Loading...
SoK: Context and risk aware access control for zero trust systems
Date
2022
Abstract
Evolving computing technologies such as cloud, edge computing, and the Internet of Things (IoT) are creating a more complex, dispersed, and dynamic enterprise operational environment. New security enterprise architectures such as those based on the concept of Zero Trust (ZT) are emerging to meet the challenges posed by these changes. ZT systems treat internal and external networks as untrusted and subject both to the same security checking and control to prevent data breaches and limit internal lateral movement. Context awareness is a notion from the field of ubiquitous computing that is used to capture and react to the situation of an entity, based on the dynamics of a particular application or system context. )e idea has been incorporated into several access control models. However, the overlap between context-aware access control and zero-trust security has not been fully explored. In this SoK, we conduct a systematic examination of ZT, context awareness, and risk-based access control to explore the critical elements of each and to identify areas of overlap and synergy to enhance the operation and deployment of ZT systems.
Supervisor
Description
Publisher
Hindawi
Citation
Security and Communication Networks, 2022, Article ID 7026779
Collections
Files
Loading...
Newe_2022_SoK.pdf
Adobe PDF, 725.27 KB
Funding code
Funding Information
This publication has emanated from research conducted with the financial support of Athlone Institute of Technology under its President’s Seed Fund (2021) and Science Foundation Ireland (SFI) under Grant Number SFI 16/RC/3918, co-funded by the European Regional Development Fund.