An Extensive Analysis on Zero Trust Architecture


Authors : Rajesh Kumar

Volume/Issue : Volume 9 - 2024, Issue 5 - May

Google Scholar : https://tinyurl.com/ymfbbm7v

Scribd : https://tinyurl.com/yck3hd7d

DOI : https://doi.org/10.38124/ijisrt/IJISRT24MAY1225

Abstract : Zero Trust Architecture (ZTA) addresses a change in perspective in cyber security, challenging the conventional security-based model by expecting no certain trust inside or outside the network limits. This approach exemplifies the standards of constant confirmation, strong access controls, and the idea of "never trust, always verify" (Stafford, 2020). ZTA is intended to address the weaknesses inborn in conventional security models, particularly even with dynamic IT environments, cloud services, and the rising refinement of cyber-attacks. This paper presents a top-tobottom investigation of ZTA, its main components including severe identity verification, least privilege access, micro-segmentation, and multifaceted verification, as well as its fundamental relationship with Identity and Access Management (IAM) solutions. Moreover, this paper looks at the critical job of ZTA in lowering the attack surface, strengthening an organization's security posture, and ensuring regulatory regulations are being followed. This paper’s goal is to examine the shortcomings and weaknesses of conventional perimeter-based security models in the current digital environment and to suggest Zero Trust Architecture (ZTA) as a more potent security paradigm to deal with these issues. This research attempts to give insights into how businesses might switch from traditional security techniques to ZTA to improve their security posture.

Keywords : Zero Trust Architecture, Never Trust, Always Verify, Identity and Access Management (IAM), Cloud Services.

References :

  1. Stafford, V. A. (2020). Zero trust architecture. NIST special publication800, 207.
  2. Syed, N. F., Shah, S. W., Shaghaghi, A., Anwar, A., Baig, Z., & Doss, R. (2022). Zero trust architecture (zta): A comprehensive survey. IEEE Access10, 57143-57179.
  3. R. Jalkh. (2023, February 17). Zero trust Security explained. The Chart Guru. https://thechart.guru/zero-trust-security-explained/
  4. Teerakanok, S., Uehara, T., & Inomata, A. (2021). Migrating to zero trust architecture: Reviews and challenges. Security and Communication Networks2021, 1-10.
  5. He, Y., Huang, D., Chen, L., Ni, Y., & Ma, X. (2022). A survey on zero trust architecture: Challenges and future trends. Wireless Communications and Mobile Computing2022.
  6. Fernandez, E. B., & Brazhuk, A. (2024). A critical analysis of Zero Trust Architecture (ZTA). Computer Standards & Interfaces89, 103832.
  7. Adahman, Z., Malik, A. W., & Anwar, Z. (2022). An analysis of zero-trust architecture and its cost-effectiveness for organizational security. Computers & Security122, 102911.
  8. Shelton, C., Loo, S. M., Justice, C., & Hornung, L. (2022, June). ZTA: Never Trust, Always Verify. In European Conference on Cyber Warfare and Security (Vol. 21, No. 1, pp. 256-262).
  9. Phiayura, P., & Teerakanok, S. (2023). A comprehensive framework for migrating to zero trust architecture. Ieee Access11, 19487-19511.
  10. Moore, C. (2022). A Zero Trust Approach to Fundamentally Redesign Network Architecture within Federal Agencies (Doctoral dissertation, Capella University).
  11. D'Silva, D., & Ambawade, D. D. (2021, April). Building a zero-trust architecture using kubernetes. In 2021 6th international conference for convergence in technology (i2ct) (pp. 1-8). IEEE.
  12. House, W. (2021, May 12). Executive Order on Improving the Nation’s Cybersecurity. The White House.https://www.whitehouse.gov/briefing-room/presidential-actions/2021/05/12/executive-order-on-improving-the-nations-cybersecurity/
  13. "Defense Information Systems for Security (DISS)." Defense Information Systems Agency, www.dcsa.mil/is/diss/.
  14. "CISA Insights: Zero Trust Architectures." Cybersecurity and Infrastructure Security Agency, www.cisa.gov/cyber-insights/cisa-insights-zero-trust-architectures.
  15. Jakkal, V. (2023, May 16). Microsoft Zero Trust solutions deliver 92 percent return on investment, says a new Forrester study. Microsoft Security Blog. https://www.microsoft.com/en-us/security/blog/2022/01/12/microsoft-zero-trust-solutions-deliver-92-percent-return-on-investment-says-new-forrester-study/
  16. Rose, S. (2022). Planning for a Zero Trust Architecture: A Planning Guide for Federal Administrators. 2022 NIST CYBERSECURITY WHITE PAPER NIST CSWP 20.

Zero Trust Architecture (ZTA) addresses a change in perspective in cyber security, challenging the conventional security-based model by expecting no certain trust inside or outside the network limits. This approach exemplifies the standards of constant confirmation, strong access controls, and the idea of "never trust, always verify" (Stafford, 2020). ZTA is intended to address the weaknesses inborn in conventional security models, particularly even with dynamic IT environments, cloud services, and the rising refinement of cyber-attacks. This paper presents a top-tobottom investigation of ZTA, its main components including severe identity verification, least privilege access, micro-segmentation, and multifaceted verification, as well as its fundamental relationship with Identity and Access Management (IAM) solutions. Moreover, this paper looks at the critical job of ZTA in lowering the attack surface, strengthening an organization's security posture, and ensuring regulatory regulations are being followed. This paper’s goal is to examine the shortcomings and weaknesses of conventional perimeter-based security models in the current digital environment and to suggest Zero Trust Architecture (ZTA) as a more potent security paradigm to deal with these issues. This research attempts to give insights into how businesses might switch from traditional security techniques to ZTA to improve their security posture.

Keywords : Zero Trust Architecture, Never Trust, Always Verify, Identity and Access Management (IAM), Cloud Services.

Video Explanation for Published paper

Never miss an update from Papermashup

Get notified about the latest tutorials and downloads.

Subscribe by Email

Get alerts directly into your inbox after each post and stay updated.
Subscribe
OR

Subscribe by RSS

Add our RSS to your feedreader to get regular updates from us.
Subscribe