Go to OpenReview Archive homepageContext-Aware Multi- Factor Authentication in Zero Trust Architecture: Enhancing Security Through Adaptive Authentication
Abstract: Zero Trust Architecture (ZTA) signifies a fundamental change in cybersecurity by implementing stringent
identity authentication and ongoing surveillance at every access point. Multi-Factor Authentication (MFA) is
essential in this framework by introducing additional layers of identity verification apart from standard
credentials. Nonetheless, conventional MFA methods are not context-aware, depending on fixed and
predetermined criteria that do not adjust to changing environments or new threats. This constraint leads to
inefficiencies, like user fatigue from too many prompts, and vulnerabilities when specific contextual risks are
overlooked.
This paper explores the incorporation of Context-Aware MFA into ZTA frameworks, utilizing contextual
elements like user behavior, device status, geographical location, access habits, and network conditions.
Context-aware systems facilitate adaptive authentication that flexibly modifies the rigor of MFA according to
live risk evaluations. For example, a user accessing sensitive resources via an untrusted network might initiate
extra authentication measures, whereas access from a confirmed device on a secure network could lessen
friction.
The research examines new technologies, such as artificial intelligence and machine learning, that improve
contextual risk analysis, as well as the real-world difficulties in implementing these solutions widely. The
suggested method connects security and usability, guaranteeing that ZTA implementations provide strong threat
protection while maintaining a positive user experience. By doing this, organizations can successfully tackle
emerging attack methods, like social engineering and credential theft, while following the fundamental ZTA
principle: “trust no one, verify everything.”
Loading