How might IAM help your organization to use a Zero Trust architecture?
Keywords:
Zero Trust Architecture, Identity and Access Management (IAM), cybersecurity, user authenticationAbstract
Using IAM solutions will help companies maintain the Zero Trust principles—that is, "never trust, always verify"—to ensure that only authorized people and devices have access to suitable resources. This approach consists of several fundamental elements like dynamic policy enforcements, least privilege accesses, multi-factor authentication & continuous monitoring. These features help companies to reduce risk by limiting access and continuously confirming dependability at all access points. Zero Trust with Identity and Access Management improves security and streamlines audit processes and compliance practices, therefore enabling adherence to legal criteria. Understanding the interaction between IAM and Zero Trust is crucial for companies trying to use this architecture to create a strong security strategy able to change with changing threats. This approach helps security teams to proactively handle prospective breaches and suspicious activities, therefore creating a flexible and safe environment that preserves valuable information and resources while keeping production.
References
1. DeCusatis, C., Liengtiraphan, P., Sager, A., & Pinelli, M. (2016, November). Implementing zero trust cloud networks with transport access control and first packet authentication. In 2016 IEEE International Conference on Smart Cloud (SmartCloud) (pp. 5-10). IEEE.
2. DeCusatis, C., Liengtiraphan, P., Sager, A., & Pinelli, M. (2016, November). Implementing zero trust cloud networks with transport access control and first packet authentication. In 2016 IEEE International Conference on Smart Cloud (SmartCloud) (pp. 5-10). IEEE.
3. Indu, I., Anand, P. R., & Bhaskar, V. (2018). Identity and access management in cloud environment: Mechanisms and challenges. Engineering science and technology, an international journal, 21(4), 574-588.
4. Bradford, M., Earp, J. B., & Grabski, S. (2014). Centralized end-to-end identity and access management and ERP systems: A multi-case analysis using the Technology Organization Environment framework. International Journal of Accounting Information Systems, 15(2), 149-165.
5. Gonzales, D., Kaplan, J. M., Saltzman, E., Winkelman, Z., & Woods, D. (2015). Cloud-trust—A security assessment model for infrastructure as a service (IaaS) clouds. IEEE Transactions on Cloud Computing, 5(3), 523-536.
6. Mohammed, I. A. (2013). Intelligent authentication for identity and access management: a review paper. International Journal of Managment, IT and Engineering (IJMIE), 3(1), 696-705.
7. Syed, F. M., & ES, F. K. (2018). The Role of IAM in Mitigating Ransomware Attacks on Healthcare Facilities. International Journal of Machine Learning Research in Cybersecurity and Artificial Intelligence, 9(1), 121-154.
8. Cunningham, C., Blankenship, J., Balaouras, S., Murphy, R., & Cyr, M. (2018). The zero trust eXtended (ZTX) ecosystem. Forrester, Cambridge, MA.
9. Almulla, S. A., & Yeun, C. Y. (2010, March). Cloud computing security management. In 2010 Second International Conference on Engineering System Management and Applications (pp. 1-7). IEEE.
10. Kuperberg, M. (2019). Blockchain-based identity management: A survey from the enterprise and ecosystem perspective. IEEE Transactions on Engineering Management, 67(4), 1008-1027.
11. Mikula, T., & Jacobsen, R. H. (2018, August). Identity and access management with blockchain in electronic healthcare records. In 2018 21st Euromicro conference on digital system design (DSD) (pp. 699-706). IEEE.
12. Nadareishvili, I., Mitra, R., McLarty, M., & Amundsen, M. (2016). Microservice architecture: aligning principles, practices, and culture. " O'Reilly Media, Inc.".
13. Ross, J. W., Beath, C. M., & Mocker, M. (2019). Designed for digital: How to architect your business for sustained success. Mit Press.
14. Erl, T., Puttini, R., & Mahmood, Z. (2013). Cloud computing: concepts, technology & architecture. Pearson Education.
15. Smari, W. W., Clemente, P., & Lalande, J. F. (2014). An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system. Future Generation Computer Systems, 31, 147-168.
16. Gade, K. R. (2019). Data Migration Strategies for Large-Scale Projects in the Cloud for Fintech. Innovative Computer Sciences Journal, 5(1).
17. Gade, K. R. (2018). Real-Time Analytics: Challenges and Opportunities. Innovative Computer Sciences Journal, 4(1).
18. Boda, V. V. R., & Immaneni, J. (2019). Streamlining FinTech Operations: The Power of SysOps and Smart Automation. Innovative Computer Sciences Journal, 5(1).
19. Nookala, G., Gade, K. R., Dulam, N., & Thumburu, S. K. R. (2019). End-to-End Encryption in Enterprise Data Systems: Trends and Implementation Challenges. Innovative Computer Sciences Journal, 5(1).
20. Katari, A. (2019). Real-Time Data Replication in Fintech: Technologies and Best Practices. Innovative Computer Sciences Journal, 5(1).
21. Katari, A. (2019). ETL for Real-Time Financial Analytics: Architectures and Challenges. Innovative Computer Sciences Journal, 5(1).
22. Komandla, V. Enhancing Security and Fraud Prevention in Fintech: Comprehensive Strategies for Secure Online Account Opening.
23. Komandla, V. Transforming Financial Interactions: Best Practices for Mobile Banking App Design and Functionality to Boost User Engagement and Satisfaction.
24. Gade, K. R. (2017). Integrations: ETL vs. ELT: Comparative analysis and best practices. Innovative Computer Sciences Journal, 3(1).
25. Naresh Dulam. DataOps: Streamlining Data Management for Big Data and Analytics . Distributed Learning and Broad Applications in Scientific Research, vol. 2, Oct. 2016, pp. 28-50
26. Muneer Ahmed Salamkar, and Karthik Allam. Architecting Data Pipelines: Best Practices for Designing Resilient, Scalable, and Efficient Data Pipelines. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Jan. 2019
27. Muneer Ahmed Salamkar. ETL Vs ELT: A Comprehensive Exploration of Both Methodologies, Including Real-World Applications and Trade-Offs. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Mar. 2019
28. Muneer Ahmed Salamkar. Next-Generation Data Warehousing: Innovations in Cloud-Native Data Warehouses and the Rise of Serverless Architectures. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Apr. 2019
29. Muneer Ahmed Salamkar. Real-Time Data Processing: A Deep Dive into Frameworks Like Apache Kafka and Apache Pulsar. Distributed Learning and Broad Applications in Scientific Research, vol. 5, July 2019
30. Muneer Ahmed Salamkar, and Karthik Allam. “Data Lakes Vs. Data Warehouses: Comparative Analysis on When to Use Each, With Case Studies Illustrating Successful Implementations”. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Sept. 2019
31. Naresh Dulam. Apache Spark: The Future Beyond MapReduce. Distributed Learning and Broad Applications in Scientific Research, vol. 1, Dec. 2015, pp. 136-5
32. Naresh Dulam. NoSQL Vs SQL: Which Database Type Is Right for Big Data?. Distributed Learning and Broad Applications in Scientific Research, vol. 1, May 2015, pp. 115-3
33. Naresh Dulam. Data Lakes: Building Flexible Architectures for Big Data Storage. Distributed Learning and Broad Applications in Scientific Research, vol. 1, Oct. 2015, pp. 95-114
34. Naresh Dulam. The Rise of Kubernetes: Managing Containers in Distributed Systems. Distributed Learning and Broad Applications in Scientific Research, vol. 1, July 2015, pp. 73-94
35. Naresh Dulam. Snowflake: A New Era of Cloud Data Warehousing. Distributed Learning and Broad Applications in Scientific Research, vol. 1, Apr. 2015, pp. 49-72
36. Sarbaree Mishra. A Distributed Training Approach to Scale Deep Learning to Massive Datasets. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Jan. 2019
37. Sarbaree Mishra, et al. Training Models for the Enterprise - A Privacy Preserving Approach. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Mar. 2019
38. Sarbaree Mishra. Distributed Data Warehouses - An Alternative Approach to Highly Performant Data Warehouses. Distributed Learning and Broad Applications in Scientific Research, vol. 5, May 2019
39. Sarbaree Mishra, et al. Improving the ETL Process through Declarative Transformation Languages. Distributed Learning and Broad Applications in Scientific Research, vol. 5, June 2019
40. Sarbaree Mishra. A Novel Weight Normalization Technique to Improve Generative Adversarial Network Training. Distributed Learning and Broad Applications in Scientific Research, vol. 5, Sept. 2019
Published
Issue
Section
License
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
