Theory and Application of Zero Trust Security: A Brief Survey-Reference-Cited by-同舟云学术

Theory and Application of Zero Trust Security: A Brief Survey

Published:2023-11-28 Issue:12 Volume:25 Page:1595
ISSN:1099-4300
Container-title:Entropy
language:en
Short-container-title:Entropy

Author:

Kang Hongzhaoning¹^ORCID,Liu Gang¹^ORCID,Wang Quan¹,Meng Lei¹,Liu Jing²

Affiliation:

1. School of Computer Science and Technology, Xidian University, Xi’an 710071, China

2. School of Computer Science and Engineering, Xi’an University of Technology, Xi’an 710048, China

Abstract

As cross-border access becomes more frequent, traditional perimeter-based network security models can no longer cope with evolving security requirements. Zero trust is a novel paradigm for cybersecurity based on the core concept of “never trust, always verify”. It attempts to protect against security risks related to internal threats by eliminating the demarcations between the internal and external network of traditional network perimeters. Nevertheless, research on the theory and application of zero trust is still in its infancy, and more extensive research is necessary to facilitate a deeper understanding of the paradigm in academia and the industry. In this paper, trust in cybersecurity is discussed, following which the origin, concepts, and principles related to zero trust are elaborated on. The characteristics, strengths, and weaknesses of the existing research are analysed in the context of zero trust achievements and their technical applications in Cloud and IoT environments. Finally, to support the development and application of zero trust in the future, the concept and its current challenges are analysed.

Funder

Shaanxi Key R&D Program

Natural Science Basic Research Plan in Shaanxi Province of China

Publisher

MDPI AG

Subject

General Physics and Astronomy

Link

https://www.mdpi.com/1099-4300/25/12/1595/pdf

Reference57 articles.

1. (2023, November 18). FireEye Mandiant M-Trends. Available online: https://mandiant.widen.net/s/kxbbdppzzk/m-trends-2022-executive-summary.

2. Northcutt, S., Zeltser, L., Winters, S., Kent, K., and Ritchey, R.W. (2005). Inside Network Perimeter Security (Inside), Sams. [2nd ed.].

3. Kindervag, J. (2010). No More Chewy Centers: Introducing the Zero Trust Model of Information Security, Forrester Research.

4. (2023, November 18). Jericho Forum Commandments, Version 1.2. Available online: https://static.spiceworks.com/attachments/post/0016/4842/commandments_v1.2.pdf.

5. Beyondcorp: A new approach to enterprise security;Ward;Login Usenix Mag.,2014

Cited by 8 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Towards zero trust security in connected vehicles: A comprehensive survey;Computers & Security;2024-10

2. Verify and trust: A multidimensional survey of zero-trust security in the age of IoT;Internet of Things;2024-10

3. Emerging Authentication Technologies for Zero Trust on the Internet of Things;Symmetry;2024-08-05

4. The significance of artificial intelligence in zero trust technologies: a comprehensive review;Journal of Electrical Systems and Information Technology;2024-08-05

5. Online Laboratory Access Control With Zero Trust Approach: Twingate Use Case;2024 16th International Conference on Electronics, Computers and Artificial Intelligence (ECAI);2024-06-27