pith. machine review for the scientific record.
sign in

arxiv: 2604.24205 · v1 · submitted 2026-04-27 · 💻 cs.CR

Converging Zero Trust and IoT Security: A Multivocal Literature Review

Mariam Wehbe , Laurent Bobelin This is my paper

Pith reviewed 2026-05-08 02:47 UTC · model grok-4.3

classification 💻 cs.CR
keywords Zero TrustIoT SecurityMultivocal Literature ReviewNIST StandardsSecurity FrameworksResearch GapsConvergence
0
0 comments X

The pith

A review of 104 studies finds academia and industry take divergent paths when applying Zero Trust to IoT.

A machine-rendered reading of the paper's core claim, the machinery that carries it, and where it could break.

This paper delivers the first multivocal literature review on Zero Trust principles applied to Internet of Things security. It examines 68 academic works alongside 36 industrial studies to map how each community approaches the topic. Academic sources tend to propose changes to IoT devices and protocols so they meet Zero Trust requirements. Industrial sources instead emphasize fitting IoT into existing Zero Trust architectures that already follow NIST guidelines. The review also flags three under-explored areas: combined social and technical factors, cost versus benefit trade-offs, and collaboration across disciplines.

Core claim

The analysis reveals two complementary yet divergent perspectives: academia focuses on IoT compliance with ZT principles through IoT modifications, while industry prioritizes practical integration within existing ZT frameworks guided by NIST standards. Critical research gaps exist in socio-technical understanding, cost-benefit evaluation, and interdisciplinary collaboration.

What carries the argument

The multivocal literature review that systematically combines academic and industrial sources to identify perspectives and gaps in Zero Trust and IoT security convergence.

If this is right

  • Research should prioritize socio-technical studies that examine both human and technical barriers to Zero Trust adoption in IoT.
  • Cost-benefit evaluations are required to determine when modifying IoT systems or extending existing frameworks yields better returns.
  • Interdisciplinary teams spanning security engineering, policy, and business analysis are needed to close the identified gaps.
  • NIST guidance could be extended with explicit IoT modification patterns drawn from academic work.

Where Pith is reading between the lines

These are editorial extensions of the paper, not claims the author makes directly.

  • Organizations deciding on Zero Trust for IoT could first test which perspective better matches their existing infrastructure and device fleet.
  • A hybrid model that uses academic-style device adjustments inside industrial frameworks might reduce the divergence over time.
  • Empirical pilots that measure breach reduction and operational cost in live IoT deployments would provide concrete evidence for the review's suggested directions.

Load-bearing premise

The 68 academic and 36 industrial studies selected for the review accurately and fully represent the full range of current perspectives without major selection bias or omissions.

What would settle it

A new review that samples a wider or differently chosen set of sources and finds either substantially more overlap between the two perspectives or major gaps not identified here would undermine the completeness claim.

Figures

Figures reproduced from arXiv: 2604.24205 by Laurent Bobelin, Mariam Wehbe.

Figure 1
Figure 1. Figure 1: ZT Architecture (PIP in blue, core component with thick lines) view at source ↗
Figure 2
Figure 2. Figure 2: Four-layer IoT architecture (on the left) with mapped Zero Trust (ZT) control components (on the right). Each layer interacts view at source ↗
Figure 5
Figure 5. Figure 5: Distribution of AL and GL over time (AL on the left, GL on the right side) view at source ↗
read the original abstract

The convergence of Internet of Things (IoT) security and Zero Trust (ZT) principles is a trending topic, demanding a comprehensive, multi-perspective analysis. We present the first multivocal literature review (MLR) on this topic, combining 68 academic and 36 industrial studies. This comprehensive review identifies two complementary yet divergent perspectives: academia focuses on IoT compliance with ZT principles through IoT modifications, while industry prioritizes practical integration within existing ZT frameworks guided by NIST standards. The analysis reveals critical research gaps in socio-technical understanding, cost-benefit evaluation, and interdisciplinary collaboration, highlighting these as key directions for future research.

Editorial analysis

A structured set of objections, weighed in public.

Desk editor's note, referee report, simulated authors' rebuttal, and a circularity audit. Tearing a paper down is the easy half of reading it; the pith above is the substance, this is the friction.

Referee Report

2 major / 2 minor

Summary. The paper presents the first multivocal literature review (MLR) on the convergence of Zero Trust (ZT) and IoT security. It synthesizes 68 academic and 36 industrial studies to identify two complementary yet divergent perspectives: academia emphasizes modifying IoT systems to achieve ZT compliance, while industry focuses on practical integration of ZT frameworks guided by NIST standards. The review also identifies key research gaps in socio-technical understanding, cost-benefit evaluation, and interdisciplinary collaboration as priorities for future work.

Significance. If the corpus selection and thematic analysis hold, the work provides a useful bridge between academic and industrial viewpoints on IoT security, offering concrete gap identification that could guide aligned research and practice in cybersecurity.

major comments (2)
  1. [Methodology] Methodology section: The manuscript provides no details on search strings, queried databases (academic or grey-literature sources), inclusion/exclusion criteria, duplicate handling, quality assessment, or inter-rater reliability for the 68 academic + 36 industrial studies. This absence makes it impossible to evaluate whether the claimed academic-vs-industry divergence is supported by the data or is an artifact of selection bias, directly undermining the central synthesis claim.
  2. [Results/Discussion] Results and Discussion sections: The two-perspective split is asserted without quantitative support (e.g., no breakdown of how many studies fall into each category, no example citations illustrating the IoT-modification vs. NIST-integration distinction, and no thematic coding scheme). This leaves the divergence vulnerable to subjective interpretation.
minor comments (2)
  1. [Abstract] Abstract: The claim of being the 'first' MLR should be supported by a brief statement on prior related reviews or searches that found none.
  2. [Methodology] The paper would benefit from a PRISMA-style flow diagram or table summarizing study selection numbers at each stage.

Simulated Author's Rebuttal

2 responses · 0 unresolved

We thank the referee for their constructive comments, which highlight important areas for improving the transparency and rigor of our multivocal literature review. We agree that the manuscript would benefit from expanded methodological details and additional quantitative and illustrative support for the identified perspectives. We address each major comment below and will incorporate revisions in the next version of the manuscript.

read point-by-point responses

  1. Referee: [Methodology] Methodology section: The manuscript provides no details on search strings, queried databases (academic or grey-literature sources), inclusion/exclusion criteria, duplicate handling, quality assessment, or inter-rater reliability for the 68 academic + 36 industrial studies. This absence makes it impossible to evaluate whether the claimed academic-vs-industry divergence is supported by the data or is an artifact of selection bias, directly undermining the central synthesis claim.

    Authors: We acknowledge that the Methodology section in the submitted manuscript lacks these explicit details, which is a valid concern for assessing reproducibility and potential bias in a literature review. In the revised manuscript, we will expand this section to fully describe the search strings used for academic databases (IEEE Xplore, ACM Digital Library, Scopus, and Web of Science) and grey-literature sources (NIST publications, industry reports from Gartner, Forrester, and similar organizations). We will also detail the inclusion/exclusion criteria, duplicate removal process, quality assessment approach, and inter-rater reliability measures (including independent screening by multiple authors and consensus resolution). A PRISMA-style flow diagram will be added to illustrate the selection process. These changes will enable readers to evaluate the robustness of the academic-versus-industry divergence. revision: yes

  2. Referee: [Results/Discussion] Results and Discussion sections: The two-perspective split is asserted without quantitative support (e.g., no breakdown of how many studies fall into each category, no example citations illustrating the IoT-modification vs. NIST-integration distinction, and no thematic coding scheme). This leaves the divergence vulnerable to subjective interpretation.

    Authors: We agree that the current presentation would be strengthened by more explicit quantitative backing and illustrative elements to support the two-perspective synthesis. In the revision, we will add to the Results section a breakdown of the number of studies aligned with each perspective, representative citations from the academic and industrial corpora that exemplify the IoT-modification focus versus NIST-guided integration focus, and a description of the thematic coding scheme, including how codes were developed, applied, and validated. These additions will provide clearer evidence for the divergence while reducing the potential for subjective interpretation. revision: yes

Circularity Check

0 steps flagged

No circularity: descriptive literature synthesis with no derivations or self-referential reductions

full rationale

This is a multivocal literature review that selects and synthesizes 68 academic plus 36 industrial studies to identify two perspectives on ZT-IoT convergence. No equations, parameters, predictions, or models exist. The central claim (academic focus on IoT modification vs. industry NIST-guided integration) is an empirical observation drawn from the external corpus rather than a quantity defined in terms of itself or fitted to a subset and re-labeled as output. No self-citation chains, ansatzes, or uniqueness theorems are invoked to force the result. The work is self-contained as a standard review whose validity rests on search reproducibility and inclusion criteria, not on internal circular construction.

Axiom & Free-Parameter Ledger

0 free parameters · 1 axioms · 0 invented entities

This is a literature-review paper. It introduces no new physical or mathematical entities, no fitted parameters, and relies only on standard assumptions about how multivocal reviews should be conducted.

axioms (1)
  • domain assumption Multivocal literature review methodology can reliably distinguish academic and industrial perspectives when studies are selected according to stated criteria.
    The paper applies MLR without providing the concrete selection rules or quality checks used.

pith-pipeline@v0.9.0 · 5399 in / 1186 out tokens · 44179 ms · 2026-05-08T02:47:59.475734+00:00 · methodology

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Reference graph

Works this paper leans on

123 extracted references · 103 canonical work pages

  1. [1]

    Khaled Ali Abuhasel. 2023. A Zero-Trust Network-Based Access Control Scheme for Sustainable and Resilient Industry 5.0.IEEE Access11, unknown (2023), 116398–116409. doi:10.1109/ACCESS.2023.3325879

    work page doi:10.1109/access.2023.3325879 2023

  2. [2]

    Alex Akinbi, Áine MacDermott, and Aras M. Ismael. 2022. A systematic literature review of blockchain-based Internet of Things (IoT) forensic investigation process models.Forensic Science International: Digital Investigation42-43, unknown (2022), 301470. doi:10.1016/j.fsidi.2022.301470 Manuscript submitted to ACM Submitted to ACM CSUR 20 Mariam Wehbe and L...

    work page doi:10.1016/j.fsidi.2022.301470 2022

  3. [3]

    Abeer Alalmaie, Nazar Waheed, Mohrah Alalyan, Wenjing Jia, and Xiangjian He. 2024. Zero Trust for Intrusion Detection System: A Systematic Literature Review. InProceedings of the 16th International Conference on Agents and Artificial Intelligence (ICAART 2024), Vol. 3. SCITEPRESS, Roma, Italy, 170–177. doi:10.5220/0012312300003636

    work page doi:10.5220/0012312300003636 2024

  4. [4]

    Azim, Muhammad Yunis Daha, Babangida Isyaku, and Shimhaz Ali

    Abdussalam Ahmed Alashhab, Mohd Soperi Mohd Zahid, Mohamed Mostafa A. Azim, Muhammad Yunis Daha, Babangida Isyaku, and Shimhaz Ali. 2022. A Survey of Low Rate DDoS Detection Techniques Based on Machine Learning in Software-Defined Networks.Symmetry14, 8 (2022),

    2022

  5. [5]

    doi:10.3390/SYM14081563

    work page doi:10.3390/sym14081563

  6. [6]

    Muntaha Alawneh and Imad M. Abbadi. 2022. Integrating Trusted Computing Mechanisms with Trust Models to Achieve Zero Trust Principles. 2022 9th International Conference on Internet of Things, Systems, Management and Security, IOTSMS 2022unknown, unknown (2022), unknown. doi:10.1109/IOTSMS58070.2022.10062269

    work page doi:10.1109/iotsms58070.2022.10062269 2022

  7. [7]

    Gregory, and Shuo Li

    Belal Ali, Mark A. Gregory, and Shuo Li. 2021. Uplifting Healthcare Cyber Resilience with a Multi-access Edge Computing Zero-Trust Security Model.2021 31st International Telecommunication Networks and Applications Conference, ITNAC 2021unknown, unknown (2021), 192–197. doi:10.1109/ITNAC53136.2021.9652141 medical devices and health equipment are considered...

    work page doi:10.1109/itnac53136.2021.9652141 2021

  8. [8]

    Mohammed Almutairi and Frederick T. Sheldon. 2023. IoT–Cloud Integration Security: A Survey of Challenges, Solutions, and Directions.Electronics 14, 7 (2023), 1394. doi:10.3390/electronics14071394

    work page doi:10.3390/electronics14071394 2023

  9. [9]

    Shrooq Alshomrani and Shancang Li. 2022. PUFDCA: A Zero-Trust-Based IoT Device Continuous Authentication Protocol.Wireless Communications and Mobile Computing2022, unknown (2022), unknown. doi:10.1155/2022/6367579

    work page doi:10.1155/2022/6367579 2022

  10. [10]

    Safwa Ameer, Maanak Gupta, Smriti Bhatt, and Ravi Sandhu. 2022. BlueSky: Towards Convergence of Zero Trust Principles and Score-Based Authorization for IoT Enabled Smart Systems. InProceedings of the 27th ACM on Symposium on Access Control Models and Technologies(New York, NY, USA)(SACMAT ’22). Association for Computing Machinery, New York, NY, USA, 235–2...

    work page doi:10.1145/3532105.3535020 2022

  11. [11]

    Safwa Ameer, Ram Krishnan, Ravi Sandhu, and Maanak Gupta. 2023. Utilizing The DLBAC Approach Toward a ZT Score-based Authorization for IoT Systems.CODASPY 2023 - Proceedings of the 13th ACM Conference on Data and Application Security and Privacyunknown, unknown (4 2023), 283–285. doi:10.1145/3577923.3585046

    work page doi:10.1145/3577923.3585046 2023

  12. [12]

    Malak Annabi, Abdelhafid Zeroual, and Nadhir Messai. 2024. Towards zero trust security in connected vehicles: A comprehensive survey.Computers & Security145, unknown (oct 2024), 104018. doi:10.1016/j.cose.2024.104018

    work page doi:10.1016/j.cose.2024.104018 2024

  13. [13]

    Sinan Aral, Chrysanthos Dellarocas, and David Godes. 2013. Introduction to the Special Issue: Social Media and Business Transformation: A Framework for Research.Information Systems Research24, 1 (2013), 3–13. http://www.jstor.org/stable/42004266

    work page arXiv 2013

  14. [14]

    Samia Masood Awan, Muhammad Ajmal Azad, Junaid Arshad, Urooj Waheed, and Tahir Sharif. 2023. A Blockchain-Inspired Attribute-Based Zero-Trust Access Control Model for IoT.Information 2023, Vol. 14, Page 12914, unknown (2 2023), 129. Issue 2. doi:10.3390/INFO14020129

    work page doi:10.3390/info14020129 2023

  15. [15]

    Muhammad Ajmal Azad, Sidra Abdullah, Junaid Arshad, Harjinder Lallie, and Yussuf Hassan Ahmed. 2024. Verify and trust: A multidimensional survey of zero-trust security in the age of IoT.Internet of Thingsunknown, unknown (2024), 101227. doi:10.1016/j.iot.2024.101227

    work page doi:10.1016/j.iot.2024.101227 2024

  16. [16]

    Microsoft Azure. 2021. Zero Trust Cybersecurity for the Internet of Things. https://azure.microsoft.com/mediahandler/files/resourcefiles/zero- trust-cybersecurity-for-the-internet-of-things/Zero%20Trust%20Security%20Whitepaper_4.30_3pm.pdf

    2021

  17. [17]

    Barker, L

    E. Barker, L. Chen, D. Cooper, D. Moody, A. Regenscheid, M. Souppaya, B. Newhouse, R. Housley, S. Turner, W. Barker, and K. Scarfone. 2025. Considerations for Achieving Cryptographic Agility: Strategies and Practices. Technical Report 39. National Institute of Standards and Technology (NIST). https://csrc.nist.gov/pubs/cswp/39/considerations-for-achieving...

    2025

  18. [18]

    Tiago G. F. Barros, Eronides F. Da Silva Neto, João Alexandre Da Silva Neto, André G. M. De Souza, Vitor B. Aquino, and Erico S. Teixeira. 2022. The Anatomy of IoT Platforms—A Systematic Multivocal Mapping Study.IEEE Access10, unknown (2022), 72758–72772. doi:10.1109/ACCESS.2022. 3189660

    work page doi:10.1109/access.2022 2022

  19. [19]

    A systematic literature review on IoT gateways

    Gunjan Beniwal and Anita Singhrova. 2022. “A systematic literature review on IoT gateways”.Journal of King Saud University - Computer and Information Sciences34, 10, Part B (2022), 9541–9563. doi:10.1016/j.jksuci.2021.11.007

    work page doi:10.1016/j.jksuci.2021.11.007 2022

  20. [20]

    Laurent Bobelin. 2023. Zero Trust in the Context of IoT: Industrial Literature Review, Trends, and Challenges. InProceedings of the 30th Computer & Electronics Security Application Rendezvous Conference (C&ESAR 2023) co-located with the 8th European Cyber Week (ECW 2023), Rennes, France, November 21-22, 2023 (CEUR Workshop Proceedings, Vol. 3610), Gurvan ...

    2023

  21. [21]

    Christoph Buck, Christian Olenberger, André Schweizer, Fabiane Völter, and Torsten Eymann. 2021. Never trust, always verify: A multivocal literature review on current knowledge and research gaps of zero-trust.Computers & Security110, unknown (11 2021), 102436. doi:10.1016/J.COSE. 2021.102436 MLR for ZT<br/>didn’t mention iot in abstract, but SDP in keywords

    work page doi:10.1016/j.cose 2021

  22. [22]

    Claudio Bustos Navarrete, María Gabriela Morales Malverde, Pedro Salcedo Lagos, and Alejandro Díaz Mujica. 2018. Buhos: A web-based systematic literature review management software.SoftwareX7, unknown (2018), 360–372. doi:10.1016/j.softx.2018.10.004

    work page doi:10.1016/j.softx.2018.10.004 2018

  23. [23]

    Baozhan Chen, Siyuan Qiao, Jie Zhao, Dongqing Liu, Xiaobing Shi, Minzhao Lyu, Haotian Chen, Huimin Lu, and Yunkai Zhai. 2021. A Security Awareness and Protection System for 5G Smart Healthcare Based on Zero-Trust Architecture.IEEE Internet of Things Journal8, unknown (7 2021), 10248–10263. Issue 13. doi:10.1109/JIOT.2020.3041042 considered iot ?<br/>

    work page doi:10.1109/jiot.2020.3041042 2021

  24. [24]

    Zhiyu Chen, Longchuan Yan, Zitong Lü, Yanling Zhang, Yonghe Guo, Wenjing Liu, and Jiaxing Xuan. 2021. Research on Zero-trust Security Protection Technology of Power IoT based on Blockchain.Journal of Physics: Conference Series1769, unknown (1 2021), 012039. Issue 1. doi:10.1088/1742-6596/1769/1/012039 abstract doesn’t discuss ZT<br/>. Manuscript submitted...

    work page doi:10.1088/1742-6596/1769/1/012039 2021

  25. [25]

    Pietro Colombo, Elena Ferrari, and Engin Deniz Tumer. 2021. Access Control Enforcement in IoT: state of the art and open challenges in the Zero Trust era.Proceedings - 2021 3rd IEEE International Conference on Trust, Privacy and Security in Intelligent Systems and Applications, TPS-ISA 2021 unknown, unknown (2021), 156–163. doi:10.1109/TPSISA52974.2021.00018

    work page doi:10.1109/tpsisa52974.2021.00018 2021

  26. [26]

    Lorrie Faith Cranor. 2008. A Framework for Reasoning about Humans in Security Systems.Commun. ACM51, 4 (2008), 56–63. doi:10.1145/1330311. 1330320

    work page doi:10.1145/1330311 2008

  27. [27]

    Crowther

    Kenneth G. Crowther. 2024. Blending Shared Responsibility and Zero Trust to Secure the Industrial Internet of Things .IEEE Security & Privacy22, 05 (sep 2024), 96–102. doi:10.1109/MSEC.2024.3432208

    work page doi:10.1109/msec.2024.3432208 2024

  28. [28]

    Fred D. Davis. 1989. Perceived Usefulness, Perceived Ease of Use, and User Acceptance of Information Technology.MIS Quarterly13, 3 (1989), 319–340. doi:10.2307/249008

    work page doi:10.2307/249008 1989

  29. [29]

    Suparna Dhar and Indranil Bose. 2021. Securing IoT Devices Using Zero Trust and Blockchain.Journal of Organizational Computing and Electronic Commerce31, unknown (1 2021), 18–34. Issue 1. doi:10.1080/10919392.2020.1831870

    work page doi:10.1080/10919392.2020.1831870 2021

  30. [30]

    Theo Dimitrakos, Tezcan Dilshener, Alexander Kravtsov, Antonio La Marra, Fabio Martinelli, Athanasios Rizos, Alessandro Rosett, and Andrea Saracino. 2020. Trust aware continuous authorization for zero trust in consumer internet of things.Proceedings - 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications, T...

    work page arXiv 2020

  31. [31]

    Atefeh Mohseni Ejiyeh. 2023. Real-Time Lightweight Cloud-Based Access Control for Wearable IoT Devices: A Zero Trust Protocol. InProceedings of the First International Workshop on Security and Privacy of Sensing Systems. Association for Computing Machinery (ACM), New York, NY, USA, 22–29. doi:10.1145/3628356.3630118

    work page doi:10.1145/3628356.3630118 2023

  32. [32]

    Abla El Bekkali, Mohamed Essaaidi, Mohammed Boulmalf, and Driss el Majdoubi. 2022. Systematic Literature Review of Internet of Things (IoT) Security.Advances in Dynamical Systems and Applications16, unknown (01 2022), 1671–1692

    2022

  33. [33]

    European Parliament and Council of the European Union. 2016. Regulation (EU) 2016/679 of the European Parliament and of the Council of 27 April 2016 on the protection of natural persons with regard to the processing of personal data and on the free movement of such data, and repealing Directive 95/46/EC (General Data Protection Regulation). Official Journ...

    2016

  34. [34]

    Fabio Federici, Davide Martintoni, and Valerio Senni. 2023. A Zero-Trust Architecture for Remote Access in Industrial IoT Infrastructures.Electronics 2023, Vol. 12, Page 56612, unknown (1 2023), 566. Issue 3. doi:10.3390/ELECTRONICS12030566 in abstract they talk about perimiter.<br/>then in the article they discuss ZT<br/>and it is for Industrial IoT<br/>

    work page doi:10.3390/electronics12030566 2023

  35. [35]

    Pietro Ferrara, Amit K. R. Mandal, Agostino Cortesi, and Fausto Spoto. 2021. Static Analysis for Discovering IoT Vulnerabilities.International Journal on Software Tools for Technology Transfer23, unknown (2021), 71–88. doi:10.1007/s10009-020-00592-x

    work page doi:10.1007/s10009-020-00592-x 2021

  36. [36]

    Peng Gao, Longchuan Yan, Zhiyu Chen, Xingshen Wei, Liang Guo, and Rui Shi. 2021. Research on Zero-Trust Based Network Security Protection for Power Internet of Things.4th IEEE International Conference on Automation, Electronics and Electrical Engineering, AUTEEE 2021unknown, unknown (2021), 458–461. doi:10.1109/AUTEEE52864.2021.9668726

    work page doi:10.1109/auteee52864.2021.9668726 2021

  37. [37]

    Yuan Gao and Xinxin Lou. 2021. Operational Security Analysis and Challenge for IoT Solutions. doi:10.18420/inf2020_30

    work page doi:10.18420/inf2020_30 2021

  38. [38]

    Oscar Garcia-Morchon, Sandeep Kumar, and Mohit Sethi. 2019. Internet of Things (IoT) Security: State of the Art and Challenges. RFC 8576. doi:10.17487/RFC8576

    work page doi:10.17487/rfc8576 2019

  39. [39]

    2014.Usable Security: History, Themes, and Challenges

    Simson Garfinkel and Heather Richter Lipford. 2014.Usable Security: History, Themes, and Challenges. Morgan & Claypool Publishers, San Rafael, CA. doi:10.2200/S00594ED1V01Y201408SPT011

    work page doi:10.2200/s00594ed1v01y201408spt011 2014

  40. [40]

    Vahid Garousi, Michael Felderer, and Mika V. Mäntylä. 2016. The need for multivocal literature reviews in software engineering: complementing systematic literature reviews with grey literature. InProceedings of the 20th International Conference on Evaluation and Assessment in Software Engineering(Limerick, Ireland)(EASE ’16). Association for Computing Mac...

    work page doi:10.1145/2915970 2016

  41. [41]

    Vahid Garousi, Michael Felderer, and Mika V. Mäntylä. 2017. Guidelines for including the grey literature and conducting multivocal literature reviews in software engineering.CoRRabs/1707.02553, unknown (2017), 101–121. arXiv:1707.02553 https://www.sciencedirect.com/science/article/ pii/S0950584918301939

    work page arXiv 2017

  42. [43]

    Vahid Garousi, Michael Felderer, and Mika V. Mäntylä. 2019. Guidelines for including grey literature and conducting multivocal literature reviews in software engineering.Information and Software Technology106, unknown (2019), 101–121. doi:10.1016/j.infsof.2018.09.006

    work page doi:10.1016/j.infsof.2018.09.006 2019

  43. [44]

    Saeid Ghasemshirazi, Ghazaleh Shirvani, and Mohammad Ali Alipour. 2023. Zero Trust: Applications, Challenges, and Opportunities. arXiv:2309.03582 [cs.CR] https://arxiv.org/abs/2309.03582

    work page arXiv 2023

  44. [45]

    2017.Zero Trust Networks: Building Secure Systems in Untrusted Networks(first ed.)

    Evan Gilman and Doug Barth. 2017.Zero Trust Networks: Building Secure Systems in Untrusted Networks(first ed.). O’Reilly Media, Sebastopol, CA. https://www.amazon.fr/Zero-Trust-Networks-Building-Untrusted/dp/1491962194

    work page arXiv 2017

  45. [46]

    Morgan Morgak Gofwen, Bartholomew Idoko, and John Bush Idoko. 2023. Application of Zero-Trust Networks in e-Health Internet of Things (IoT) Deployments.Studies in Computational Intelligence1115, unknown (2023), 209–233. doi:10.1007/978-3-031-42924-8_14/COVER in abstract they didn’t discuss zero trust

    work page doi:10.1007/978-3-031-42924-8_14/cover 2023

  46. [47]

    Google. 2023. BeyondCorp. Retrieved 2023 from https://cloud.google.com/beyondcorp Manuscript submitted to ACM Submitted to ACM CSUR 22 Mariam Wehbe and Laurent Bobelin

    2023

  47. [48]

    Chenchen Han, Gwang-Jun Kim, Osama Alfarraj, Amr Tolba, and Yongjun Ren. 2022. ZT-BDS: A Secure Blockchain-based Zero-trust Data Storage Scheme in 6G Edge IoT.Journal of Internet Technology23, unknown (3 2022), 289–295. Issue 2. doi:10.53106/160792642022032302009

    work page doi:10.53106/160792642022032302009 2022

  48. [49]

    Xiaohan Hao, Wei Ren, Ruoting Xiong, Tianqing Zhu, and Kim Kwang Raymond Choo. 2021. Asymmetric cryptographic functions based on generative adversarial neural networks for Internet of Things.Future Generation Computer Systems124, unknown (11 2021), 243–253. doi:10.1016/J.FUTURE.2021.05.030

    work page doi:10.1016/j.future.2021.05.030 2021

  49. [50]

    Zhi hua Wang, Ming hui Jin, Lin Jiang, Chen jia Feng, Jing yi Cao, and Zhang Yun. 2023. Secure Access Method of Power Internet of Things Based on Zero Trust Architecture.Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)13969 LNCS, unknown (2023), 386–399. doi:10.1007/978-3-...

    work page doi:10.1007/978-3-031-36625-3_31/cover 2023

  50. [51]

    Wenhua Huang, Xuemin Xie, Ziying Wang, and Jingyu Feng. 2023. A Zero Trust and Attribute-Based Encryption Scheme for Dynamic Access Control in Power IoT Environments.Lecture Notes on Data Engineering and Communications Technologies153, unknown (2023), 1338–1345. doi:10.1007/978-3-031-20738-9_145/COVER

    work page doi:10.1007/978-3-031-20738-9_145/cover 2023

  51. [52]

    Wenhua Huang, Xuemin Xie, Ziying Wang, Jing Yu Feng, Gang Han, and Wenbo Zhang. 2023. ZT-Access: A combining zero trust access control with attribute-based encryption scheme against compromised devices in power IoT environments.Ad Hoc Networks145, unknown (6 2023), 103161. doi:10.1016/J.ADHOC.2023.103161

    work page doi:10.1016/j.adhoc.2023.103161 2023

  52. [53]

    Cornelius Itodo and Murat Ozer. 2024. Multivocal literature review on zero-trust security implementation.Computers & Security141, unknown (2024), 103827. doi:10.1016/j.cose.2024.103827

    work page doi:10.1016/j.cose.2024.103827 2024

  53. [54]

    Jithin Jagannath, Keyvan Ramezanpour, and Anu Jagannath. 2022. Digital Twin Virtualization with Machine Learning for IoT and Beyond 5G Networks: Research Directions for Security and Optimal Control.WiseML 2022 - Proceedings of the 2022 ACM Workshop on Wireless Security and Machine Learningunknown, unknown (5 2022), 81–86. doi:10.1145/3522783.3529519

    work page doi:10.1145/3522783.3529519 2022

  54. [55]

    LAKSHMI JAIN

    SMITA. LAKSHMI JAIN. 2023.IOT AND OT SECURITY HANDBOOK assess risk, manage vulnerability, monitor and mitigate threat with... microsoft defender for iot.PACKT PUBLISHING LIMITED, Birmingham, UK

    2023

  55. [56]

    Kailash, Yuvaraj, and Saswati Mukherjee

    S. Kailash, Yuvaraj, and Saswati Mukherjee. 2023. Zero Trust Framework in Integrated Cloud Edge IoT Environment.Lecture Notes in Electrical Engineering1021 LNEE, unknown (2023), 331–342. doi:10.1007/978-981-99-1051-9_21/COVER

    work page doi:10.1007/978-981-99-1051-9_21/cover 2023

  56. [57]

    Hongzhaoning Kang, Gang Liu, Quan Wang, Lei Meng, and Jing Liu. 2023. Theory and Application of Zero Trust Security: A Brief Survey.Entropy 25, 12 (2023), unknown. doi:10.3390/e25121595

    work page doi:10.3390/e25121595 2023

  57. [58]

    Pearl Brereton, David Budgen, Mark Turner, John Bailey, and Stephen Linkman

    Barbara Kitchenham, O. Pearl Brereton, David Budgen, Mark Turner, John Bailey, and Stephen Linkman. 2009. Systematic literature reviews in software engineering – A systematic literature review.Information and Software Technology51, 1 (2009), 7–15. doi:10.1016/j.infsof.2008.09.009 Special Section - Most Cited Articles in 2002 and Regular Research Papers

    work page doi:10.1016/j.infsof.2008.09.009 2009

  58. [59]

    Nobuhiro Kobayashi. 2023. Zero Trust Security Framework for IoT Actuators.Proceedings - International Computer Software and Applications Conference2023-June, unknown (2023), 1285–1292. doi:10.1109/COMPSAC57700.2023.00195

    work page doi:10.1109/compsac57700.2023.00195 2023

  59. [60]

    Vijaya Bhaskar Kondaveety, Hemraj Lamkuche, and Suneel Prasad. 2022. A zero trust architecture for next generation automobiles.AIP Conference Proceedings2519, unknown (10 2022), unknown. Issue 1. doi:10.1063/5.0110599/2828650 sensors connected to automobiles, cars are considered iot ?<br/>

    work page doi:10.1063/5.0110599/2828650 2022

  60. [61]

    Djamel Eddine Kouicem, Abdelmadjid Bouabdallah, and Hicham Lakhlef. 2018. Internet of things security: A top-down survey.Computer Networks 141, unknown (2018), 199–221. doi:10.1016/j.comnet.2018.03.012

    work page doi:10.1016/j.comnet.2018.03.012 2018

  61. [62]

    Yun Kyung Lee, Young Ho Kim, and Jeong Nyeo Kim. 2021. IoT standard platform architecture that provides defense against DDoS attacks. 2021 IEEE International Conference on Consumer Electronics-Asia, ICCE-Asia 2021unknown, unknown (2021), unknown. doi:10.1109/ICCE- ASIA53811.2021.9641892

    work page doi:10.1109/icce- 2021

  62. [63]

    Wenxin Lei, Zhibo Pang, Hong Wen, Wenjing Hou, and Wen Li. 2023. Physical Layer Enhanced Zero-Trust Security for Wireless Industrial Internet of Things.IEEE Transactions on Industrial InformaticsPP, unknown (2023), 1–10. doi:10.1109/TII.2023.3321106

    work page doi:10.1109/tii.2023.3321106 2023

  63. [64]

    Shancang Li. 2019. Editorial: Zero Trust based Internet of Things.EAI Endorsed Transactions on Internet of Things5, unknown (10 2019), e1–e1. Issue 20. doi:10.4108/EAI.5-6-2020.165168

    work page doi:10.4108/eai.5-6-2020.165168 2019

  64. [65]

    Shan Li, Muddesar Iqbal, and Neetesh Saxena. 2022. Future Industry Internet of Things with Zero-trust Security.Information Systems Frontiers unknown, unknown (3 2022), 1–14. doi:10.1007/S10796-021-10199-5/FIGURES/6

    work page doi:10.1007/s10796-021-10199-5/figures/6 2022

  65. [66]

    Shancang Li, Surya Nepal, Theo Tryfonas, and Hongwei Li. 2023. Blockchain-based Zero Trust Cybersecurity in the Internet of Things.ACM Transactions on Internet Technology23, unknown (8 2023), unknown. Issue 3. doi:10.1145/3594535 regarder les differents articles sur le lien<br/>

    work page doi:10.1145/3594535 2023

  66. [67]

    Zhenyu Li, Yong Ding, Honghao Gao, Bo Qu, Yujue Wang, and Jun Li. 2023. A Highly Compatible Verification Framework with Minimal Upgrades to Secure an Existing Edge Network.ACM Transactions on Internet Technology23, unknown (8 2023), unknown. Issue 3. doi:10.1145/3511901

    work page doi:10.1145/3511901 2023

  67. [68]

    Chunwen Liu, Ru Tan, Yang Wu, Yun Feng, Ze Jin, Fangjiao Zhang, Yuling Liu, and Qixu Liu. 2024. Dissecting zero trust: research landscape and its implementation in IoT.Cybersecurity7, 1 (03 May 2024), 20. doi:10.1186/s42400-024-00212-0

    work page doi:10.1186/s42400-024-00212-0 2024

  68. [69]

    Yizhi Liu, Xiaohan Hao, Wei Ren, Ruoting Xiong, Tianqing Zhu, Kim Kwang Raymond Choo, and Geyong Min. 2023. A Blockchain-Based Decentralized, Fair and Authenticated Information Sharing Scheme in Zero Trust Internet-of-Things.IEEE Trans. Comput.72, unknown (2 2023), 501–512. Issue 2. doi:10.1109/TC.2022.3157996

    work page doi:10.1109/tc.2022.3157996 2023

  69. [70]

    Yizhong Liu, Xinxin Xing, Ziheng Tong, Xun Lin, Jing Chen, Zhenyu Guan, Qianhong Wu, and Willy Susilo. 2023. Secure and Scalable Cross-Domain Data Sharing in Zero-Trust Cloud-Edge-End Environment Based on Sharding Blockchain.IEEE Transactions on Dependable and Secure Computing unknown, unknown (2023), unknown. doi:10.1109/TDSC.2023.3313799 ?<br/>ZT is jus...

    work page doi:10.1109/tdsc.2023.3313799 2023

  70. [71]

    Lund, Tae-Hee Lee, Ziang Wang, Ting Wang, and Nishith Reddy Mannuru

    Brady D. Lund, Tae-Hee Lee, Ziang Wang, Ting Wang, and Nishith Reddy Mannuru. 2024. Zero Trust Cybersecurity: Procedures and Considerations in Context.Encyclopedia4, 4 (2024), 99. doi:10.3390/encyclopedia4040099

    work page doi:10.3390/encyclopedia4040099 2024

  71. [72]

    Juan Luis López Delgado and Juan Antonio López Ramos. 2024. A Comprehensive Survey on Generative AI Solutions in IoT Security.Electronics 13, 24 (2024), unknown. doi:10.3390/electronics13244965

    work page doi:10.3390/electronics13244965 2024

  72. [73]

    Lei Meng, Daochao Huang, Jiahang An, Xianwei Zhou, and Fuhong Lin. 2022. A continuous authentication protocol without trust authority for zero trust architecture.China Communicationsunknown, unknown (2022), unknown. doi:10.23919/JCC.2022.08.015 they used the term device<br/>is it iot considered ?

    work page doi:10.23919/jcc.2022.08.015 2022

  73. [74]

    Asokan, Ahmad-Reza Sadeghi, and Sasu Tarkoma

    Markus Miettinen, Samuel Marchal, Ibbad Hafeez, N. Asokan, Ahmad-Reza Sadeghi, and Sasu Tarkoma. 2017. IoT SENTINEL: Automated Device-Type Identification for Security Enforcement in IoT. InProceedings of the 37th IEEE International Conference on Distributed Computing Systems (ICDCS). IEEE, New York City, USA, 2177–2184. doi:10.1109/ICDCS.2017.283 demo / e...

    work page doi:10.1109/icdcs.2017.283 2017

  74. [75]

    Huda Hussein Mohamad Jawad, Zainuddin Bin Hassan, Bilal Bahaa Zaidan, Farah Hussein Mohammed Jawad, Duha Husein Mohamed Jawad, and Wajdi Hamza Dawod Alredany. 2022. A Systematic Literature Review of Enabling IoT in Healthcare: Motivations, Challenges, and Recommendations. Electronics11, 19 (2022), unknown. doi:10.3390/electronics11193223

    work page doi:10.3390/electronics11193223 2022

  75. [76]

    Saubhagya Munasinghe, Nuwan Piyarathna, Erandana Wijerathne, Upul Jayasinghe, and Suneth Namal. 2023. Machine Learning Based Zero Trust Architecture for Secure Networking.2023 IEEE 17th International Conference on Industrial and Information Systems, ICIIS 2023 - Proceedings unknown, unknown (2023), 365–370. doi:10.1109/ICIIS58898.2023.10253610

    work page doi:10.1109/iciis58898.2023.10253610 2023

  76. [77]

    2020.National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity (NIST SP 800-181, Rev

    National Institute of Standards and Technology. 2020.National Initiative for Cybersecurity Education (NICE) Workforce Framework for Cybersecurity (NIST SP 800-181, Rev. 1). Technical Report. U.S. Department of Commerce, Gaithersburg, MD. doi:10.6028/NIST.SP.800-181r1 NIST Special Publication 800-181 Revision 1

    work page doi:10.6028/nist.sp.800-181r1 2020

  77. [78]

    2020.NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management

    National Institute of Standards and Technology. 2020.NIST Privacy Framework: A Tool for Improving Privacy through Enterprise Risk Management. Technical Report. U.S. Department of Commerce, Gaithersburg, MD. doi:10.6028/NIST.CSWP.01162020

    work page doi:10.6028/nist.cswp.01162020 2020

  78. [79]

    2003.Implementing Machine Learning to achieve dynamic Zero-Trust Intrusion Detection Systems (ZT-IDS) in 5G based IoT Networks

    Mohamed G Nour. 2003.Implementing Machine Learning to achieve dynamic Zero-Trust Intrusion Detection Systems (ZT-IDS) in 5G based IoT Networks. Ph. D. Dissertation. The School of Engineering and Applied Science of The George Washington University

    2003

  79. [81]

    Yangchen Palmo, Shigeaki Tanimoto, Hiroyuki Sato, and Atsushi Kanai. 2023. Optimal Federation Method for Embedding Internet of Things in Software-Defined Perimeter.IEEE Consumer Electronics Magazine12, unknown (9 2023), 68–75. Issue 5. doi:10.1109/MCE.2022.3207862

    work page doi:10.1109/mce.2022.3207862 2023

  80. [82]

    PaloAlto. 2022. The Right Approach to Zero Trust Security for Enterprise IoT Devices. https://www.paloaltonetworks.com/resources/whitepapers/ right-approach-zero-trust-iot

    2022

Showing first 80 references.