Titlebar

Export bibliographic data
Literature by the same author
plus on the publication server
plus at Google Scholar

 

Never Trust, Always Verify : A Multivocal Literature Review on Current Knowledge and Research Gaps of Zero-trust

Title data

Buck, Christoph ; Olenberger, Christian ; Schweizer, André ; Völter, Fabiane ; Eymann, Torsten:
Never Trust, Always Verify : A Multivocal Literature Review on Current Knowledge and Research Gaps of Zero-trust.
In: Computers & Security. Vol. 110 (August 2021) . - No. 102436.
ISSN 0167-4048
DOI: https://doi.org/10.1016/j.cose.2021.102436

Project information

Project title:
Project's official titleProject's id
Projektgruppe WI IT-Sicherheit und DatenschutzNo information

Abstract in another language

In response to weaknesses of current network security solutions, the zero-trust model follows the idea that no network – whether internal or external – is trustworthy. The concept of zero-trust is enjoying increasing attention in both research and practice due to its promise to fulfil complex new network security requirements. Despite zero-trust’s advantages over traditional solutions, it has not yet succeeded in replacing existing approaches. Uncertainty remains regarding the concept’s distinct benefits and drawbacks for organisations and individuals, which hinders a holistic understanding of zero-trust and wide-spread adoption. Research can make valuable contributions to the field by systematically providing new insights into zero-trust. To support researchers in this endeavour, we aim to consolidate the current state of the knowledge about zero-trust and to identify gaps in the literature. Thus, we conduct a multivocal literature review, analysing both academic and practice-oriented publications. We develop a research framework for zero-trust to structure the identified literature and to highlight future research avenues. Our results show that the academic literature has focused mainly on the architecture and performance improvements of zero-trust. In contrast, the practice-oriented literature has focused on organisational advantages of zero-trust and on potential migration strategies. However, economic analyses and user-related studies have been neglected by both academia and practice. Future research may rely on our findings to advance the field in meaningful ways.

Further data

Item Type: Article in a journal
Refereed: Yes
Keywords: Zero-trust; Network security; Access control; Software-defined perimeter; SDP; Multivocal literature review
Institutions of the University: Faculties > Faculty of Law, Business and Economics > Department of Business Administration
Faculties > Faculty of Law, Business and Economics > Department of Business Administration > Chair Business Administration VII - Information Systems Management
Faculties > Faculty of Law, Business and Economics > Department of Business Administration > Chair Business Administration VII - Information Systems Management > Chair Business Administration VII - Information Systems Management - Univ.-Prof. Dr. Torsten Eymann
Research Institutions
Research Institutions > Affiliated Institutes
Research Institutions > Affiliated Institutes > Fraunhofer Project Group Business and Information Systems Engineering
Research Institutions > Affiliated Institutes > FIM Research Center Finance & Information Management
Result of work at the UBT: Yes
DDC Subjects: 000 Computer Science, information, general works > 004 Computer science
300 Social sciences > 330 Economics
Date Deposited: 14 Sep 2021 08:48
Last Modified: 14 Sep 2021 08:48
URI: https://eref.uni-bayreuth.de/id/eprint/67021