Related papers: Framework for Integrating Zero Trust in Cloud-Base…
Third-party libraries like Log4j accelerate software application development but introduce substantial risk. Vulnerabilities in these libraries have led to Software Supply Chain (SSC) attacks that compromised resources within the host…
This paper focuses on Zero-Trust Foundation Models (ZTFMs), a novel paradigm that embeds zero-trust security principles into the lifecycle of foundation models (FMs) for Internet of Things (IoT) systems. By integrating core tenets, such as…
Researchers are exploring the integration of IoT and the cloud continuum, together with AI to enhance the cost-effectiveness and efficiency of critical infrastructure (CI) systems. This integration, however, increases susceptibility of CI…
Managing access between large numbers of distributed medical devices has become a crucial aspect of modern healthcare systems, enabling the establishment of smart hospitals and telehealth infrastructure. However, as telehealth technology…
"Distributed Identity" refers to the transition from centralized identity systems using Decentralized Identifiers (DID) and Verifiable Credentials (VC) for secure and privacy-preserving authentications. With distributed identity, control of…
This paper explores three approaches for protecting cloud application data planes to prevent unauthorized access to the application and its data and to prevent unwanted data exfiltration. Through an exploration of various concrete security…
Zero Trust is a novel cybersecurity model that focuses on continually evaluating trust to prevent the initiation and horizontal spreading of attacks. A cloud-native Service Mesh is an example of Zero Trust Architecture that can filter out…
The computing continuum introduces new challenges for access control due to its dynamic, distributed, and heterogeneous nature. In this paper, we propose a Zero-Trust (ZT) access control solution that leverages decentralized identification…
To securely control access to systems, the concept of Zero Trust has been proposed. Access Control based on Zero Trust concept removes implicit trust and instead focuses on evaluating trustworthiness at every access request by using…
Enterprises increasingly rely on cloud-based applications to process highly sensitive data artifacts. Although cloud adoption improves agility and scalability, it also introduces new security challenges such as expanded attack surfaces, a…
This paper presents a multi-cloud networking architecture built on zero trust principles and micro-segmentation to provide secure connectivity with authentication, authorization, and encryption in transit. The proposed design includes the…
An access control model called Zero Trust Architecture (ZTA) has attracted attention. ZTA uses information of users and devices, called context, for authentication and authorization. Zero Trust Federation (ZTF) has been proposed as a…
As cloud infrastructure evolves to support dynamic and distributed workflows, accelerated now by AI-driven processes, the outdated model of standing permissions has become a critical vulnerability. Based on the Cloud Security Alliance (CSA)…
Converging Zero Trust (ZT) with learning techniques can solve various operational and security challenges in Distributed Computing Continuum Systems (DCCS). Implementing centralized ZT architecture is seen as unsuitable for the computing…
With the proliferation of digitization and its usage in critical sectors, it is necessary to include information about the occurrence and assessment of cyber threats in an organization's threat mitigation strategy. This Cyber Threat…
Societies' norms of operation relies on the proper and secure functioning of several critical infrastructures, particularly modern power grid which is also known as smart grid. Smart grid is interwoven with the information and communication…
Our Critical Infrastructure (CI) systems are, by definition, critical to the safe and proper functioning of society. Nearly all of these systems utilize industrial Process Control Systems (PCS) to provide clean water, reliable electricity,…
The mass integration and deployment of intelligent technologies within critical commercial, industrial and public environments have a significant impact on business operations and society as a whole. Though integration of these critical…
Zero Trust (ZT) is a security paradigm aiming to curtail an attacker's lateral movements within a network by implementing least-privilege and per-request access control policies. However, its widespread adoption is hindered by the…
This paper presents a novel multi-layered hybrid security approach aimed at enhancing lightweight encryption for IoT-Cloud systems. The primary goal is to overcome limitations inherent in conventional solutions such as TPA, Blockchain,…