Zero Trust Architecture (ZTA): A Comprehensive Survey
Top Cited Papers
Open Access
- 12 May 2022
- journal article
- research article
- Published by Institute of Electrical and Electronics Engineers (IEEE) in IEEE Access
- Vol. 10, 57143-57179
- https://doi.org/10.1109/access.2022.3174679
Abstract
We present a detailed survey of the Zero Trust (ZT) security paradigm which has a growing number of advocates in the critical infrastructure risk management space. The article employs a descriptive approach to present the fundamental tenets of ZT and provides a review of numerous potential options available for successful realization of this paradigm. We describe the role of authentication and access control in Zero Trust Architectures (ZTA) and present an in-depth discussion of state-of-the-art techniques for authentication and access control in different scenarios. Furthermore, we comprehensively discuss the conventional approaches to encryption, micro-segmentation, and security automation available for instantiating a ZTA. The article also details various challenges associated with contemporary authentication mechanisms, access control schemes, trust and risk computation techniques, micro-segmentation approaches, and Software-Defined Perimeter, that can impact the implementation of ZT in its true sense. Based upon our analysis, we finally pinpoint the potential future research directions for successful realization of ZT in critical infrastructures.Keywords
Funding Information
- Australian Department of Defence
- Defence Science and Technology Group’s Operations Research Network
This publication has 145 references indexed in Scilit:
- Cyber situational awareness – A systematic review of the literatureComputers & Security, 2014
- DCapBAC: embedding authorization logic into smart things through ECC optimizationsInternational Journal of Computer Mathematics, 2014
- SIEM‐based framework for security controls automationInformation Management & Computer Security, 2012
- Harden Single Packet Authentication (HSPA)International Journal of Computer Theory and Engineering, 2012
- A Trust Evaluation Algorithm for Wireless Sensor Networks Based on Node Behaviors and D-S Evidence TheorySensors, 2011
- n-Gram Geo-trace ModelingLecture Notes in Computer Science, 2011
- PRESENT: An Ultra-Lightweight Block CipherLecture Notes in Computer Science, 2007
- Key agreement, the Algebraic Eraser^{𝑇𝑀}, and lightweight cryptographyContemporary Mathematics, 2006
- Towards a Better Understanding of Context and Context-AwarenessLecture Notes in Computer Science, 1999
- NTRU: A ring-based public key cryptosystemLecture Notes in Computer Science, 1998