Zero Trust Security Model for Enterprise Networks
Zero Trust (ZT) is security model and follow the concept of ânever trust, always verifyâ. ZT require to strict identity verification for devise and clients trying to access recourses on private networks regardless of whether they are sitting within or outside the networks. As opposed to perimeter-...
Saved in:
| Published in | Iraqi Journal of Information & Communication Technology Vol. 6; no. 2; pp. 68 - 77 |
|---|---|
| Main Authors | , |
| Format | Journal Article |
| Language | English |
| Published |
College of Information Engineering
15.12.2024
|
| Subjects | |
| Online Access | Get full text |
| ISSN | 2222-758X 2789-7362 |
| DOI | 10.31987/ijict.6.2.223 |
Cover
Loading…
| Abstract | Zero Trust (ZT) is security model and follow the concept of ânever trust, always verifyâ. ZT require to strict identity verification for devise and clients trying to access recourses on private networks regardless of whether they are sitting within or outside the networks. As opposed to perimeter-based architecture, which makes the assumption that all internal network parties are trusted and all external network parties are untrusted. In enterprise network the internal network parties is automatically seen as trusted entities granting them access to network resources. The insider threat actor has been successful in exploiting their access. So that, enterprise networks become more exposed to inside and outside threads. As a result, we need to add the zero-trust principle to the enterprise network to protect it from the inside. In this paper, the ZT model, is assumed inside the militarized zone. There may be a threat to the sensitive data. Any internal company network users cannot manipulation on his computer without permission from the administrator this is done by the group policies that have been implemented in ZT. This model has been shown to be quite effective in protecting the sensitive data against unauthorized access and also the manipulation by the insider user. Following that, an attack originating from inside of the network was launched against the enterprise and zero trust network. In the enterprise network, the network was effectively attacked, and the attack’s validity was also increased to fully penetrate the enterprise. The attack did not succeed in the zero-trust network because the attacker cannot pass the User Account Control (UAC) to gain the NT authority. |
|---|---|
| AbstractList | Zero Trust (ZT) is security model and follow the concept of ânever trust, always verifyâ. ZT require to strict identity verification for devise and clients trying to access recourses on private networks regardless of whether they are sitting within or outside the networks. As opposed to perimeter-based architecture, which makes the assumption that all internal network parties are trusted and all external network parties are untrusted. In enterprise network the internal network parties is automatically seen as trusted entities granting them access to network resources. The insider threat actor has been successful in exploiting their access. So that, enterprise networks become more exposed to inside and outside threads. As a result, we need to add the zero-trust principle to the enterprise network to protect it from the inside. In this paper, the ZT model, is assumed inside the militarized zone. There may be a threat to the sensitive data. Any internal company network users cannot manipulation on his computer without permission from the administrator this is done by the group policies that have been implemented in ZT. This model has been shown to be quite effective in protecting the sensitive data against unauthorized access and also the manipulation by the insider user. Following that, an attack originating from inside of the network was launched against the enterprise and zero trust network. In the enterprise network, the network was effectively attacked, and the attack’s validity was also increased to fully penetrate the enterprise. The attack did not succeed in the zero-trust network because the attacker cannot pass the User Account Control (UAC) to gain the NT authority. |
| Author | M. Habash, Rania Khalel, Mahmood |
| Author_xml | – sequence: 1 givenname: Rania surname: M. Habash fullname: M. Habash, Rania – sequence: 2 givenname: Mahmood surname: Khalel fullname: Khalel, Mahmood |
| BookMark | eNo9kE1LAzEQhoNUsNZePe8f2HXytdkcpVQtVD1YQbyEJJ3I1tpIskX67w2tOJcZXpiHl-eSjHZxh4RcU2g41Z266Te9H5q2YQ1j_IyMmep0rXjLRuUuUyvZvV2Qac4bAGCaCZByTOg7plit0j4P1Qv6feqHQ_UY17itQkzVfDdg-k59xuoJh5-YPvMVOQ92m3H6tyfk9W6-mj3Uy-f7xex2WXsqJK-tlx1ttWNUAQhw0illuzVjGoMTjEsKrQTnrVTWKiUDgvbMCkdLMS41n5DFibuOdmNKhy-bDiba3hyDmD6MTUPvt2iUKA_ey8BDJ5RGp7TmXAN2IDSlrLCaE8unmHPC8M-jYI7-zNGfaQ0zxR__Be-AY0w |
| ContentType | Journal Article |
| DBID | AAYXX CITATION DOA |
| DOI | 10.31987/ijict.6.2.223 |
| DatabaseName | CrossRef Directory of Open Access Journals (DOAJ) |
| DatabaseTitle | CrossRef |
| DatabaseTitleList | CrossRef |
| Database_xml | – sequence: 1 dbid: DOA name: DOAJ Directory of Open Access Journals url: https://www.doaj.org/ sourceTypes: Open Website |
| DeliveryMethod | fulltext_linktorsrc |
| EISSN | 2789-7362 |
| EndPage | 77 |
| ExternalDocumentID | oai_doaj_org_article_74359cc5f3f8479eb7993390e8049112 10_31987_ijict_6_2_223 |
| GroupedDBID | AAYXX ALMA_UNASSIGNED_HOLDINGS CITATION GROUPED_DOAJ |
| ID | FETCH-LOGICAL-c1453-ac58169b2170040b5b77a8d229efb423510650bca57aa775fe09c2a4b14053593 |
| IEDL.DBID | DOA |
| ISSN | 2222-758X |
| IngestDate | Wed Aug 27 01:28:16 EDT 2025 Tue Jul 01 00:53:04 EDT 2025 |
| IsDoiOpenAccess | true |
| IsOpenAccess | true |
| IsPeerReviewed | true |
| IsScholarly | true |
| Issue | 2 |
| Language | English |
| LinkModel | DirectLink |
| MergedId | FETCHMERGED-LOGICAL-c1453-ac58169b2170040b5b77a8d229efb423510650bca57aa775fe09c2a4b14053593 |
| OpenAccessLink | https://doaj.org/article/74359cc5f3f8479eb7993390e8049112 |
| PageCount | 10 |
| ParticipantIDs | doaj_primary_oai_doaj_org_article_74359cc5f3f8479eb7993390e8049112 crossref_primary_10_31987_ijict_6_2_223 |
| ProviderPackageCode | CITATION AAYXX |
| PublicationCentury | 2000 |
| PublicationDate | 2024-12-15 |
| PublicationDateYYYYMMDD | 2024-12-15 |
| PublicationDate_xml | – month: 12 year: 2024 text: 2024-12-15 day: 15 |
| PublicationDecade | 2020 |
| PublicationTitle | Iraqi Journal of Information & Communication Technology |
| PublicationYear | 2024 |
| Publisher | College of Information Engineering |
| Publisher_xml | – name: College of Information Engineering |
| SSID | ssj0002924055 |
| Score | 2.276896 |
| Snippet | Zero Trust (ZT) is security model and follow the concept of ânever trust, always verifyâ. ZT require to strict identity verification for devise and clients... |
| SourceID | doaj crossref |
| SourceType | Open Website Index Database |
| StartPage | 68 |
| SubjectTerms | Cybersecurity Enterprise network Never trust Zero Trust model Zero Trust security |
| Title | Zero Trust Security Model for Enterprise Networks |
| URI | https://doaj.org/article/74359cc5f3f8479eb7993390e8049112 |
| Volume | 6 |
| hasFullText | 1 |
| inHoldings | 1 |
| isFullTextHit | |
| isPrint | |
| link | http://utb.summon.serialssolutions.com/2.0.0/link/0/eLvHCXMwrV3PS8MwGA2ykxdRVJy_yEHw1C1N8zXNUWVjCO7iBsNLSLIUKtLJNv__fUmqzJMXr6WE9n0k33vw5T1C7hxIJpZMZOAsxAizzLJKZUZaQC1WqrwOl5NfpuVkLp4XsNiL-gozYckeOAE3xA4HyjmoixoPUuWtxI6KQt1XyG3zmC_MseftialwBnOUFSxGnmL_QwoJ1SI5NhZBZA-b98ZtB-WADzgvfnWkPeP-2GHGx-Soo4b0IX3SCTnw7SnJ3_x6RWfhZgR97bLmaAgw-6BIN-kozQw2G0-naaB7c0bm49HsaZJ1MQeZywUUmXFQ5aWyPFjlCWbBSmmqJefK1xbZDu4apFHWGZDGSAm1Z8pxIyxqI0BwinPSa1etvyAUYa68EMIwI4ITmPJOMsPcElmgw2X75P77V_VncrPQqAIiKDqCokvNNYLSJ48BiZ-3ggt1fIC10V1t9F-1ufyPRa7IIUciEUZIcrgmve36y98gEdja21jzHZziqsM |
| linkProvider | Directory of Open Access Journals |
| openUrl | ctx_ver=Z39.88-2004&ctx_enc=info%3Aofi%2Fenc%3AUTF-8&rfr_id=info%3Asid%2Fsummon.serialssolutions.com&rft_val_fmt=info%3Aofi%2Ffmt%3Akev%3Amtx%3Ajournal&rft.genre=article&rft.atitle=Zero+Trust+Security+Model+for+Enterprise+Networks&rft.jtitle=Iraqi+Journal+of+Information+%26+Communication+Technology&rft.au=Rania+M.+Habash&rft.au=mahmood+khalel&rft.date=2024-12-15&rft.pub=College+of+Information+Engineering&rft.issn=2222-758X&rft.eissn=2789-7362&rft.volume=6&rft.issue=2&rft_id=info:doi/10.31987%2Fijict.6.2.223&rft.externalDBID=DOA&rft.externalDocID=oai_doaj_org_article_74359cc5f3f8479eb7993390e8049112 |
| thumbnail_l | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/lc.gif&issn=2222-758X&client=summon |
| thumbnail_m | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/mc.gif&issn=2222-758X&client=summon |
| thumbnail_s | http://covers-cdn.summon.serialssolutions.com/index.aspx?isbn=/sc.gif&issn=2222-758X&client=summon |