A Comprehensive Review of Zero Trust Network Architecture (ZTNA) and Deployment Frameworks
DOI:
https://doi.org/10.31436/ijpcc.v11i1.494Keywords:
Zero Trust, Network Security, Identity and Access ManagementAbstract
The zero trust (ZT) approach has initiated significant advancements in network security, addressing the limitations of traditional security models. Traditional network security approaches have faced challenges adapting to modern trends such as bring your own device (BYOD) and cloud computing, resulting in increased complexity in meeting new security requirements. The zero trust security model operates on the principle that no entity within the network, whether internal or external, is inherently trusted. Therefore, all users and devices must undergo strict authentication and authorization processes prior to accessing organizational resources. This review paper provides a comprehensive analysis of zero trust network architecture (ZTNA) and outlines a general deployment framework model, highlighting the critical role of zero trust in modern network security.
References
J. Kindervag, “No More Chewy Centers: Introducing The Zero Trust Model of Information Security,” Forrester Research, USA, Sep. 14, 2010. [Online]. Available:
https://media.paloaltonetworks.com/documents/Forrester-No-More-Chewy-Centers.pdf
C. Cunningham, “The Zero Trust eXtended (ZTX) Ecosystem, Strategic Plan: The Zero Trust Security Playbook,” Forrester Research, Jul. 11, 2019.
S. Rose, O. Borchert, S. Mitchell, and S. Connelly, Zero Trust Architecture, NIST Special Publication 800-207, 2020
Z. Sun, D. Huang, S. Li, H. Yang, and C. Zhao, “High Efficiency Positioning of Vibration Intrusions for Long Distance Perimeter Security Monitoring Based on Time-Frequency Variation Envelopes,” IEEE Transactions on Instrumentation and Measurement, vol. PP, pp. 1–1, 2024, doi: 10.1109/TIM.2023.3348889.
N. Wagh and Y. Jadhav, “Eclipsing Security: An In-Depth Analysis of Advanced Persistent Threats,” International Journal of Scientific Research in Engineering and Management, vol. 7, pp. 1–11, 2023, doi: 10.55041/IJSREM27653.
B. Mixon-Baca, J. Knockel, D. Xue, T. Ayyagari, D. Kapur, R. Ensafi, and J. Crandall, “Attacking Connection Tracking Frameworks as Used by Virtual Private Networks,” Proceedings on Privacy Enhancing Technologies, vol. 2024, pp. 109–126, 2024, doi: 10.56553/popets-2024-0070.
S.-J. Lee, S.-E. Jeon, and I.-G. Lee, “A machine learning-enhanced endpoint detection and response framework for fast and proactive defense against advanced cyber attacks,” Soft Computing, pp. 1–15, 2024, doi: 10.1007/s00500-024-09727-7.
M. Wa Nkongolo and M. Tokmak, “Zero-Day Threats Detection for Critical Infrastructures,” arXiv preprint, 2023. doi: 10.48550/arXiv.2306.06366.
M. Xu, B. Chen, Z. Tan, S. Chen, L. Wang, Y. Liu, T. San, S. Fong, W. Wang, and J. Feng, “AHAC: Advanced Network-Hiding Access Control Framework,” Applied Sciences, vol. 14, no. 5593, 2024, doi: 10.3390/app14135593.
M. Schroetter, A. Niemann, and B. Schnor, “A Comparison of Neural-Network-Based Intrusion Detection against Signature-Based Detection in IoT Networks,” Information, vol. 15, no. 164, 2024, doi: 10.3390/info15030164.
A. Badea, V. Croitoru, and D. Gheorghica, “Computer networks security based on the detection of user’s behavior,” in Proceedings of the International Symposium on Advanced Topics in Electrical Engineering (ATEE), 2015, pp. 55–60, doi: 10.1109/ATEE.2015.7133679.
S. Ramakrishnan, “Revolutionizing Role-Based Access Control: The Impact of AI and Machine Learning in Identity and Access Management,” Journal of Artificial Intelligence & Cloud Computing, vol. 2, pp. 1–7, 2023, doi: 10.47363/JAICC/2023(2)236.
M. Jhaveri and V. Parmar, “CLOUD Security Information and Event Management,” GIS-Zeitschrift fü Geoinformatik, vol. 10, pp. 13, 2023.
A. Ragula, “Emerging Trends in Cloud Security: Zero Trust and SASE,” International Journal for Research in Applied Science and Engineering Technology, vol. 12, pp. 10–17, 2024, doi: 10.22214/ijraset.2024.62457.
P. Selvam, “Secure Cloud Services by Integrating CASB Based Approach,” International Journal of Scientific Research in Engineering and Management, vol. 4, 2022, doi: 10.55041/IJSREM15210.
