{"title":"基于自主身份的零信任体系结构威胁分割","authors":"Sina Ahmadi","doi":"10.1016/j.csa.2025.100106","DOIUrl":null,"url":null,"abstract":"<div><div>Zero Trust Architecture (ZTA) fundamentally redefine network security by adopting a \"trust nothing, verify everything\" approach requiring identity verification for all access. However, conventional access controls are static and fail to consider evolving user activities and contextual threats, leading to internal risks and breaches. This research proposes an AI-driven, autonomous, identity-based threat segmentation framework for ZTA. Behavioral analytics provide real-time risk scores by analyzing login patterns, access behavior, and resource utilization, while Machine Learning models dynamically adjust permissions based on geolocation, device type, and time of access. Automated threat segmentation enables the real-time isolation of compromised identities, minimizing breach progression. Practical use cases, such as insider threat mitigation across distributed offices, are discussed. Privacy concerns, false positives, and scalability challenges are addressed. Comparative analysis demonstrates the system’s precision and scalability, enhancing dynamic access governance while maintaining user productivity.</div></div>","PeriodicalId":100351,"journal":{"name":"Cyber Security and Applications","volume":"3 ","pages":"Article 100106"},"PeriodicalIF":0.0000,"publicationDate":"2025-06-22","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":"{\"title\":\"Autonomous identity-based threat segmentation for zero trust architecture\",\"authors\":\"Sina Ahmadi\",\"doi\":\"10.1016/j.csa.2025.100106\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"<div><div>Zero Trust Architecture (ZTA) fundamentally redefine network security by adopting a \\\"trust nothing, verify everything\\\" approach requiring identity verification for all access. However, conventional access controls are static and fail to consider evolving user activities and contextual threats, leading to internal risks and breaches. This research proposes an AI-driven, autonomous, identity-based threat segmentation framework for ZTA. Behavioral analytics provide real-time risk scores by analyzing login patterns, access behavior, and resource utilization, while Machine Learning models dynamically adjust permissions based on geolocation, device type, and time of access. Automated threat segmentation enables the real-time isolation of compromised identities, minimizing breach progression. Practical use cases, such as insider threat mitigation across distributed offices, are discussed. Privacy concerns, false positives, and scalability challenges are addressed. Comparative analysis demonstrates the system’s precision and scalability, enhancing dynamic access governance while maintaining user productivity.</div></div>\",\"PeriodicalId\":100351,\"journal\":{\"name\":\"Cyber Security and Applications\",\"volume\":\"3 \",\"pages\":\"Article 100106\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2025-06-22\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"0\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"Cyber Security and Applications\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://www.sciencedirect.com/science/article/pii/S2772918425000232\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"Cyber Security and Applications","FirstCategoryId":"1085","ListUrlMain":"https://www.sciencedirect.com/science/article/pii/S2772918425000232","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Autonomous identity-based threat segmentation for zero trust architecture
Zero Trust Architecture (ZTA) fundamentally redefine network security by adopting a "trust nothing, verify everything" approach requiring identity verification for all access. However, conventional access controls are static and fail to consider evolving user activities and contextual threats, leading to internal risks and breaches. This research proposes an AI-driven, autonomous, identity-based threat segmentation framework for ZTA. Behavioral analytics provide real-time risk scores by analyzing login patterns, access behavior, and resource utilization, while Machine Learning models dynamically adjust permissions based on geolocation, device type, and time of access. Automated threat segmentation enables the real-time isolation of compromised identities, minimizing breach progression. Practical use cases, such as insider threat mitigation across distributed offices, are discussed. Privacy concerns, false positives, and scalability challenges are addressed. Comparative analysis demonstrates the system’s precision and scalability, enhancing dynamic access governance while maintaining user productivity.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
