SPECIFICITY OF BUILDING A ZERO TRUST ARCHITECTURE IN HYBRID INFRASTRUCTURES
DOI:
https://doi.org/10.28925/2663-4023.2025.28.846Keywords:
Zero Trust Architecture, hybrid environment, local area network, cloud infrastructure, integration, compliance, microsegmentation, identityAbstract
The popularity of hybrid infrastructures is growing rapidly, as they allow you to combine the advantages of local computing resources - control, cost-effectiveness, compliance with regulatory requirements - with the scalability, flexibility and high availability of cloud technologies. In such conditions, there is a need to provide a unified approach to information security that can cover both types of environments. Zero Trust Architecture (ZTA) is considered a modern and effective model that allows you to achieve a high level of access control, minimize the risks of security breaches and ensure the protection of critical resources regardless of their location. However, building ZTA in hybrid environments is accompanied by a number of challenges due to the heterogeneity of technologies, the lack of unified management tools, varying degrees of control over infrastructure components and the complexity of implementing unified authentication, authorization and monitoring policies. The article examines the key differences between traditional (local) and hybrid infrastructures, in particular from the point of view of building a zero-trust architecture. The specifics of integrating elements of local and cloud environments, which often have different mechanisms for user identification, session management, event logging, and access policy enforcement, are analyzed. A number of important architectural components and technologies are proposed that form the stack of components necessary for implementing ZTA in a hybrid environment. An analysis of the challenges of implementing a zero-trust architecture in a hybrid network infrastructure is also described, in particular the complexity of hybrid network topologies, the complexity of microsegmentation, visibility unification, centralized access management (IAM), and others. Taking into account the identified features, a phased plan for migrating hybrid infrastructures to a zero-trust architecture has been formed, which involves assessment and planning, architecture development, decision selection, and other important steps.
Downloads
References
Bashir, T. (2024). Zero Trust Architecture: Enhancing Cybersecurity in Enterprise Networks. Journal of Computer Science and Technology Studies. https://doi.org/10.32996/jcsts.2024.6.4.8
Rose, S. (2021). Planning for a Zero Trust Architecture. https://doi.org/10.6028/nist.cswp.08042021-draft
Chimakurthi, V. (2020). The Challenge of Achieving Zero Trust Remote Access in Multi-Cloud Environment. ABC Journal of Advanced Research. https://doi.org/10.18034/abcjar.v9i2.608
Prydybaylo, O. (2024). Zero trust architecture logical components and implementation approaches. Connectivity. https://doi.org/10.31673/2412-9070.2024.030711
Teykhrib, A. (2016). Data transmission in Hybrid Distributed Environment. International Journal of Electrical and Computer Engineering, 6, 2989–2993. https://doi.org/10.11591/ijece.v6i6.12129
Liakopoulos, A., Hanemann, A., & Sevasti, A. (2007). Point-to-Point Services in Hybrid Networks: Technologies and Performance Metrics. International Conference on Networking and Services (ICNS ‘07). https://doi.org/10.1109/ICNS.2007.96
Teykhrib, A. (2016). Data transmission in Hybrid Distributed Environment. International Journal of Electrical and Computer Engineering, 6, 2989–2993. https://doi.org/10.11591/ijece.v6i6.12129
Tchepnda, C., Moustafa, H., & Labiod, H. (2006). Hybrid Wireless Networks: Applications, Architectures and New Perspectives. 2006 3rd Annual IEEE Communications Society on Sensor and Ad Hoc Communications and Networks, 3, 848–853. https://doi.org/10.1109/SAHCN.2006.288571
Hasan, M. (2024). Enhancing Enterprise Security with Zero Trust Architecture. http://dx.doi.org/10.48550/arXiv.2410.18291
Singh, J. (2024). Zenith Armor : Advancing Security with Zero Trust Measures. Interantional journal of scientific research in engineering and management. https://doi.org/10.55041/ijsrem31326
Bashir, T. (2024). Zero Trust Architecture: Enhancing Cybersecurity in Enterprise Networks. Journal of Computer Science and Technology Studies. https://doi.org/10.32996/jcsts.2024.6.4.8
Prydybailo, O. (2022). Zero trust architecture: the basics organization principles. Connectivity. https://doi.org/10.31673/2412-9070.2022.051620
Lund, B., Lee, T., Wang, Z., Wang, T., & Mannuru, N. (2024). Zero Trust Cybersecurity: Procedures and Considerations in Context. Encyclopedia. https://doi.org/10.3390/encyclopedia4040099
Bansal, P. (2024). Zero Trust Security: Is it Optional?. International Journal of Innovative Science and Research Technology (IJISRT). https://doi.org/10.38124/ijisrt/ijisrt24sep1521
Hussain, M., Pal, S., Jadidi, Z., Foo, E., & Kanhere, S. (2024). Federated Zero Trust Architecture using Artificial Intelligence. IEEE Wireless Communications, 31, 30–35. https://doi.org/10.1109/MWC.001.2300405
Nutalapati, P. (2023). Zero Trust Architecture in Cloud-Based Fintech Applications. Journal of Artificial Intelligence & Cloud Computing. https://doi.org/10.47363/jaicc/2023(2)e152
Teerakanok, S., Uehara, T., & Inomata, A. (2021). Migrating to Zero Trust Architecture: Reviews and Challenges. Secur. Commun. Networks, 2021, 9947347:1–9947347:10. https://doi.org/10.1155/2021/9947347
Dhiman, P., Saini, N., Gulzar, Y., Turaev, S., Kaur, A., Nisa, K., & Hamid, Y. (2024). A Review and Comparative Analysis of Relevant Approaches of Zero Trust Network Model. Sensors (Basel, Switzerland), 24. https://doi.org/10.3390/s24041328
Bashir, T. (2024). Zero Trust Architecture: Enhancing Cybersecurity in Enterprise Networks. Journal of Computer Science and Technology Studies. https://doi.org/10.32996/jcsts.2024.6.4.8
Sarkar, S., Choudhary, G., Shandilya, S., Hussain, A., & Kim, H. (2022). Security of Zero Trust Networks in Cloud Computing: A Comparative Review. Sustainability. https://doi.org/10.3390/su141811213
Dhiman, P., Saini, N., Gulzar, Y., Turaev, S., Kaur, A., Nisa, K., & Hamid, Y. (2024). A Review and Comparative Analysis of Relevant Approaches of Zero Trust Network Model. Sensors (Basel, Switzerland), 24. https://doi.org/10.3390/s24041328
Khan, M. (2023). Zero trust architecture: Redefining network security paradigms in the digital age. World Journal of Advanced Research and Reviews. https://doi.org/10.30574/wjarr.2023.19.3.1785
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Роман Сиротинський, Іван Тишик
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
