AI-Enabled Zero-Trust Security Architecture at Network Edge

Enterprise network security has rapidly transitioned from customary castle-and-moat architectures to Zero-Trust network security architectures that focus on identity-based security controls for distributed computing environments. In particular, the emergence of Internet of Things (IoT) devices and cloud computing, together with the associated threat landscape, render customary castle-and-moat security architectures as well as trusted networks and trusted devices obsolete. As a result, constant authentication and authorization of each access request based on a wide-ranging context are required instead. Edge computing infrastructure can implement Zero Trust using distributed policy enforcement points with low-latency response and control. Artificial intelligence-based deep learning architectures, such as recurrent neural networks and transformer architectures, can autonomously detect threats at the edge by monitoring and analyzing network and device behavior during system operation in real-time. API-based security orchestration solutions allow security policies to be dynamically updated in response to incidents in the underlying network infrastructure, resulting in incident response time frames in the sub-second range. Advanced Persistent Threats targeting SCADA and ICS systems require alternative approaches such as game-theoretic modeling combined with physical system monitoring. When combined with Zero-Trust principles deployed at the network edge, ML can enable a distributed, ultra-low latency security fabric that is able to detect advanced and evasive attacks and that is suited to latency-sensitive applications. Physical system detection algorithms were shown to be effective against integrity attacks on IACS with low false positives. Protocol-specific intrusion detection systems using deterministic finite automaton approaches can achieve perfect traffic modeling and detect anomalies in the field. The security of the modern distributed enterprise against new-age cyber threats has been established by the convergence of Zero-Trust architecture, edge computing, artificial intelligence, and automated security orchestration.