TOWARD INTELLIGENT DATA ACCESS CONTROL: A DUAL-LAYERED ZERO TRUST AND BLOCKCHAIN-BASED DATA ACESS MODEL
ავტორი: Yashvardhan Chawda, Meera Parmar
ორგანიზაცია: Parul University, Nirma University
კატეგორია:
საკვანძო სიტყვები: Zero Trust Architecture (ZTA), Blockchain, Data Access Control, Cybersecurity, Anomaly Detection, Defense-in-Depth
აბსტრაქტი. The constantly changing field of cybersecurity necessitates creative and flexible approaches to protect private data in intricate digital settings. The dual-layered Zero Trust and blockchain-based data access model presented in this paper is intended to offer strong defense against a variety of online dangers, such as advanced persistent threats (APTs), insider threats, and credential theft. The suggested model combines blockchain technology, multi-factor authentication (MFA), artificial intelligence (AI), and Zero Trust Architecture (ZTA) to produce a thorough defense-in-depth strategy. The Zero Trust architecture makes sure that no entity is trusted by default by enforcing constant verification for all requests for data access. Real-time user behavior analysis by AI-powered anomaly detection helps spot possible risks, and blockchain technology offers unchangeable logging to preserve data integrity and make auditing more transparent. By ensuring that every access request is carefully considered, verified, and safely recorded, the combination of these technologies reduces the possibility of unwanted access and guarantees regulatory compliance. Scalability, transparency, and resilience are guaranteed by the dual-layered model, which also addresses new cyber threats by utilizing adaptive AI, immutable blockchain records, and stringent authentication procedures. This strategy fosters trust by offering a flexible and safe solution for data access control in contemporary businesses.
ბიბლიოგრაფია
Chen, B., et al. “A Security Awareness and Protection System for 5G Smart Healthcare Based on Zero-Trust Architecture.” IEEE Internet of Things Journal 8, no. 13 (July 2021): 10248–63.
Hussain, M., S. Pal, Z. Jadidi, E. Foo, and S. Kanhere. “Federated Zero Trust Architecture Using Artificial Intelligence.” IEEE Wireless Communications 31, no. 2 (April 2024): 30–35. https://doi.org/10.1109/MWC.001.2300405
Ud Din, I., K. Habib Khan, A. Almogren, M. Zareei, and J. Arturo Pérez Díaz. “Securing the Metaverse: A Blockchain-Enabled Zero-Trust Architecture for Virtual Environments.” IEEE Access 12 (2024): 92337–47. https://doi.org/10.1109/ACCESS.2024.3423400
Gwanghyun, Ahn Jang, Jisoo Choi, Seho Shin, and Dongkyoo. “Research on Improving Cyber Resilience by Integrating the Zero Trust Security Model with the MITRE ATT&CK Matrix.” IEEE Access (2024): 1–1. https://doi.org/10.1109/ACCESS.2024.3417182
Ahmed, M., S. Panda, C. Xenakis, and E. Panaousis. “MITRE ATT&CK Driven Cyber Risk Assessment.” In Proceedings of the 17th International Conference on Availability, Reliability, and Security, August 2022, 1–10
Li, L., C. Huang, and J. Chen. “Automated Discovery and Mapping ATT&CK Tactics and Techniques for Unstructured Cyber Threat Intelligence.” Computers & Security 140 (May 2024): Article no. 103815
National Security Agency (NSA), Central Security Service (CSI). Embracing a Zero Trust Security Model. February 2021. https://media.defense.gov/2021/Feb/25/2002588479/-1/-1/0/CSI_EMBRACING_ZT_SECURITY_MODEL_UOO115131-21.PDF
Khattak, Z., S. Sulaiman, and J. Manan. “A Study on Threat Model for Federated Identities in Federated Identity Management System.” In International Symposium on Information Technology, 2010, 618–23
Bodeau, D. J., R. D. Graubart, R. M. McQuaid, and J. Woodill. Cyber Resiliency Metrics, Measures of Effectiveness, and Scoring. MITRE Corporation, McLean, VA, USA, Technical Report MTR180314, 2018. https://www.mitre.org/sites/default/files/2021-11/prs-18-2579-cyberresiliency-metrics-measures-of-effectiveness-and-scoring.pdf
Li, L., C. Huang, and J. Chen. “Automated Discovery and Mapping ATT&CK Tactics and Techniques for Unstructured Cyber Threat Intelligence.” Computers & Security 140 (May 2024): Article no. 103815
Daoud, W. B., M. S. Obaidat, A. Meddeb-Makhlouf, F. Zarai, and K.-F. Hsiao. “TACRM: Trust Access Control and Resource Management Mechanism in Fog Computing.” Human-Centric Computing and Information Sciences 9, no. 1 (December 2019): 28
Arnold, R., and D. Longley. “Zero-Knowledge Proofs Do Not Solve the Privacy-Trust Problem of Attribute-Based Credentials: What If Alice Is Evil?” IEEE Communications Standards Magazine 3, no. 4 (December 2019): 26–31
Menu