Autonomous identity-based threat segmentation for zero trust architecture

Cyber Security and Applications Pub Date : 2025-06-22 DOI:10.1016/j.csa.2025.100106

Sina Ahmadi

{"title":"Autonomous identity-based threat segmentation for zero trust architecture","authors":"Sina Ahmadi","doi":"10.1016/j.csa.2025.100106","DOIUrl":null,"url":null,"abstract":"<div><div>Zero Trust Architecture (ZTA) fundamentally redefine network security by adopting a \"trust nothing, verify everything\" approach requiring identity verification for all access. However, conventional access controls are static and fail to consider evolving user activities and contextual threats, leading to internal risks and breaches. This research proposes an AI-driven, autonomous, identity-based threat segmentation framework for ZTA. Behavioral analytics provide real-time risk scores by analyzing login patterns, access behavior, and resource utilization, while Machine Learning models dynamically adjust permissions based on geolocation, device type, and time of access. Automated threat segmentation enables the real-time isolation of compromised identities, minimizing breach progression. Practical use cases, such as insider threat mitigation across distributed offices, are discussed. Privacy concerns, false positives, and scalability challenges are addressed. Comparative analysis demonstrates the system’s precision and scalability, enhancing dynamic access governance while maintaining user productivity.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100106"},"PeriodicalIF":0.0000,"publicationDate":"2025-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cyber Security and Applications","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2772918425000232","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 0

Abstract

Zero Trust Architecture (ZTA) fundamentally redefine network security by adopting a "trust nothing, verify everything" approach requiring identity verification for all access. However, conventional access controls are static and fail to consider evolving user activities and contextual threats, leading to internal risks and breaches. This research proposes an AI-driven, autonomous, identity-based threat segmentation framework for ZTA. Behavioral analytics provide real-time risk scores by analyzing login patterns, access behavior, and resource utilization, while Machine Learning models dynamically adjust permissions based on geolocation, device type, and time of access. Automated threat segmentation enables the real-time isolation of compromised identities, minimizing breach progression. Practical use cases, such as insider threat mitigation across distributed offices, are discussed. Privacy concerns, false positives, and scalability challenges are addressed. Comparative analysis demonstrates the system’s precision and scalability, enhancing dynamic access governance while maintaining user productivity.

查看原文本刊更多论文

基于自主身份的零信任体系结构威胁分割

零信任架构（Zero Trust Architecture，简称ZTA）从根本上重新定义了网络安全，它采用“不相信任何东西，验证一切”的方法，要求对所有访问进行身份验证。然而，传统的访问控制是静态的，不能考虑不断变化的用户活动和上下文威胁，从而导致内部风险和破坏。本研究提出了一种ai驱动的、自主的、基于身份的ZTA威胁分割框架。行为分析通过分析登录模式、访问行为和资源利用率提供实时风险评分，而机器学习模型则根据地理位置、设备类型和访问时间动态调整权限。自动威胁分割能够实时隔离受损身份，最大限度地减少破坏进程。讨论了实际用例，例如跨分布式办公室的内部威胁缓解。解决了隐私问题、误报和可伸缩性挑战。对比分析证明了系统的精确性和可扩展性，在保持用户生产力的同时增强了动态访问管理。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

Cyber Security and Applications

CiteScore

5.20

自引率

0.00%

发文量