1186/s13677-022-00285-7
[14]
Akbar W, Rivera JJ, Ahmed KT, Muhammad A, Song WC. Software Defined Perimeter Monitoring and Blockchain-Based Verification of Policy Mapping. In2022 23rd Asia-Pacific Network Operations and Management Symposium (APNOMS) 2022 Sep 28 (pp. 01-04). IEEE.
[15]
Wang H, Ou W, Han W. A Novel Logistics Scheme Based on Zero-Trust Model. InApplied Cryptography in Computer and Communications: Second EAI International Conference, AC3 2022, Virtual Event, May 14-15, 2022, Proceedings 2022 Oct 6 (pp. 203-215). Cham: Springer Nature Switzerland. https://doi.org/10.1007/978-3-031-17081-2_13
[16]
Sengupta B, Lakshminarayanan A. Distritrust: Distributed and low-latency access validation in zero-trust architecture. Journal of Information Security and Applications. 2021 Dec 1;63:103023. https://doi.org/10.1016/j.jisa.2021.103023
[17]
Zhao L, Sun M, Yang B, Xie J, Feng J. Zero trust access authorization and control of network boundary based on cloud sea big data fuzzy clustering. Journal of Intelligent & Fuzzy Systems. 2022 Jan 1(Preprint):1-3.
[18]
Chen L, Sun Y, Sun Z. A Mobile Internet Multi-level Two-way Identity Authentication Scheme Based on Zero Trust. In2021 IEEE 23rd Int Conf on High Performance Computing & Communications; 7th Int Conf on Data Science & Systems; 19th Int Conf on Smart City; 7th Int Conf on Dependability in Sensor, Cloud & Big Data Systems & Application (HPCC/DSS/SmartCity/DependSys) 2021 Dec 20 (pp. 1650-1656). IEEE.
[19]
Li D, Zhang E, Lei M, Song C. Zero trust in edge computing environment: a blockchain based practical scheme. Mathematical Biosciences and Engineering. 2022 Feb 1;19(4):4196-216.
[20]
Awan SM, Azad MA, Arshad J, Waheed U, Sharif T. A Blockchain-Inspired Attribute-Based Zero-Trust Access Control Model for IoT. Information. 2023 Feb 16;14(2):129. https://doi.org/10.3390/info14020129
[21]
Xie L, Hang F, Guo W, Lv Y, Chen H. A Micro-Segmentation Protection Scheme Based on Zero Trust Architecture. InISCTT 2021; 6th International Conference on Information Science, Computer Technology and Transportation 2021 Nov 26 (pp. 1-4). VDE.
[22]
Ni L, Cui H, Wang M, Zhi D, Han K, Kou W. Construction of Data Center Security System Based on Micro Isolation under Zero Trust Architecture. In2022 2nd Asia-Pacific Conference on Communications Technology and Computer Science (ACCTCS) 2022 Feb 25 (pp. 113-116). IEEE.
[23]
Zhang J, Zheng J, Zhang Z, Chen T, Qiu K, Zhang Q, Li Y. Hybrid isolation model for device application sandboxing deployment in Zero Trust architecture. InApplied Cryptography and Network Security Workshops: ACNS 2022 Satellite Workshops, AIBlock, AIHWS, AIoTS, CIMSS, Cloud S&P, SCI, SecMT, SiMLA, Rome, Italy, June 20–23, 2022, Proceedings 2022 Sep 24 (pp. 104-123). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-031-16815-4_7
[24]
Sedjelmaci H, Ansari N. Zero Trust Architecture Empowered Attack Detection Framework to Secure 6G Edge Computing. IEEE Network. 2023 Jan 30.
[25]
Enright MA, Hammad E, Dutta A. A Learning-Based Zero-Trust Architecture for 6G and Future Networks. In2022 IEEE Future Networks World Forum (FNWF) 2022 Oct 10 (pp. 64-71). IEEE.
[26]
John P, Nittala SS, Suresh C. 5 Collating Threat Intelligence for Zero Trust Future Using Open-Source Tools.
[27]
Bandara E, Liang X, Shetty S, Mukkamala R, Rahman A, Keong NW. Skunk—A Blockchain and Zero Trust Security Enabled Federated Learning Platform for 5G/6G Network Slicing. In2022 19th Annual IEEE International Conference on Sensing, Communication, and Networking (SECON) 2022 Sep 20 (pp. 109-117). IEEE.
[28]
de Weever C, Andreou M. Zero trust network security model in containerized environments. University of Amsterdam: Amsterdam, The Netherlands. 2020 Feb 9.
[29]
Paul B, Rao M. Zero-Trust Model for Smart Manufacturing Industry. Applied Sciences. 2023 Jan;13(1):221. https://doi.org/10.3390/app13010221
[30]
Ramezanpour K, Jagannath J. Intelligent zero trust architecture for 5G/6G networks: Principles, challenges, and the role of machine learning in the context of O-RAN. Computer Networks. 2022 Sep 11:109358. https://doi.org/10.1016/j.comnet.2022.109358
[31]
Manan A, Min Z, Mahmoudi C, Formicola V. Extending 5G services with Zero Trust security pillars: a modular approach. In2022 IEEE/ACS 19th International Conference on Computer Systems and Applications (AICCSA) 2022 Dec 5 (pp. 1-6). IEEE.
[32]
Feng Z, Zhou P, Wang Q, Qi W. A Dual-layer Zero Trust Architecture for 5G Industry MEC Applications Access Control. In2022 IEEE 5th International Conference on Electronic Information and Communication Technology (ICEICT) 2022 Aug 21 (pp. 100-105). IEEE.
[33]
Li Y, Chen L, Li N, Lu Z, Dai Z, Wu AF. Fine-Grained Access Control for Power Mobile Service Based on PA Network Under Zero-Trust Framework. InArtificial Intelligence and Security: 8th International Conference, ICAIS 2022, Qinghai, China, July 15–20, 2022, Proceedings, Part III 2022 Jul 4 (pp. 612-624). Cham: Springer International Publishing. https://doi.org/10.1007/978-3-031-06791-4_48
[34]
Guo J, Xu M. ZTESA—A Zero-Trust Endogenous Safety Architecture: gain the endogenous safety benefit, avoid insider threats. InInternational Symposium on Computer Applications and Information Systems (ISCAIS 2022) 2022 May 19 (Vol. 12250, pp. 192-202). SPIE. https://doi.org/10.1117/12.2639540
[35]
Alagappan A, Venkatachary SK, Andrews LJ. Augmenting zero trust network architecture to enhance security in virtual power plants. Energy Reports. 2022 Nov 1;8:1309-20. https://doi.org/10.1016/j.egyr.2021.11.272
[36]
Anderson J, Huang Q, Cheng L, Hu H. BYOZ: Protecting BYOD Through Zero Trust Network Security. In2022 IEEE International Conference on Networking, Architecture and Storage (NAS) 2022 Oct 3 (pp. 1-8). IEEE.
[37]
Samaniego M, Deters R. Zero-trust hierarchical management in IoT. In2018 IEEE international congress on Internet of Things (ICIOT) 2018 Jul 2 (pp. 88-95). IEEE.

Recommendations

Comments

Information & Contributors

Information

Published In

cover image ACM Other conferences
IC3-2023: Proceedings of the 2023 Fifteenth International Conference on Contemporary Computing
August 2023
783 pages
ISBN:9798400700224
DOI:10.1145/3607947
Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 28 September 2023

Permissions

Request permissions for this article.

Check for updates

Qualifiers

  • Research-article
  • Research
  • Refereed limited

Conference

IC3 2023

Contributors

Other Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

  • 0
    Total Citations
  • 188
    Total Downloads
  • Downloads (Last 12 months)122
  • Downloads (Last 6 weeks)6
Reflects downloads up to 13 Jan 2025

Other Metrics

Citations

View Options

Login options

View options

PDF

View or Download as a PDF file.

PDF

eReader

View online with eReader.

eReader

HTML Format

View this article in HTML Format.

HTML Format

Media

Figures

Other

Tables

Share

Share

Share this Publication link

Share on social media