Towards Smarter Security: AI-Powered Policy Formulation and Enforcement in Zero Trust Frameworks
Keywords:
Dynamic Policy Adaptation, Threat Intelligence, Security Automation, Zero Trust Security, Continuous Monitoring, Context-Aware Security, Machine Learning, Security Policy Management, Artificial Intelligence, Anomaly Detection, Natural Language Processing.Abstract
Cybercriminals develop, rendering perimeter defense useless. Zero Trust Security (ZTS) designs use least privilege and meticulous access request verification to fix issue. Security policy formulation and enforcement are complicated by ZTS's dynamic context-aware access limitation and continuous evaluation. Scalability to manage changing user demographics, system settings, and new threats and attack vectors is difficult. One study argues AI can automate policy generation and compliance evaluation to improve ZTS.
We research how ML algorithms can assess massive user, system, and threat data. Supervised AI models learn resource access and use. Baseline deviation alerts provide context-aware security. Access request context, user roles, and device attributes control access. NLP evaluates human-readable security rules. Machines can enforce IT infrastructure component policies and automate configuration using these rules.
AI-based ZTS real-time anomaly detection is tested. Unsupervised learning helps AI recognize irregular network traffic, system data, and user behavior. Actively detect lateral movement and illegal entry. AI-driven ZTS strategies are evaluated based on their capacity to react to changing threats. The study suggests policy explainability and training data bias mitigation may limit ZTS AI adoption. The study recommends XAI for policy transparency and federated learning for threat intelligence privacy.
Downloads
References
Breck, E., Cai, S., Nielsen, E., Salib, M., & Sculley, D. (2017). The ML test score: A rubric for ML production readiness and technical debt reduction. Proceedings of the 2017 IEEE International Conference on Big Data (Big Data), 1123–1132. https://doi.org/10.1109/BigData.2017.8258038
Chandramouli, R., & Mell, P. (2020). Zero trust architecture: Principles and practices for securing enterprise IT environments. NIST Special Publication, 800-207. https://doi.org/10.6028/NIST.SP.800-207
Kindervag, J. (2010). No more chewy centers: Introducing the zero trust model of information security. Forrester Research. Retrieved from https://www.forrester.com
Talukder, S., Bhowmik, P. K., Sabharwall, P., & Alam, S. B. (2020). Developing an AI-powered zero-trust cybersecurity framework for malware prevention in nuclear power plants. Idaho National Laboratory Digital Library. Retrieved from https://inldigitallibrary.inl.gov/sites/sti/sti/Sort_76095.pdf
Sculley, D., Holt, G., Golovin, D., Davydov, E., Phillips, T., Ebner, D., ... & Dennison, D. (2015). Hidden technical debt in machine learning systems. Advances in Neural Information Processing Systems (NeurIPS), 28, 2503–2511.
Abu Al‐Haija, Q., Al Badawi, A., & Bojja, G. R. (2022). Boost‐Defence for resilient IoT networks: A head‐to‐toe approach. Expert Systems, 39(10), e12934.
Hummer, W., Rosenberg, F., Oliveira, F., & Leitner, P. (2013). Testing and debugging service-based applications: Research challenges and tools for automation. IEEE Software, 30(4), 48–55.
Rouse, M. (2018). The evolution of zero trust security models in enterprise IT environments: A comprehensive review of principles and applications. TechTarget White Paper. Retrieved from https://www.techtarget.com
IBM Security Team (2020). What is zero trust? Principles and implementation strategies for modern cybersecurity frameworks. IBM White Papers. Retrieved from https://www.ibm.com/think/topics/zero-trust
Senthilkumar, S., Brindha, K., Kryvinska, N., Bhattacharya, S., & Reddy Bojja, G. (2021). SCB-HC-ECC–based privacy safeguard protocol for secure cloud storage of smart card–based health care system. Frontiers in Public Health, 9, 688399.
Alshammari, F., & Simpson, A. C. (2020). AI-driven policy enforcement in zero trust architectures: A case study on enterprise networks security enhancement. Journal of Cybersecurity Practices, 12(3), 45–60.
Villamizar, M., Garcés, O., Castro, H., Verano, M., Salamanca, L., Casallas, R., & Gil, S. (2016). Evaluating the monolithic and the microservice architecture pattern to deploy web applications in the cloud securely using zero trust principles. Proceedings of the 10th Computing Colombian Conference, 583–590.
Shackleford, D. (2019). Zero trust security: An analyst’s perspective on implementation challenges and benefits in hybrid IT environments. SANS Institute White Paper. Retrieved from https://www.sans.org
Jang-Jaccard, J., & Nepal, S. (2014). A survey of emerging threats and defenses in zero trust cybersecurity frameworks with AI integration for critical infrastructures protection. Journal of Network and Computer Applications, 44, 135–151.
Downloads
Published
How to Cite
Issue
Section
License
This work is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License.
All papers should be submitted electronically. All submitted manuscripts must be original work that is not under submission at another journal or under consideration for publication in another form, such as a monograph or chapter of a book. Authors of submitted papers are obligated not to submit their paper for publication elsewhere until an editorial decision is rendered on their submission. Further, authors of accepted papers are prohibited from publishing the results in other publications that appear before the paper is published in the Journal unless they receive approval for doing so from the Editor-In-Chief.
IJISAE open access articles are licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. This license lets the audience to give appropriate credit, provide a link to the license, and indicate if changes were made and if they remix, transform, or build upon the material, they must distribute contributions under the same license as the original.
