Abstract
Evolving computing technologies such as cloud, edge computing, and the Internet of Things (IoT) are creating a more complex, dispersed, and dynamic enterprise operational environment. New security enterprise architectures such as those based on the concept of Zero Trust (ZT) are emerging to meet the challenges posed by these changes. ZT systems treat internal and external networks as untrusted and subject both to the same security checking and control to prevent data breaches and limit internal lateral movement. Context awareness is a notion from the field of ubiquitous computing that is used to capture and react to the situation of an entity, based on the dynamics of a particular application or system context. The idea has been incorporated into several access control models. However, the overlap between context-aware access control and zero-trust security has not been fully explored. In this SoK, we conduct a systematic examination of ZT, context awareness, and risk-based access control to explore the critical elements of each and to identify areas of overlap and synergy to enhance the operation and deployment of ZT systems.
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.