Zero Trust Model Implementation Considerations in Financial Institutions: A Proposed Framework
Daah, Clement
Daah, Clement
Publication Date
2023-01-01
End of Embargo
Supervisor
Rights
© 2023 IEEE. Reproduced in accordance with the publisher's self-archiving policy.
Peer-Reviewed
Yes
Open Access status
openAccess
Accepted for publication
Institution
Department
Awarded
Embargo end date
Additional title
Abstract
The finance industry faces an evolving threat landscape and increasing regulatory obligations, necessitating a comprehensive security framework. This paper proposes implementing the Zero Trust model in financial institutions, focusing on data protection, Identity and Access Management (IAM), and device and network security. The framework is evaluated through the development of a demo bank app, and its effectiveness in addressing security challenges is discussed. The IAM component demonstrates robust authentication and authorization processes, while device and network security measures protect against internal and external threats. Data protection mechanisms ensure the confidentiality and integrity of sensitive information. The implementation highlights strengths in comprehensive coverage and effective integration of security measures. Challenges include integration with legacy systems and managing the user experience. Insights and recommendations are provided. This framework enables financial institutions to establish a robust security framework, mitigating cyber threats and enhancing consumer trust.
Version
Accepted manuscript
Citation
Daah C, Qureshi A and Irfan A (2023) Zero Trust Model Implementation Considerations in Financial Institutions: A Proposed Framework. In: 10th International Conference on Future Internet of Things and Cloud (FiCloud) Marrakesh, Morocco 14-16 August 2023. IEEE. pp. 71-77.
Link to publisher’s version
Link to published version
Link to Version of Record
Type
Conference paper