Review Article

A Survey on Zero Trust Architecture: Challenges and Future Trends

Table 2

Different technical methods used by authentication protocols.

LiteratureMethodsContinuous authenticationMultifactor authenticationStrengthsWeakness

Kothmayr et al. [20]Datagram Transport Layer Security (DTLS) protocol, RSA-based asymmetric encryption, X.509 authenticationNoNoThe system architecture follows the IoT model and inherits the security properties of UDP.The protocol has eight handshakes, which is computationally expensive
Verma et al. [21]CertificateYesNoThe protocol has better performance in terms of throughput, end-to-end delay, and packet loss. Has a small amount of computation and communication overheadNo discussion of resilience to foreign attacks
Kumar and Gandhi [22]Certificateļ¼Œ Advanced Encryption Standard Counter and Cipher Block Chain Message Authentication Code (AESCCM), Elliptic Curve Digital Signature Algorithm (ECDSA)NoNoOvercome the denial of service attack server vulnerable to DTLS protocolThis protocol is used in medical and health monitoring, but the collected body information is not used for identity authentication, but only as transmitted data information.
Shivraj et al. [23]Elliptic Curve Cryptographic (ECC)NoTwo-factorThe protocol is scalable, with small keys and robustnessAs the size of the OTP increases, the computational complexity also increases, and the time consumption increases significantly
Kumar et al. [24]Symmetric key, hash functionNoNoThe scheme provides important security properties, including protection against a variety of common attacks, such as denial of service attacks and eavesdropping attacksPreliminary evaluation and feasibility testing was carried out through the implementation of the proof of concept
Syed et al. [25]CryptographyYesNoThe protocol can be adapted to devices with limited computing and storage resourcesDifficulties in measuring Channel State Information (CSI) for heterogeneous IoT devices
Gope and Hwang [26]Hash function, XORYesNoThe protocol provides more security features under the premise of ensuring less computational overhead, with anonymity and nontraceabilitySecurity analysis is just a proof by means of theoretical analysis
Ying and Nayak [27]Hash function, XORNoNoAn efficient password modification phase that does not rely on TA (trusted authority) and third-party servers is proposed, which can resist offline password guessing attacks.There is no reasonable extension of the protocol, and the protocol is insecure against offline identity guessing attacks, session link attacks, and replay attacks
Chen et al. [28]Hash function, XORNoNoFixed the security vulnerability found in [27]The protocol only uses the iPhone as a test platform.