eISSN: 3087-4297 editor@aimjournals.com
All Journals
Submit your article

International Journal of Cyber Threat Intelligence and Secure Networking

Open Access Peer Review International
Open Access

ADAPTIVE TRUST BOUNDARY ENFORCEMENT: A COMPREHENSIVE REVIEW OF ZERO TRUST ARCHITECTURE IMPLEMENTATION AND USABILITY CHALLENGES

DOI
pdf
Prof. Dmitry V. Volkov 1 , Dr. Kofi Agyapong 1 ,
4 Department of Computer Security, Moscow State University, Moscow, Russia
4 School of Information and Communication Technology, Kwame Nkrumah University of Science and Technology, Kumasi, Ghana

Abstract

Purpose: This paper systematically reviews the implementation of Zero Trust (ZT) Architecture, focusing on the critical challenges associated with its deployment and, specifically, the nuanced trade-off between enhanced security and user-perceived usability friction. It aims to synthesize the current state of practice and identify the core arguments that are shaping the next generation of adaptive access control.

Β 

Methodology: A systematic literature review was conducted, synthesizing academic and industry documentation on ZT principles, architectural components, and empirical studies concerning user experience. The analysis utilized a novel Security-Usability Trade-Off (SUT) Matrix to map findings related to security strength against metrics of user friction, such as security fatigue and productivity effects.

Β 

Findings: The findings confirm that ZT represents a fundamental paradigm shift from network-centric to identity-centric access control, leveraging real-time, continuous authentication attributes. A significant implementation barrier is the human element, where increased multi-factor authentication (MFA) requirements often lead to observable security fatigue and employee resistance. The most effective ZT models are those that integrate context-aware machine learning into the Policy Decision Point for truly adaptive, low-friction boundary enforcement.

Β 

Originality: This study provides a unified conceptual framework for evaluating ZT implementation success that moves beyond purely technical metrics to incorporate essential human factors. It proposes the "Frictionless ZT" model as a necessary path for maximizing compliance and minimizing organizational cost associated with security fatigue.

Keywords

Zero Trust, Adaptive Security, Security Fatigue, Identity-Centric Access

References

πŸ“„ Cam-Winget N (ed.), Appala S, Pope S, Saint-Andre P (2019) Using Extensible Messaging and Presence Protocol (XMPP) for Security Information Exchange. (Internet Engineering Task Force (IETF)), IETF Request for Comments (RFC) 8600. https://doi.org/10.17487/RFC8600
πŸ“„ Singh, V. (2025). Securing Transactional Integrity: Cybersecurity Practices in Fintech and Core Banking. QTanalytics Publication (Books), 86–96. https://doi.org/10.48001/978-81-980647-2-1-9
πŸ“„ Software Defined Perimeter Working Group β€œSDP Specification 1.0” Cloud Security Alliance. April 2014.
πŸ“„ Stanton B, Theofanos MF, Spickard Prettyman S, Furman S (2016) Security Fatigue. IT Professional 18(5):26-32. https://doi.org/10.1109/MITP.2016.84
πŸ“„ Strouble D, Shechtman GM, Alsop AS (2009) Productivity and Usability Effects of Using a Two- Factor Security System. SAIS 2009 Proceedings (AIS, Charleston, SC), p 37. Available at http://aisel.aisnet.org/sais2009/37
πŸ“„ Zero-Trust Architecture in Java Microservices. (2025). International Journal of Networks and Security, 5(01), 202-214. https://doi.org/10.55640/ijns-05-01-12
πŸ“„ Weidman J, Grossklags J (2017) I Like It but I Hate It: Employee Perceptions Towards an Institutional Transition to BYOD Second-Factor Authentication. Proceedings of the 33rd Annual Computer Security Applications Conference (ACSAC 2017) (ACM, Orlando, FL), pp 212-224.
πŸ“„ https://doi.org/10.1145/3134600.3134629
πŸ“„ Sardana, J., & Mukesh Reddy Dhanagari. (2025). Bridging IoT and Healthcare: Secure, Real-Time Data Exchange with Aerospike and Salesforce Marketing Cloud. International Journal of Computational and Experimental Science and Engineering, 11(3).
πŸ“„ https://doi.org/10.22399/ijcesen.3853
πŸ“„ Kumar Tiwari, S. (2023). Security testing automation for digital transformation in the age of cyber threats. International Journal of Applied Engineering & Technology, 5(S5), 135–146. Roman Science Publications.