Behavioral Analytics and AI in Zero Trust Security: A Framework for Adaptive Identity and Access Management
DOI:
https://doi.org/10.56127/ijst.v4i1.2275Keywords:
Zero Trust Security, Behavioral Analytics, Artificial Intelligence, Identity and Access Management, Adaptive Security, Cyber Threat Detection, Insider Threats, and Continuous AuthenticationAbstract
The advent of cloud computing, remote work, and increasingly sophisticated cyberattacks has rendered perimeter-based security models insufficient, prompting a global transition toward Zero Trust Security (ZTS). Central to ZTS is the principle of "never trust, always verify”, which underscores continuous authentication and dynamic access control. However, traditional Identity and Access Management (IAM) systems often lack the flexibility to address evolving behavioural anomalies and insider threats. This study proposes a comprehensive framework that integrates behavioural analytics and Artificial Intelligence (AI) to enhance adaptive IAM in Zero Trust environments. By leveraging user and entity behaviour analytics (UEBA) and machine learning models, the framework continuously monitors contextual signals, such as login patterns, device usage, and network activity, enabling proactive risk scoring and real-time access decisions. This study synthesises the existing literature, identifies the current limitations of Zero Trust IAM, and develops a layered architecture that combines behavioural monitoring with AI-driven decision-making to achieve continuous verification. The findings highlight the potential of AI-enhanced behavioural analytics to improve detection accuracy, reduce false positives, and automate the enforcement of adaptive policies. This research contributes to advancing secure, scalable, and context-aware zero-trust IAM strategies, offering a roadmap for implementation across enterprises, government systems, and multi-cloud infrastructures.
References
Ahammed, M. F., & Labu, M. R. (2025). AI-Driven Adaptive Zero-Trust Models for US Defense Networks. Journal of Computer Science and Technology Studies, 7(6), 485-493.
Aiello, S. (2025). Prescriptive Zero Trust-Assessing the impact of zero trust on cyber attack prevention. arXiv preprint arXiv:2508.12953.
Alevizos, L., Ta, V. T., & Hashem Eiza, M. (2022). Augmenting zero trust architecture to endpoints using blockchain: A state‐of‐the‐art review. Security and Privacy, 5(1), e191.
Aramide, O. O. (2023). AI-Driven Identity Verification and Authentication in Networks: Enhancing Accuracy, Speed, and Security through Biometrics and Behavioral Analytics. ADHYAYAN: A JOURNAL OF MANAGEMENT SCIENCES, 13(02), 60-69.
ARAMIDE, O. O. (2024). Zero-trust identity principles in next-gen networks: AI-driven continuous verification for secure digital ecosystems. World Journal of Advanced Research and Reviews, 23, 3304-3316.
Chen, B., Qiao, S., Zhao, J., Liu, D., Shi, X., Lyu, M., ... & Zhai, Y. (2020). A security awareness and protection system for 5G smart healthcare based on zero-trust architecture. IEEE Internet of Things Journal, 8(13), 10248-10263.
Devagiri, B. R. (2025). Autonomous Zero Trust Enforcement: Revolutionizing Security Through AI-Powered Identity Behavior Analytics. Journal of Computer Science and Technology Studies, 7(5), 194-201.
Edo, O. C., Ang, D., Billakota, P., & Ho, J. C. (2024). A zero trust architecture for health information systems. Health and Technology, 14(1), 189-199.
Ejeofobiri, C. K., Adelere, M. A., & Shonubi, J. A. (2022). Developing adaptive cybersecurity architectures using Zero Trust models and AI-powered threat detection algorithms. International Journal of Computer Applications Technology and Research, 11(12), 607-621.
Gurram, S. (2025). Identity and access management in multi-cloud environments: Strategies for enhanced security and governance. World Journal of Advanced Research and Reviews, 26(1), 2894-2902.
Huang, K., Narajala, V. S., Yeoh, J., Ross, J., Raskar, R., Harkati, Y., ... & Hughes, C. (2025). A novel zero-trust identity framework for agentic AI: Decentralized authentication and fine-grained access control. arXiv preprint arXiv:2505.19301.
Ike, C. C., Ige, A. B., Oladosu, S. A., Adepoju, P. A., Amoo, O. O., & Afolabi, A. I. (2021). Redefining zero trust architecture in cloud networks: A conceptual shift towards granular, dynamic access control and policy enforcement. Magna Scientia Advanced Research and Reviews, 2(1), 074-086.
Inaganti, A. C., Sundaramurthy, S. K., Ravichandran, N., & Muppalaneni, R. (2020). Zero Trust to Intelligent Workflows: Redefining Enterprise Security and Operations with AI. Artificial Intelligence and Machine Learning Review, 1(4), 12-24.
Joshi, H. (2024). Emerging technologies driving zero trust maturity across industries. IEEE Open Journal of the Computer Society.
Kim, Y., Sohn, S. G., Kim, K. T., Jeon, H. S., Lee, S. M., Lee, Y., & Kim, J. (2024). Exploring Effective Zero Trust Architecture for Defense Cybersecurity: A Study. KSII Transactions on Internet & Information Systems, 18(9).
Kodakandla, N. (2024). Securing cloud-native infrastructure with Zero Trust Architecture. Journal of Current Science and Research Review, 2(02), 18-28.
Kolawole, I. (2025). Leveraging cloud-based AI and zero trust architecture to enhance US cybersecurity and counteract foreign threats. World Journal of Advanced Research and Reviews, 25(3), 006-025.
Kumar, S. (2020). Cyber Resilience through Zero-Trust Architectures: A Paradigm Shift. International Journal of Emerging Research in Engineering and Technology, 1(3), 10-18.
Muniyandi, V. (2023). Zero-Trust Security Architecture for Hybrid Cloud Deployments. Available at SSRN 5363397.
Olabanji, S. O., Marquis, Y., Adigwe, C. S., Ajayi, S. A., Oladoyinbo, T. O., & Olaniyi, O. O. (2024). AI-driven cloud security: Examining the impact of user behavior analysis on threat detection. Asian Journal of Research in Computer Science, 17(3), 57-74.
Olabanji, S. O., Olaniyi, O. O., Adigwe, C. S., Okunleye, O. J., & Oladoyinbo, T. O. (2024). AI for Identity and Access Management (IAM) in the cloud: Exploring the potential of artificial intelligence to improve user authentication, authorization, and access control within cloud-based systems. Authorization, and Access Control within Cloud-Based Systems (January 25, 2024).
Parisa, S. K., Banerjee, S., & Whig, P. (2023). AI-Driven Zero Trust Security Models for Retail Cloud Infrastructure: A Next-Generation Approach. International Journal of Sustainable Development in Field of IT, 15, 15.
Phiayura, P., & Teerakanok, S. (2023). A comprehensive framework for migrating to zero trust architecture. IEEE Access, 11, 19487-19511.
Potluri, S. (2024). A Zero Trust-Based Identity and Access Management Framework for Cross-Cloud Federated Networks. International Journal of Emerging Research in Engineering and Technology, 5(2), 28-40.
Sarkar, S., Choudhary, G., Shandilya, S. K., Hussain, A., & Kim, H. (2022). Security of zero trust networks in cloud computing: A comparative review. Sustainability, 14(18), 11213.
Sharma, B. P. (2024). Role of advanced cybersecurity frameworks in safeguarding data integrity and consumer trust in digital commerce and enterprise systems.
Sophia, E. (2025). AI-Driven Behavioral Biometrics For Continuous Authentication in Zero Trust.
Sunkara, G. (2025). Implementing Zero Trust Architecture in Modern Enterprise Networks. SAMRIDDHI: A Journal of Physical Sciences, Engineering and Technology, 17(03), 1-11.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Mukul Mangla
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
