A Zero-Trust Enterprise Integration Reference Architecture for Regulated Industries
DOI:
https://doi.org/10.15662/IJRAI.2024.0704010Keywords:
Zero Trust Architecture, Regulated Industries, Enterprise Integration, Identity-Based Access Control, Compliance and Auditability, Middleware Security, Microservices IntegrationAbstract
This paper presents a Zero-Trust Enterprise Integration Reference Architecture for regulated industries and evaluates its effectiveness using a quantitative experimental approach. The results indicate a significant improvement in security and compliance metrics. Unauthorized access blocking increased to 96%, while opportunities for lateral movement decreased by 83%. Implicit trust-based integration flows were reduced from 78% to 4%. Enforcement coverage across APIs, messaging, and file transfers increased to over 95%. Audit log completeness improved from 68% to 98%, and audit preparation time was reduced by 62%. Performance overhead was kept within acceptable limits, with average latency increasing by 15% and throughput decreasing by only 6%. These results demonstrate that the proposed architecture achieves strong security and compliance benefits with manageable operational impact.
References
[1] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture. https://doi.org/10.6028/nist.sp.800-207
[2] Chandramouli, R. (2023). A Zero trust architecture model for access control in cloud native applications in Multi-Cloud environments. https://doi.org/10.6028/nist.sp.800-207a.ipd
[3] Arora, S., & Tewari, A. (2023). Zero trust architecture in IAM with AI integration. International Journal of Science and Research Archive, 8(2), 737–745. https://doi.org/10.30574/ijsra.2023.8.2.0163
[4] Esposito, C., Castiglione, A., & Choo, K. R. (2016). Challenges in delivering software in the cloud as microservices. IEEE Cloud Computing, 3(5), 10–14. https://doi.org/10.1109/mcc.2016.105
[5] Miller, L., Merindol, P., Gallais, A., & Pelsser, C. (2021). Towards Secure and Leak-Free Workflows Using Microservice Isolation. Towards Secure and Leak-Free Workflows Using Microservice Isolation, 1–5. https://doi.org/10.1109/hpsr52026.2021.9481820
[6] Sarkar, S., Choudhary, G., Shandilya, S. K., Hussain, A., & Kim, H. (2022). Security of zero trust networks in Cloud Computing: A Comparative review. Sustainability, 14(18), 11213. https://doi.org/10.3390/su141811213
[7] Bhadani, U. (2020). Zero Trust Architecture: A Paradigm Shift in Securing Modern Networks. Zero Trust Architecture: A Paradigm Shift in Securing Modern Networks. https://doi.org/10.13140/rg.2.2.15071.47524
[8] Federici, F., Martintoni, D., & Senni, V. (2023). A Zero-Trust architecture for remote access in industrial IoT infrastructures. Electronics, 12(3), 566. https://doi.org/10.3390/electronics12030566
