A comprehensive access control model integrating zero trust architecture
Abstract
In contemporary IT landscapes, trust in entities, whether internal or external, within organizations has become obsolete. Establishing and enforcing strict access controls, alongside continuous verification, is imperative to safeguard organizational resources from potential insider and outsider threats. The emergence of zero trust architecture (ZTA) addresses this need by advocating for a paradigm shift in security. This research proposes a comprehensive access control model aligned with the fundamental ZTA security principles, namely least privilege, conditional access, and continuous monitoring. The model integrates well-established access control paradigms, including role-based access control (RBAC) to uphold the least privilege principle, attribute-based access control (ABAC) to support conditional access, and trust-based access control (TBAC) to enable continuous monitoring. To determine the trust level of a user requesting access, an analysis of the user's log activities is conducted using the Nmedian outlier detection (NMOD) technique. This analysis aids in evaluating the trustworthiness of the user seeking access to resources. Furthermore, this research assesses the efficiency and efficacy of the proposed integrated access control model in comparison to existing access control models, primarily focusing on their respective functionalities.
Keywords
Attribute-based access control; Continuous monitoring; Principle of least privilege; Role-based access control; Trust-based access control; Zero trust architecture
Full Text:
PDFDOI: http://doi.org/10.11591/ijeecs.v38.i3.pp1896-1904
Refbacks
- There are currently no refbacks.
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
Indonesian Journal of Electrical Engineering and Computer Science (IJEECS)
p-ISSN: 2502-4752, e-ISSN: 2502-4760
This journal is published by the Institute of Advanced Engineering and Science (IAES).