English
Related papers

Related papers: Intent-Aware Authorization for Zero Trust CI/CD

200 papers

This paper introduces the Identity Control Plane (ICP), an architectural framework for enforcing identity-aware Zero Trust access across human users, workloads, and automation systems. The ICP model unifies SPIFFE-based workload identity,…

Cryptography and Security · Computer Science 2025-04-25 Surya Teja Avirneni

CI/CD systems have become privileged automation agents in modern infrastructure, but their identity is still based on secrets or temporary credentials passed between systems. In enterprise environments, these platforms are centralized and…

Cryptography and Security · Computer Science 2025-04-22 Surya Teja Avirneni

Credential brokers offer a way to separate identity from access in CI/CD systems. This paper shows how verifiable identities issued at runtime, such as those from SPIFFE, can be used with brokers to enable short-lived, policy-driven…

Cryptography and Security · Computer Science 2025-04-22 Surya Teja Avirneni

To securely control access to systems, the concept of Zero Trust has been proposed. Access Control based on Zero Trust concept removes implicit trust and instead focuses on evaluating trustworthiness at every access request by using…

Cryptography and Security · Computer Science 2022-09-23 Koudai Hatakeyama , Daisuke Kotani , Yasuo Okabe

The abilities of traditional perimeter-based security architectures are rapidly decreasing as more enterprise assets are moved toward the cloud environment. From a security viewpoint, the Zero Trust framework can better track and block…

Cryptography and Security · Computer Science 2024-10-30 Ivana Kovacevic , Milan Stojkov , Milos Simic

The microservice bombshells that have been linked with the microservice expansion have altered the application architectures, offered agility and scalability in terms of complexity in security trade-offs. Feeble legacy-based perimeter-based…

Cryptography and Security · Computer Science 2025-11-10 Rethish Nair Rajendran , Sathish Krishna Anumula , Dileep Kumar Rai , Sachin Agrawal

As data privacy continues to be a crucial human-right concern as recognized by the UN, regulatory agencies have demanded developers obtain user permission before accessing user-sensitive data. Mainly through the use of privacy policies…

Computers and Society · Computer Science 2022-02-16 Md Rashedur Rahman , Elizabeth Miller , Moinul Hossain , Aisha Ali-Gombe

Cedar is a new authorization policy language designed to be ergonomic, fast, safe, and analyzable. Rather than embed authorization logic in an application's code, developers can write that logic as Cedar policies and delegate access…

Increasingly sophisticated and varied cyber threats necessitate ever improving enterprise security postures. For many organizations today, those postures have a foundation in the Zero Trust Architecture. This strategy sees trust as…

Cryptography and Security · Computer Science 2025-08-19 Samuel Aiello

Widespread adoption of autonomous cars will require greater confidence in their safety than is currently possible. Certified control is a new safety architecture whose goal is two-fold: to achieve a very high level of safety, and to provide…

With the human friendly declarative intent policy expression, intent-driven network can make network management and configuration autonomous without human intervention. However, the availability and dependability of these refined policies…

Networking and Internet Architecture · Computer Science 2022-12-21 Yanbo Song , Chungang Yang , Jiaming Zhang , Xinru Mi , Dusit Niyato

The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust (ZT) access control solution that leverages decentralized identification…

Cloud systems are the backbone of today's computing industry. Yet, these systems remain complicated to design, build, operate, and improve. All these tasks require significant manual effort by both developers and operators of these systems.…

Distributed, Parallel, and Cluster Computing · Computer Science 2025-02-11 Vaastav Anand , Yichen Li , Alok Gautam Kumbhare , Celine Irvene , Chetan Bansal , Gagan Somashekar , Jonathan Mace , Pedro Las-Casas , Rodrigo Fonseca

Zero Trust Architecture (ZTA) has become a widely adopted model for securing enterprise environments, promoting continuous verification and minimal trust across systems. However, its application in mobile contexts remains limited, despite…

Cryptography and Security · Computer Science 2025-08-26 Alexander Tabalipa

Traditional security architectures are becoming more vulnerable to distributed attacks due to significant dependence on trust. This will further escalate when implementing agentic AI within the systems, as more components must be secured…

Networking and Internet Architecture · Computer Science 2025-09-29 Fannya R. Sandjaja , Ayesha A. Majeed , Abdullah Abdullah , Gyan Wickremasinghe , Karen Rafferty , Vishal Sharma

This paper attempts to accurately model security requirements for computational grid environments with particular focus on authentication. We introduce the Audited Credential Delegation (ACD) architecture as a solution to some of the…

Software Engineering · Computer Science 2010-01-29 Ali N. Haidar , P. V. Coveney , Ali E. Abdallah , P. Y. A Ryan , B. Beckles , J. M. Brooke , M . A. S. Jones

Artificial intelligence (AI) agents are increasingly capable of initiating financial transactions on behalf of users or other agents. This evolution introduces a fundamental challenge: verifying both the authenticity of an autonomous agent…

Cryptography and Security · Computer Science 2025-11-21 Vivek Acharya

Recent evidence suggests that frontier AI systems can exhibit agentic misalignment, generating and executing harmful actions derived from internally constructed goals, even without explicit user requests. Existing mitigation methods, such…

Artificial Intelligence · Computer Science 2026-04-28 Rong Xiang

Zero Trust is a novel cybersecurity model that focuses on continually evaluating trust to prevent the initiation and horizontal spreading of attacks. A cloud-native Service Mesh is an example of Zero Trust Architecture that can filter out…

Cryptography and Security · Computer Science 2022-10-25 Constantin Adam , Abdulhamid Adebayo , Hubertus Franke , Edward Snible , Tobin Feldman-Fitzthum , James Cadden , Nerla Jean-Louis

An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses information of users and devices, called context, for authentication and authorization. Zero Trust Federation (ZTF) has been proposed as a…

Cryptography and Security · Computer Science 2022-09-23 Masato Hirai , Daisuke Kotani , Yasuo Okabe
‹ Prev 1 2 3 10 Next ›