Towards Intelligent Zero Trust Systems: Merging AI Based Threat Modeling with Privacy Centric Controls
DOI:
https://doi.org/10.56127/ijst.v1i3.2311Keywords:
Zero Trust, Artificial Intelligence, Threat Modeling, Privacy-preserving Systems, Cybersecurity Framework, Intelligent Security, Data ProtectionAbstract
Zero Trust has become a key paradigm of the cybersecurity, anticipating the motto of never trust, always verify. Although it is increasingly being adopted in critical domains, traditional Zero Trust implementations use mostly fixed policies and fixed access control policies, thus making them poorly suited to deal with threat that is environments that are more dynamic. At the same time, the introduction of the innovative artificial intelligence (AI) functionality in cybersecurity demonstrated the potential of automating detection, increasing flexibility, and offering 24/7 safety. However, the introduction of AI to security systems raises legitimate questions about privacy of data, transparency, and compliance with the regulations. The paper suggests a smart Zero Trust framework that combines intelligent threat modeling, based on AI, with privacy- focused controls, which would remain flexible to changing threats and maintain user-confidence and privacy of data. Through a comprehensive literature review, we will create a conceptual framework that demonstrates the role of AI in enhancing adaptive threat detection and prevention in Zero Trust. Privacy preserving systems such as federated learning, differential privacy, and encryption-based access controls are also examined in the paper as the basis of having a trustworthy deployment. The practicality and effectiveness of the proposed approach are evidenced by a case-study deployment to a simulated cloud-based enterprise context, showing that detection accuracy, policy enforcement as well as compliance assurance are greatly improved compared to the conventional models. The results therefore aid in the development of cybersecurity by suggesting a smart Zero Trust architecture that supports flexibility, effectiveness and privacy and therefore leading to sustainable and reliable digital ecosystems.
References
[1] Tiwari, S., Sarma, W., & Srivastava, A. (2022). Integrating artificial intelligence with zero trust architecture: Enhancing adaptive security in modern cyber threat landscape. International Journal of Research and Analytical Reviews, 9, 712-728.
[2] Inaganti, A. C., Sundaramurthy, S. K., Ravichandran, N., & Muppalaneni, R. (2020). Zero Trust to Intelligent Workflows: Redefining Enterprise Security and Operations with AI. Artificial Intelligence and Machine Learning Review, 1(4), 12-24.
[3] Syed, N. F., Shah, S. W., Shaghaghi, A., Anwar, A., Baig, Z., & Doss, R. (2022). Zero trust architecture (zta): A comprehensive survey. IEEE access, 10, 57143-57179.
[4] Anasuri, S. (2022). Zero-Trust Architectures for Multi-Cloud Environments. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 64-76.
[5] Gudepu, B. K. (2019). AI-Enhanced Identity and Access Management: A Machine Learning Approach to Zero Trust Security. The Computertech, 40-53.
[6] Chen, B., Qiao, S., Zhao, J., Liu, D., Shi, X., Lyu, M., ... & Zhai, Y. (2020). A security awareness and protection system for 5G smart healthcare based on zero-trust architecture. IEEE internet of things journal, 8(13), 10248-10263.
[7] Yang, Q. (2021). Toward responsible ai: An overview of federated learning for user-centered privacy-preserving computing. ACM Transactions on Interactive Intelligent Systems (TiiS), 11(3-4), 1-22.
[8] Xiao, S., Ye, Y., Kanwal, N., Newe, T., & Lee, B. (2022). Sok: context and risk aware access control for zero trust systems. Security and Communication Networks, 2022(1), 7026779.
[9] Oladosu, S. A., Ige, A. B., Ike, C. C., Adepoju, P. A., Amoo, O. O., & Afolabi, A. I. (2022). Revolutionizing data center security: Conceptualizing a unified security framework for hybrid and multi-cloud data centers. Open Access Research Journal of Science and Technology, 5(2), 086-076.
[10] Akram, R. N., Chen, H. H., Lopez, J., Sauveron, D., & Yang, L. T. (2018). Security, privacy and trust of user-centric solutions. Future Generation Computer Systems, 80, 417-420.
[11] Aslam, T., & Musah, M. (2018). Application of AI-Enhanced Cybersecurity in Nigerian Government and Enterprise Networks: A Zero-Trust Perspective.
[12] Owolabi, B. O. (2022). Exploring systemic vulnerabilities in healthcare digital ecosystems through risk modeling, threat intelligence, and adaptive security control mechanisms. Int J Comput Appl Technol Res, 11(12), 687-99.
[13] Happer, C. (2022). Security and Privacy in Intelligent Edge Architectures: Challenges and Emerging Solutions.
[14] Kumar, A., & Mustafa, F. (2021). Zero-Trust Architecture for Securing AI Workloads in Nigeria’s National Cloud Infrastructure.
[15] Dimitrakos, T., Dilshener, T., Kravtsov, A., La Marra, A., Martinelli, F., Rizos, A., ... & Saracino, A. (2020, December). Trust aware continuous authorization for zero trust in consumer internet of things. In 2020 IEEE 19th international conference on trust, security and privacy in computing and communications (TrustCom) (pp. 1801-1812). IEEE.
[16] Akinsola, J. E. T., Akinseinde, S., Kalesanwo, O., Adeagbo, M., Oladapo, K., Awoseyi, A., & Kasali, F. (2021). Application of artificial intelligence in user interfaces design for cyber security threat modeling. In Software Usability. IntechOpen.
[17] Sunkara, G. (2022). AI-Driven Cybersecurity: Advancing Intelligent Threat Detection and Adaptive Network Security in the Era of Sophisticated Cyber Attacks. Well Testing Journal, 31(1), 185-198.
[18] Oladosu, S. A., Ike, C. C., Adepoju, P. A., Afolabi, A. I., Ige, A. B., & Amoo, O. O. (2021). Advancing cloud networking security models: Conceptualizing a unified framework for hybrid cloud and on-premises integrations. Magna Scientia Advanced Research and Reviews, 2(1).
[19] Khurana, R., & Kaul, D. (2019). Dynamic cybersecurity strategies for ai-enhanced ecommerce: A federated learning approach to data privacy. Applied Research in Artificial Intelligence and Cloud Computing, 2(1), 32-43.
[20] Chhetri, C., & Genaro Motti, V. (2022). User-centric privacy controls for smart homes. Proceedings of the ACM on Human-Computer Interaction, 6(CSCW2), 1-36.
[21] Jangam, S. K., Karri, N., & Muntala, P. S. R. P. (2022). Advanced API Security Techniques and Service Management. International Journal of Emerging Research in Engineering and Technology, 3(4), 63-74.
[22] Tatam, M., Shanmugam, B., Azam, S., & Kannoorpatti, K. (2021). A review of threat modelling approaches for APT-style attacks. Heliyon, 7(1).
[23] Jabarulla, M. Y., & Lee, H. N. (2021, August). A blockchain and artificial intelligence-based, patient-centric healthcare system for combating the COVID-19 pandemic: Opportunities and applications. In Healthcare (Vol. 9, No. 8, p. 1019). Mdpi.
[24] Porambage, P., Gür, G., Osorio, D. P. M., Liyanage, M., Gurtov, A., & Ylianttila, M. (2021). The roadmap to 6G security and privacy. IEEE Open Journal of the Communications Society, 2, 1094-1122.
[25] Zheng, Y., Pal, A., Abuadbba, S., Pokhrel, S. R., Nepal, S., & Janicke, H. (2020, October). Towards IoT security automation and orchestration. In 2020 Second IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications (TPS-ISA) (pp. 55-63). IEEE.
[26] Ylianttila, M., Kantola, R., Gurtov, A., Mucchi, L., Oppermann, I., Yan, Z., ... & Röning, J. (2020). 6G white paper: Research challenges for trust, security and privacy. arXiv preprint arXiv:2004.11665.
[27] Robertson, J., Fossaceca, J. M., & Bennett, K. W. (2021). A cloud-based computing framework for artificial intelligence innovation in support of multidomain operations. IEEE Transactions on Engineering Management, 69(6), 3913-3922.
[28] Adebowale, A. M., & Akinnagbe, O. B. (2021). Leveraging AI-driven data integration for predictive risk assessment in decentralized financial markets. Int J Eng Technol Res Manag, 5(12), 295.
[29] Pulakhandam, W., & Samudrala, V. K. (2020). Automated threat intelligence integration to strengthen SHACS for robust security in cloud-based healthcare applications. International Journal of Engineering & Science Research, 10(4).
[30] Usmani, U. A., Happonen, A., & Watada, J. (2022, October). Enhancing artificial intelligence control mechanisms: current practices, real life applications and future views. In Proceedings of the Future Technologies Conference (pp. 287-306). Cham: Springer International Publishing.
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2022 Mukul Mangla
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
