Implementing Zero Trust Architecture: Principles, Models and Challenges
DOI:
https://doi.org/10.38124/ijsrmt.v4i12.1050Keywords:
Zero Trust Architecture, Never Trust Always Verify, Micro-Segmentation, Identity and Access Management (IAM), Least Privilege Access, NIST SP 800-207Abstract
The combination of cloud adoption, mobile workforces, and advanced cyber threats has rendered traditional perimeter-based security models ineffective, as they no longer effectively protect networks. This paper examines Zero Trust Architecture (ZTA), a strategic security model that operates based on the fundamental concept of "never trust, always verify." The research investigates ZTA fundamentals through explicit verification and least privilege access and micro-segmentation while demonstrating how Identity and Access Management (IAM) functions as the essential foundation of this architecture. The research presents a functional deployment approach based on NIST SP 800-207 standards, which starts with protecting surface identification, followed by transaction flow mapping and implementation of detailed access controls. The research examines three major obstacles organizations encounter when implementing Zero Trust, which include user resistance to change, system integration difficulties with existing infrastructure, and challenges in maintaining user convenience. The implementation of Zero Trust represents an absolute necessity for organizations, as it creates a robust security system that protects against contemporary threats in today's distributed digital landscape.
Downloads
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 International Journal of Scientific Research and Modern Technology
This work is licensed under a Creative Commons Attribution-NonCommercial 4.0 International License.
PlumX Metrics takes 2–4 working days to display the details. As the paper receives citations, PlumX Metrics will update accordingly.
