MODEL FOR APPLYING ZERO-KNOWLEDGE PROOFS TO ENSURE CONFIDENTIAL AUTHENTICATION AND ACCESS CONTROL IN ENTERPRISE INFORMATION-INTELLIGENT SYSTEMS
DOI:
https://doi.org/10.28925/2663-4023.2026.33.1234Keywords:
zero-knowledge proof; authentication; cryptographic methods; access control; risk assessment; information security; confidentiality; data protection.Abstract
The paper investigates the problem of ensuring confidentiality in authentication processes within enterprise information-intelligent systems under increasing cybersecurity threats and growing requirements for data protection. The introduction substantiates the relevance of modern cryptographic approaches that minimize the transmission of sensitive information during user authentication. The literature review analyzes approaches to constructing zero-knowledge proofs, which enable verification of a statement without revealing secret data, including succinct non-interactive arguments of knowledge, transparent scalable arguments of knowledge, and compact proof systems without trusted setup. Their cryptographic properties, trust assumptions, scalability, and computational characteristics are examined. In the methodology section, an adaptive authentication model is proposed, based on the integration of cryptographic proofs with risk assessment mechanisms and contextual access analysis. A formal decision-making model for access control is developed, taking into account user parameters, environmental characteristics, and threat levels, enabling dynamic selection of the proof type depending on the current risk level. An authentication algorithm is designed, including stages of identification, context evaluation, proof generation, and verification. In the results section, a comparative analysis of different types of zero-knowledge proofs in enterprise systems is conducted, evaluating their impact on performance, security level, and resistance to attacks. It is shown that the adaptive approach ensures a balance between cryptographic strength and computational efficiency. The conclusions justify the feasibility of implementing the proposed model as part of modern continuous access verification concepts and as a means of improving enterprise information security.
Downloads
References
Diro, A., Zhou, L., Saini, A., Kaisar, S., & Pham, H. (2024). Leveraging zero knowledge proofs for blockchain-based identity sharing: A survey of advancements, challenges and opportunities. Journal of Information Security and Applications, 80, 103678. https://doi.org/10.1016/j.jisa.2023.103678
Lavin, R., Liu, X., Mohanty, H., Norman, L., Zaarour, G., & Krishnamachari, B. (2024). A survey on the applications of zero-knowledge proofs. arXiv. https://doi.org/10.48550/arXiv.2408.00243
Wang, Z., Huang, J., Miao, K., Lv, X., Chen, Y., Su, B., Liu, L., & Han, M. (2023). Lightweight zero-knowledge authentication scheme for IoT embedded devices. Computer Networks, 236, 110021. https://doi.org/10.1016/j.comnet.2023.110021
Zhong, J., He, S., Liu, Z., & Xiong, L. (2025). Lightweight anonymous authentication for IoT: A taxonomy and survey of security frameworks. Sensors, 25(17), 5594. https://doi.org/10.3390/s25175594
Zhang, B., Pan, H., Li, K., Xing, Y., Wang, J., Fan, D., & Zhang, W. (2024). A blockchain and zero knowledge proof based data security transaction method in distributed computing. Electronics, 13(21), 4260. https://doi.org/10.3390/electronics13214260
Zhao, X., Xia, F., Xia, H., Mao, Y., & Chen, S. (2024). A zero-knowledge-proof-based anonymous and revocable scheme for cross-domain authentication. Electronics, 13(14), 2730. https://doi.org/10.3390/electronics13142730
Madine, M., Salah, K., Jayaraman, R., & Yaqoob, I. (2025). Zero-knowledge proofs for anonymous authentication of patients on public and private blockchains. Array, 28, 100590. https://doi.org/10.1016/j.array.2025.100590
Ansong, E. D., Osei, S. B., & Adjei, R. A. (2025). Implementation and evaluation of the zero-knowledge protocol for identity card verification. Journal of Cyber Security, 7(1), 533–564. https://doi.org/10.32604/jcs.2025.061821
Podda, E., Hölzmer, P., Amard, A., Sedlmeir, J., & Fridgen, G. (2025). The impact of zero-knowledge proofs on data minimisation compliance of digital identity wallets. Internet Policy Review, 14(3). https://doi.org/10.14763/2025.3.2019
Kostiuk, Y., Rzaieva, S., Khorolska, K., Mazur, N., & Korshun, N. (2025). Architecture of the software system of confidential access to information resources of computer networks. In Proceedings of the Workshop Cyber Security and Data Protection (CSDP 2025) (Vol. 4042, pp. 37–53).
Pathak, A., Al Anbagi, I. S., & Hamilton, H. J. (2024). Blockchain-enhanced zero knowledge proof-based privacy-preserving mutual authentication for IoT networks. IEEE Access. https://doi.org/10.1109/ACCESS.2024.3450313
Skladannyi, P., Kostiuk, Y., Khorolska, K., Bebeshko, B., & Sokolov, V. (2025). Model and methodology for the formation of adaptive security profiles for the protection of wireless networks in the face of dynamic cyber threats. In Proceedings of the Workshop Cyber Security and Data Protection.
Dieye, M., Valiorgue, P., Gelas, J.-P., Diallo, E.-H., Ghodous, P., Biennier, F., & Peyrol, E. (2023). A self-sovereign identity based on zero-knowledge proof and blockchain. IEEE Access. https://doi.org/10.1109/ACCESS.2023.3268768
Kostiuk, Y., Skladannyi, P., Mazur, N., Rzaieva, S., Hnatchenko, D., & Honcharenko, I. (2026). Formal model of adaptive selection of cryptographic parameters for channel protection in corporate computer networks based on dynamic trust assessment. Cybersecurity: Education, Science, Technique, 4(32), 20–44. https://doi.org/10.28925/2663-4023.2026.32.1111
Alabdulatif, A. (2025). Blockchain-based privacy-preserving authentication and access control model for e-health users. Information, 16(3), 219. https://doi.org/10.3390/info16030219
Skladannyi, P., Kostiuk, Y., & Rzaieva, S. (2026). Continuous access evaluation in Zero Trust Access Management based on security event signals and dynamic session management. Mathematical Machines and Systems, 1, 29–46. https://doi.org/10.34121/1028-9763-2026-1-29-46
Rupok, M. H. K., & Hasan, K. M. A. (2025). BDIMS: A blockchain based digital identity management system with zero knowledge proof. In Proceedings of the 3rd International Conference on Computing Advancements (ICCA ’24) (pp. 607–615). ACM. https://doi.org/10.1145/3723178.3723258
Kostiuk, Y. V., & Skladannyi, P. M. (2026). Cryptographic model of trust in security events in SIEM for intelligent formation of network incidents. Modern Information Protection, 1(65), 103–118. https://doi.org/10.31673/2409-7292.2026.011393
Ramezan, G., & Meamari, E. (2024). zk-IoT: Securing the Internet of Things with zero-knowledge proofs on blockchain platforms. In Proceedings of IEEE ICBC (pp. 1–7). https://doi.org/10.1109/ICBC59979.2024.10634342
Kostiuk, Y., Skladannyi, P., Sokolov, V., & Vorokhob, M. (2025). Models and technologies of cognitive agents for decision-making with integration of artificial intelligence. In Proceedings of MoDaST 2025 (Vol. 4005, pp. 82–96).
Shahrouz, J., & Analoui, M. (2023). An anonymous authentication scheme with conditional privacy-preserving for vehicular ad hoc networks based on zero-knowledge proof and blockchain. Ad Hoc Networks, 154, 103349. https://doi.org/10.1016/j.adhoc.2023.103349
Skladannyi, P., Kostiuk, Y., Rzaieva, S., Bebeshko, B., & Korshun, N. (2025). Adaptive methods for embedding digital watermarks to protect audio and video images in information and communication systems. In Proceedings of the Workshop Classic, Quantum, and Post-Quantum Cryptography (CQPC 2025) (Vol. 4016, pp. 13–31).
Chen, X., Zhang, X., Zhong, S., et al. (2025). Anonymous authentication based on blockchain and zero-knowledge proof for vehicular ad hoc networks. The Journal of Supercomputing, 81, 1416. https://doi.org/10.1007/s11227-025-07912-5
Kostiuk, Y., Skladannyi, P., Khorolska, K., Sokolov, V., & Hulak, H. (2025). Application of statistical and neural network algorithms in steganographic synthesis and analysis of hidden information in audio and graphic files. In Proceedings of the Workshop Classic, Quantum, and Post-Quantum Cryptography (CQPC 2025) (Vol. 4016, pp. 45–65).
Berrios Moya, J. A., Ayoade, J., & Uddin, M. A. (2025). A zero-knowledge proof-enabled blockchain-based academic record verification system. Sensors, 25(11), 3450. https://doi.org/10.3390/s25113450
Kostiuk, Y., Skladannyi, P., Sokolov, V., Hulak, H., & Korshun, N. (2024). Models and algorithms for analyzing information risks during the security audit of personal data information system. In Proceedings of the Third International Conference on Cyber Hygiene & Conflict Management in Global Information Networks (CH&CMiGIN 2024) (Vol. 3925, pp. 155–171).
Published
How to Cite
Issue
Section
License
Copyright (c) 2026 Юлія Костюк, Павло Складанний, Наталія Мазур, Галина Кучаковська
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
