Year : 2023 | Volume : 01 | Issue : 02 | Page : 6-18

Sampath Talluri

IAM Lead Engineer, Department of Computer Science, Western Michigan University, Michigan, United States

Abstract

The Zero Trust (ZT) Paradigm, a more stringent approach to network security, operates on the fundamental concept of “Never Assume, Always Authenticate.” It is currently being implemented in different countries to align with their national cybersecurity and access management governance policies. The differentiation of these Zero Trust (ZT) systems is contingent upon factors such as awareness, infrastructure, expenses, and security demand. Additionally, the identity-based access management models within the Zero Trust (ZT) system exhibit variations depending on factors such as user profiles, resource allocations, application domains, the specific ZT rules in place, and the role of the ZT administrator. The aforementioned disparities contribute to the phenomenon of security fragmentation, resulting in the proliferation of risk and vulnerability to attacks in various network zones. This study conducts deductive research on the standard frameworks of identity-based zero-trust (ZT) systems, as implemented in the United States and India, both at an industrial level and in other domains. The research substantiates their soundness based on the available factual data regarding the updates and advancements made in addressing the evolving security and user-access management concerns. In the subsequent section, the conclusion highlights potential areas for enhancement and notable characteristics observed in the respective models that can be integrated to develop a zone-neutral ZT model. This result showed that India’s ZT infrastructure lacks the scalability and innovation scope of the USA’s ZT system. Thus, in order to develop a zone-neutral model operational in both areas, India’s model should be integrated with advanced classification, detection, and user management systems and better areas of application.

Keywords: zero trust, user identity, authentication, regional ZT, ZT systems

[This article belongs to International Journal of Mobile Computing Technology(ijmct)]

How to cite this article: Sampath Talluri Zero Trust Security Governance by Utilizing Identity and Access Management ijmct 2023; 01:6-18

How to cite this URL: Sampath Talluri Zero Trust Security Governance by Utilizing Identity and Access Management ijmct 2023 {cited 2023 Jul 20};01:6-18. Available from: https://journals.stmjournals.com/ijmct/article=2023/view=0

var fieldValue = “[user_role]”;
if (fieldValue == ‘indexingbodies’) {
document.write(‘Full Text PDF‘);
}
else if (fieldValue == ‘administrator’) { document.write(‘Full Text PDF‘); }
else if (fieldValue == ‘ijmct’) { document.write(‘Full Text PDF‘); }
else { document.write(‘ ‘); }

References

(2023). Zero trust. ManageEngine. https://www.manageengine.com/active-directory-360/manage-and-protect-identities/zero-trust-security.html
Kerman , A., Borchert, O., & Rose , S. (2020). (rep.). Implementing A Zero Trust Architecture.
Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture. https://doi.org/10.6028/nist.sp.800-207
(2021). (rep.). Zero Trust: 2021 A revolutionary approach to Cyber or just another buzz word?
Heath, D. (2023, April 18). The evolution of Zero Trust and the frameworks that guide it. IBM Blog. https://www.ibm.com/blog/the-evolution-of-zero-trust-and-the-frameworks-that-guide-it/
(2023). The state of Zero trust security in global organizations. https://www.okta.com/resources/reports/state-of-zero-trust-security-in-global-organizations/
Guru, S. (2022, July 27). The new standard for cyber security of organisations and enterprises: Zero trust architecture. Cyber Secure India. https://cybersecureindia.in/new-standard-for-cyber-security-organisations-and-enterprises-zero-trust-architecture/
Raina , K. (2023, April 17). What is Zero trust security? principles of the zero trust model. crowdstrike.com. https://www.crowdstrike.com/cybersecurity-101/zero-trust-security/
Teplinsky, M. (2023, September 13). A review of NIST’s draft Cybersecurity Framework 2.0. Default. https://www.lawfaremedia.org/article/a-review-of-nist-s-draft-cybersecurity-framework-2.0
Chaudhry, U. B., & Hydros, A. K. (2023). Zero‐trust‐based security model against data breaches in the banking sector: A blockchain consensus algorithm. IET Blockchain, 3(2), 98–115. https://doi.org/10.1049/blc2.12028
Adahman, Z., Malik, A. W., & Anwar, Z. (2022). An analysis of zero-trust architecture and its cost-effectiveness for organizational security. Computers & Security, 122, 102911. https://doi.org/10.1016/j.cose.2022.102911
Alappat, Mathews Rajan. (2023) “Multifactor Authentication Using Zero Trust”. Thesis. Rochester Institute of Technology. Accessed from
Paul, B., & Rao, M. (2022). Zero-trust model for Smart Manufacturing Industry. Applied Sciences, 13(1), 221. https://doi.org/10.3390/app13010221
Adahman, Z., Malik, A. W., & Anwar, Z. (2022a). An analysis of zero-trust architecture and its cost-effectiveness for organizational security. Computers & Security, 122, 102911. https://doi.org/10.1016/j.cose.2022.102911
Fernandez, E. B., & Brazhuk, A. (2022). A critical analysis of zero trust architecture (ZTA). SSRN Electronic Journal. https://doi.org/10.2139/ssrn.4210104
He, Y., Huang, D., Chen, L., Ni, Y., & Ma, X. (2022). A survey on Zero Trust Architecture: Challenges and future trends. Wireless Communications and Mobile Computing, 2022, 1–13. https://doi.org/10.1155/2022/6476274
Zhang, Y. (2023). Privacy-preserving with Zero trust computational intelligent hybrid technique to English education model. Applied Artificial Intelligence, 37(1). https://doi.org/10.1080/08839514.2023.2219560
Sampath Talluri. Vamsy Priya Anne. Active Directory Implementation: Resolving Provisioning / Deprovisioning Access and Ensuring Accurate User Identity and Access Across The Organization Using IAM. International Journal of Information Technology (IJIT). 2023;4(02):29-37.
Liu, H., Ai, M., Huang, R., Qiu, R., & Li, Y. (2022). Identity authentication for edge devices based on zero‐trust architecture. Concurrency and Computation: Practice and Experience, 34(23). https://doi.org/10.1002/cpe.7198
Feng, Y., Zhong, Z., Sun, X., Wang, L., Lu, Y., & Zhu, Y. (2023). Blockchain enabled Zero trust based authentication scheme for Railway Communication Networks. Journal of Cloud Computing, 12(1). https://doi.org/10.1186/s13677-023-00411-z
(2023). (rep.). Public Draft: The NIST Cybersecurity Framework 2.0 National Institute of Standards and Technology.
Sathyajith, S. (2022, August 18). Role of zero trust in India’s Digital Transformation Journey. Entrepreneur. https://www.entrepreneur.com/en-in/growth-strategies/role-of-zero-trust-in-indias-digital-transformation-journey/433648
(2021). (rep.). Safe & Trusted Internet: Guidelines on Information Security Practices for Government Entities.
Tejaswi, M. (2023, April 29). Zero trust to become cornerstone of data security this year in India: Dell’s Ripu Bajwa. The Hindu. https://www.thehindu.com/business/zero-trust-to-become-cornerstone-of-data-security-this-year-in-india-dells-ripu-bajwa/article66793069.ece
Razavian M, Paech B, Tang A. The vision of on-demand architectural knowledge systems as a decision-making companion. Journal of Systems and Software. 2023 Apr 1;198:111560.

Regular Issue Subscription Review Article

International Journal of Mobile Computing Technology

Volume	01
Issue	02
Received	June 24, 2023
Accepted	July 7, 2023
Published	July 20, 2023

Not A Member?

Join Us

Submit Manuscript

Submit Topics

Initiatives

Guidelines For

Further Information

Corporate Office

STM Journals,
An imprint of Consortium E-learning network Pvt. Ltd.
A-118, 1st Floor, Sector-63, Noida, U.P. India,
Pin-201301
(Tel) (+91) 0120- 4781 200
(Mob) (+91) 9810078958, +919667725932
E-mail: [email protected]

WEBSITE DISCLAIMER

Last updated: 2022-06-15

The information provided by STM Journals (“Company”, “we”, “our”, “us”) on https://journals.stmjournals.com/ (the “Site”) is for general informational purposes only. All information on the Site is provided in good faith, however, we make no representation or warranty of any kind, express or implied, regarding the accuracy, adequacy, validity, reliability, availability, or completeness of any information on the Site.

UNDER NO CIRCUMSTANCE SHALL WE HAVE ANY LIABILITY TO YOU FOR ANY LOSS OR DAMAGE OF ANY KIND INCURRED AS A RESULT OF THE USE OF THE SITE OR RELIANCE ON ANY INFORMATION PROVIDED ON THE SITE. YOUR USE OF THE SITE AND YOUR RELIANCE ON ANY INFORMATION ON THE SITE IS SOLELY AT YOUR OWN RISK.

EXTERNAL LINKS DISCLAIMER

The Site may contain (or you may be sent through the Site) links to other websites or content belonging to or originating from third parties or links to websites and features. Such external links are not investigated, monitored, or checked for accuracy, adequacy, validity, reliability, availability, or completeness by us.

WE DO NOT WARRANT, ENDORSE, GUARANTEE, OR ASSUME RESPONSIBILITY FOR THE ACCURACY OR RELIABILITY OF ANY INFORMATION OFFERED BY THIRD-PARTY WEBSITES LINKED THROUGH THE SITE OR ANY WEBSITE OR FEATURE LINKED IN ANY BANNER OR OTHER ADVERTISING. WE WILL NOT BE A PARTY TO OR IN ANY WAY BE RESPONSIBLE FOR MONITORING ANY TRANSACTION BETWEEN YOU AND THIRD-PARTY PROVIDERS OF PRODUCTS OR SERVICES.

PROFESSIONAL DISCLAIMER

The Site can not and does not contain medical advice. The information is provided for general informational and educational purposes only and is not a substitute for professional medical advice. Accordingly, before taking any actions based on such information, we encourage you to consult with the appropriate professionals. We do not provide any kind of medical advice.

Content published on https://journals.stmjournals.com/ is intended to be used and must be used for informational purposes only. It is very important to do your analysis before making any decision based on your circumstances. You should take independent medical advice from a professional or independently research and verify any information that you find on our Website and wish to rely upon.

THE USE OR RELIANCE OF ANY INFORMATION CONTAINED ON THIS SITE IS SOLELY AT YOUR OWN RISK.

AFFILIATES DISCLAIMER

The Site may contain links to affiliate websites, and we may receive an affiliate commission for any purchases or actions made by you on the affiliate websites using such links.

TESTIMONIALS DISCLAIMER

The Site may contain testimonials by users of our products and/or services. These testimonials reflect the real-life experiences and opinions of such users. However, the experiences are personal to those particular users, and may not necessarily be representative of all users of our products and/or services. We do not claim, and you should not assume that all users will have the same experiences.

YOUR RESULTS MAY VARY.

The testimonials on the Site are submitted in various forms such as text, audio, and/or video, and are reviewed by us before being posted. They appear on the Site verbatim as given by the users, except for the correction of grammar or typing errors. Some testimonials may have been shortened for the sake of brevity, where the full testimonial contained extraneous information not relevant to the general public.

The views and opinions contained in the testimonials belong solely to the individual user and do not reflect our views and opinions.

ERRORS AND OMISSIONS DISCLAIMER

While we have made every attempt to ensure that the information contained in this site has been obtained from reliable sources, STM Journals is not responsible for any errors or omissions or the results obtained from the use of this information. All information on this site is provided “as is”, with no guarantee of completeness, accuracy, timeliness, or of the results obtained from the use of this information, and without warranty of any kind, express or implied, including, but not limited to warranties of performance, merchantability, and fitness for a particular purpose.

In no event will STM Journals, its related partnerships or corporations, or the partners, agents, or employees thereof be liable to you or anyone else for any decision made or action taken in reliance on the information in this Site or for any consequential, special or similar damages, even if advised of the possibility of such damages.

GUEST CONTRIBUTORS DISCLAIMER

This Site may include content from guest contributors and any views or opinions expressed in such posts are personal and do not represent those of STM Journals or any of its staff or affiliates unless explicitly stated.

LOGOS AND TRADEMARKS DISCLAIMER

All logos and trademarks of third parties referenced on https://journals.stmjournals.com/ are the trademarks and logos of their respective owners. Any inclusion of such trademarks or logos does not imply or constitute any approval, endorsement, or sponsorship of STM Journals by such owners.

CONTACT US

Should you have any feedback, comments, requests for technical support, or other inquiries, please contact us by email: [email protected].