File(s) not publicly available
Zero Trust Architecture (ZTA): A Comprehensive Survey
journal contributionposted on 2022-09-30, 00:29 authored by Naeem SyedNaeem Syed, S W Shah, A Shaghaghi, Adnan AnwarAdnan Anwar, Zubair BaigZubair Baig, Robin Ram Mohan DossRobin Ram Mohan Doss
We present a detailed survey of the Zero Trust (ZT) security paradigm which has a growing number of advocates in the critical infrastructure risk management space. The article employs a descriptive approach to present the fundamental tenets of ZT and provides a review of numerous potential options available for successful realization of this paradigm. We describe the role of authentication and access control in Zero Trust Architectures (ZTA) and present an in-depth discussion of state-of-the-art techniques for authentication and access control in different scenarios. Furthermore, we comprehensively discuss the conventional approaches to encryption, micro-segmentation, and security automation available for instantiating a ZTA. The article also details various challenges associated with contemporary authentication mechanisms, access control schemes, trust and risk computation techniques, micro-segmentation approaches, and Software-Defined Perimeter, that can impact the implementation of ZT in its true sense. Based upon our analysis, we finally pinpoint the potential future research directions for successful realization of ZT in critical infrastructures.
Pagination57143 - 57179
Publication classificationC1 Refereed article in a scholarly journal
Read the peer-reviewed publication
Science & TechnologyTechnologyComputer Science, Information SystemsEngineering, Electrical & ElectronicTelecommunicationsComputer ScienceEngineeringAccess controlAuthenticationComputer architectureNISTEncryptionCritical infrastructureAutomationZero trust architecture (ZTA)micro-segmentationsoftware-defined parameter (SDP)CONTINUOUS USER AUTHENTICATIONINTERNET-OF-THINGSACCESS-CONTROLCONTEXT-AWARECYBERCHALLENGESIOT