A Solution for Implementing Zero Trust Architecture in Video Surveillance System
Subject Areas : New technologies in distributed systems and algorithmic computing
Seyed Ali Samouti
1
*
,
Sajad Tarhani
2
,
Hesam Hasanpour
3
1 - Department of Computer Engineering and Information Technology, Sab.C., Islamic Azad University, Sabzevar, Iran
2 - Department of Mechatronics Engineering, Science and Research Branch, Islamic Azad University, Tehran, Iran
3 - Department of Computer Engineering and Information Technology, Sab.C., Islamic Azad University, Sabzevar, Iran
Keywords: Cybersecurity, Zero Trust Architecture, Continuous Authentication, Principle of Least Privilege, Continuous Monitoring and Analytics, Video Surveillance System,
Abstract :
In the digital era, the rise of cyber threats and the proliferation of internet-connected devices have exposed the limitations of traditional cybersecurity models. Zero Trust Architecture (ZTA), based on the principle that no user or device-inside or outside the network-is inherently trustworthy, offers a robust and modern security solution. This approach is especially critical for video surveillance systems, which continuously collect and store sensitive data, making them prime targets for cyberattacks. ZTA relies on four key components: continuous authentication, the principle of least privilege, data encryption, and real-time monitoring. Continuous authentication verifies user and device identities at every access request, ensuring strict access control. The principle of least privilege restricts users to only the resources necessary for their tasks, reducing vulnerabilities. Data encryption protects information during transmission and storage, preventing unauthorized access. Real-time monitoring enables swift threat detection and response, enhancing proactive defense. Adopting Zero Trust significantly improves an organization’s ability to detect, mitigate, and manage cyber threats, thereby strengthening resilience. In video surveillance systems, this architecture not only enhances security but also provides greater control over data access and activities, facilitating compliance with regulatory standards. Ultimately, Zero Trust empowers organizations to protect critical assets, maintain operational integrity, and address evolving cybersecurity challenges in an interconnected world, ensuring robust protection for sensitive data.
[1] C. Daah, A. Qureshi, and I. Awan, "Zero Trust Model Implementation Considerations in Financial Institutions: A Proposed Framework," in 2023 10th International Conference on Future Internet of Things and Cloud (FiCloud), 2023: IEEE, pp. 71–77, doi: 10.1109/FiCloud58648.2023.00019. [Online]. Available: https://ieeexplore.ieee.org/document/10410790/
[2] Y. He, D. Huang, L. Chen, Y. Ni, and X. Ma, "A survey on zero trust architecture: Challenges and future trends," Wireless Communications and Mobile Computing, vol. 2022, no. 1, p. 6476274, 2022, doi: 10.1155/2022/6476274.
[3] N. Nahar, K. Andersson, O. Schelén, and S. Saguna, "A Survey on Zero Trust Architecture: Applications and Challenges of 6G Networks," IEEE Access, 2024, doi: 10.1109/ACCESS.2024.3425350.
[4] SP 800207, Zero Trust Architecture NIST, 2020.
[5] V. Stafford, "Zero Trust Architecture," NIST special publication, vol. 800, no. 207, pp. 800–207, 2020.
[6] N. F. Syed, S. W. Shah, A. Shaghaghi, A. Anwar, Z. Baig, and R. Doss, "Zero trust architecture (zta): A comprehensive survey," IEEE access, vol. 10, pp. 57143–57179, 2022, doi: 10.1109/ACCESS.2022.3174679.
[7] A. Kudrati and B. A. Pillai, Zero Trust Journey Across the Digital Estate. CRC Press, 2022.
[8] A. Samouti, M. Fathy, and A. Khalili, "Overview of Preventive Measures and Maintenance in the Performance of Video Surveillance Systems," (in Per), International Conference on Security, Advancement, and Sustainable Development of Border Regions, Territories, and Metropolises: Strategies and Challenges Focusing on Passive Defense and Crisis Management, 2018. [Online]. Available: https://civilica.com/doc/884324.
[9] A. Samouti, H. Hesam, and K. Ali, "Overview of Cyber Threats in Networked Video Surveillance Systems and Solutions for Enhancing Security," (in Per), 4th National Conference on Computer, Information Technology, and Applications of Artificial Intelligence, 2019. [Online]. Available: https://civilica.com/doc/1238737.
[10] A. Samouti and Y. Elmi sola, "Overview of ways to enhance the security of video surveillance networks using blockchain," (in Per), Biannual Journal Monadi for Cyberspace Security (AFTA), Review Article vol. 9, no. 2, pp. 81–97, 2021. [Online]. Available: http://monadi.isc.org.ir/article1190fa.html.
[11] U. B. Chaudhry and A. K. Hydros, "Zero‐trust‐based security model against data breaches in the banking sector: A blockchain consensus algorithm," IET blockchain, vol. 3, no. 2, pp. 98–115, 2023, doi: 10.1049/blc2.12028.
[12] P. Dhiman et al., "A review and comparative analysis of relevant approaches of zero trust network model," Sensors, vol. 24, no. 4, p. 1328, 2024, doi: 10.3390/s24041328.
[13] A. Z. Jackson Mason, "Protecting Online Banking Systems with Blockchain and Zero Trust Security: Strategies for Data Security and Cyber Defense," 2023.
[14] DoD Zero Trust Strategy, DOD, 2022.
[15] H. Joshi, "Emerging Technologies Driving Zero Trust Maturity Across Industries," IEEE Open Journal of the Computer Society, vol. 6, pp. 25–36, 2025, doi: 10.1109/OJCS.2024.3505056.
[16] C. a. I. S. A. C. Division, "Zero Trust Maturity Model " vol. 2, 2022.
[17] J. P. Ioannidis, "Zero Trust Architecture in Financial Services: A Model for Secure Digital Banking," July 2023.
[18] S. Ashfaq, S. A. Patil, S. Borde, P. Chandre, P. M. Shafi, and A. Jadhav, "Zero Trust Security Paradigm: A Comprehensive Survey and Research Analysis," Journal of Electrical Systems, vol. 19, no. 2, 2023, doi: 10.1109/ACCESS.2022.3174679.
[19] O. C. Edo, T. Tenebe, E.E. Etu, A. Ayuwu, J. Emakhu, and S. Adebiyi, "Zero Trust Architecture: Trend and Impacton Information Security," International Journal of Emerging Technology and Advanced Engineering, vol. 12, no. 7, p. 140, 2022, doi: 10.46338/ijetae0722_15.
[20] S. Sarkar, G. Choudhary, S. K. Shandilya, A. Hussain, and H. Kim, "Security of zero trust networks in cloud computing: A comparative review," Sustainability, vol. 14, no. 18, p. 11213, 2022, doi: 10.3390/su141811213.
[21] T. Endress, "Zero Trust in Banking and FinTech," in Digital Project Practice for Banking and FinTech: Auerbach Publications, 2024, pp. 135–146.
[22] A. Gupta, P. Gupta, U. P. Pandey, P. Kushwaha, B. P. Lohani, and K. Bhati, "ZTSA: Zero Trust Security Architecture a Comprehensive Survey," in 2024 International Conference on Communication, Computer Sciences and Engineering (IC3SE), 2024: IEEE, pp. 378–383, doi: 10.1109/IC3SE62002.2024.10593067. [Online]. Available: https://ieeexplore.ieee.org/document/10593067/
[23] N. Ali and N. Rehman, "Zero Trust Security and Blockchain Technology: Reimagining Cyber Defense in Online Banking Systems and Financial Institutions," 2024, doi: 10.13140/RG.2.2.11051.66088.
[24] S. Ghasemshirazi, G. Shirvani, and M. A. Alipour, "Zero trust: Applications, challenges, and opportunities," arXiv preprint arXiv:2309.03582, 2023, doi: 10.48550/arXiv.2309.03582.
[25] D. Ajish, "The significance of artificial intelligence in zero trust technologies: a comprehensive review," Journal of Electrical Systems and Information Technology, vol. 11, no. 1, p. 30, 2024, doi: 10.1186/s4306702400155z.
[26] X. Yan and H. Wang, "Survey on zerotrust network security," in International Conference on Artificial Intelligence and Security, 2020: Springer, pp. 50–60, doi: 10.1007/9789811580833_5. [Online]. Available: https://link.springer.com/chapter/10.1007/9789811580833_5
[27] C. Itodo and M. Ozer, "Multivocal literature review on zerotrust security implementation," Computers & Security, p. 103827, 2024, doi: 10.1016/j.cose.2024.103827.
[28] W. Dorris. "Zero trust networks, and the implications for video surveillance " (accessed.