On the Emergence of Zero Trust Architecture in Enterprise Networks-A Survey on Implementation Methods, Strengths and Open Problems

ABSTRACT

Perimeter security measures are used to protect corporate networks. The perimeter security approaches are based on the principle that everything inside the network is protected and trusted by default. However, with the security threats in cloud computing platforms, Internet of Things and others, these castle-and-moat security measures are found to be deficient. Thus, a new security technique named Zero Trust Architecture (ZTA) is becoming popular as a replacement of the traditional security measures. The aim of this paper is to survey works on Zero Trust Architecture. Thereafter, some of the elements, strengths and open problems in ZTA are discussed. Relevant research articles and technical reports from the period of 2016 till 2024 which are written in English language are selected and used. This work emphasised that in ZTA, it is always assumed that breaches will occur, and thus risk-based access controls are used to limit the damage from attacks. The surveyed papers emphasised that ZTA is better than the perimeter security approach particularly in emerging cloud and IoT based environments. It is concluded that this work will provide further insights to researchers in IT security.

Keywords: Zero Trust Architecture, Enterprise Security, Distributed Computing, Insider Abuse