Next-generation secure authentication and access control architectures: advanced techniques for securing distributed systems in modern enterprises
DOI:
https://doi.org/10.22399/ijcesen.3294Keywords:
Secure Authentication, Access Control, Zero Trust Architecture, Distributed Systems Security, Cyber Threat MitigationAbstract
With the move of enterprises toward cloud computing, the Internet of Things (IoT) and distributed digital ecosystems, traditional authentication and access control mechanisms like Role-Based Access Control (RBAC) and static Multi Factor Authentication (MFA), are not meeting the mark. This paper reviews next-generation authentication and access-control designs, including Zero Trust, Attribute-Based Access Control (ABAC), and risk-adaptive policies and examines how contextual authentication, continuous identity verification, and emerging technologies such as AI-powered risk assessments, privacy-preserving identity authentication, and decentralized identity models can be integrated. This paper also details ways in which AI has been utilized to power dynamic, risk adaptive mechanisms that can use real time contextual data such as user behaviour, device health and threat level to adjust permissions levels accordingly. Improvements in security, usability, scalability and adaptability are shown in comparative analyses with traditional models. In addition, the review describes the means by which policymakers and industry practitioners can derive implications from the research and provides future research and deployment strategies to be considered. This paper synthesizes recent advancements towards more predictive and resilient authentication frameworks with a goal to enable development of such authentication approaches to help reduce sophisticated cyber threats in distributed systems while supporting industry specific regulatory compliance.
References
[1] AarchTIS. (2014). The tip of the ABAC iceberg? Trusted Information Sharing as the broader architectural context for guiding and managing the implementation of Attribute Based Access Control (ABAC) [White paper].
[2] Alzubaidi, A., & Kalita, J. (2016). Authentication of smartphone users using behavioral biometrics. IEEE Communications Surveys & Tutorials, 18(3), 1998–2026. https://doi.org/10.1109/COMST.2016.2560822
[3] Anderson, R., & Böhme, R. (2013). Identity management: A foundational element of cybersecurity. Communications of the ACM, 56(11), 42–47. https://doi.org/10.1145/2500463.2500472
[4] Asmar, M., & Tuqan, A. (2024). Integrating machine learning for sustaining cybersecurity in digital banks. Information Systems Frontiers. (Forthcoming). https://doi.org/10.1007/s10796-024-10000-0
[5] Dhiman, P., Saini, N., Gulzar, Y., Turaev, S., Kaur, A., Nisa, K. U., & Hamid, Y. (2024). A review and comparative analysis of relevant approaches of Zero Trust network model. Sensors, 24(4), 1328. https://doi.org/10.3390/s24041328
[6] Doerfler, P., Thomas, K., Marincenko, M., Ranieri, J., Jiang, Y., Moscicki, A., & McCoy, D. (2019). Evaluating login challenges as a defense against account takeover. Proceedings of the 2019 World Wide Web Conference (WWW ’19) (pp. 372–382). ACM. https://doi.org/10.1145/3308558.3313666
[7] EdgeNext. (2025, Mart 11). Emerging standards for IoT device authentication in smart factories. EdgeNext Blog. https://edgenext.io/blog/emerging-standards-iot-authentication
[8] EdgeNext. (2025, Mart 11). Zero Trust architecture for IoT in smart factories. EdgeNext Blog. https://edgenext.io/blog/zero-trust-iot
[9] Elrefaei, L., Abddalla, M., & Mahdy, Y. B. (2023). Enhanced multimodal biometric recognition in smart environments using deep learning. Sensors, 23(5), 2112. https://doi.org/10.3390/s23052112
[10] Entrust. (2023, Eylül 13). Zero Trust architecture: Strengthening user authentication and access management. Entrust Blog. https://www.entrust.com/blog/zero-trust-architecture-authentication
[11] Express Computer. (2025, Mart 7). Next-generation authentication systems for digital payment platforms. Express Computer. https://www.expresscomputer.in/digital-payments
[12] FIDO Alliance. (2018, Kasım 15). Case study: Aetna advances user authentication based on the FIDO standard. https://fidoalliance.org/case-study/aetna-fido-authentication
[13] FIDO Alliance. (2018, Kasım 15). Case study: Aetna – Behavior-based security with continuous authentication [Results section]. https://fidoalliance.org/case-study/aetna-continuous-authentication
[14] Ghaffari, F., Bertin, E., Crespi, N., & Hatin, J. (2023). Distributed ledger technologies for authentication and access control in networking applications: A comprehensive survey. Computer Science Review, 50, 100590. https://doi.org/10.1016/j.cosrev.2023.100590
[15] Google. (2016). BeyondCorp: A new approach to enterprise security. ;login: The USENIX Magazine, 41(1), 6–11. https://www.usenix.org/publications/login/dec16/beeyondcorp
[16] Google. (n.d.). BeyondCorp Zero Trust enterprise security. Google Cloud. https://cloud.google.com/beyondcorp
[17] Hu, V. C., Ferraiolo, D., Kuhn, R., Schnitzer, A., Sandlin, K., Miller, R., & Scarfone, K. (2014). Guide to attribute based access control (ABAC) definition and considerations (NIST SP 800-162). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-162
[18] Hu, V. C., Kuhn, D. R., & Ferraiolo, D. F. (2018). Access control for emerging distributed systems. IEEE Computer, 51(10), 100–103. https://doi.org/10.1109/MC.2018.3971238
[19] Hulatt, L. (2024, Kasım 8). Attribute-based access control: Explained & policy. Vaia Academy. https://vaia.academy/abac-policy-explained
[20] Hussain, S., & others. (2023). A review of multi-factor authentication in the Internet of Healthcare Things. Digital Health, 9, 1–13. https://doi.org/10.1177/20552076231184567
[21] IBM Security, & Ponemon Institute. (2021). Cost of a data breach report 2021. Armonk, NY: IBM Security.
[22] Kokila, M., & Reddy, K. S. (2025). Authentication, access control and scalability models in Internet of Things security – A review. Cyber Security and Applications, 3, 100057. https://doi.org/10.1016/j.csa.2025.100057
[23] Kwang, G. X. Y., Yap, R. H. C., Sim, T., & Ramnath, R. (2009). An usability study of continuous biometrics authentication. Third International Conference on Advances in Biometrics (ICB 2009) (pp. 828–837). Springer. https://doi.org/10.1007/978-3-642-03435-6_80
[24] Kosmos. (n.d.). How federated identity management (FIM) works. 1Kosmos Digital Identity 101. https://1kosmos.com/federated-identity-management
[25] Microsoft. (2023). Conditional access in Microsoft Entra (Azure AD) – Overview. Microsoft Learn. https://learn.microsoft.com/entra/conditional-access-overview
[26] Mitek Systems. (2022). A comprehensive overview of multimodal biometrics: The future of digital security and privacy. Mitek Blog. https://www.miteksystems.com/blog/multimodal-biometrics-overview
[27] National Institute of Standards and Technology. (2022). Policy machine and next generation access control (NIST Identity & Access Management Project). https://idm.nist.gov/pm
[28] OWASP Foundation. (2021). OWASP Top 10 – 2021: The 10 most critical web application security risks. https://owasp.org/www-project-top-ten/
[29] Ping Identity Corporation. (n.d.-a). Centralized identity standards (OAuth, OpenID Connect, SAML). https://www.pingidentity.com/en/resources/identity-standards.html
[30] Ping Identity Corporation. (n.d.-b). Zero Trust security. https://www.pingidentity.com/en/resources/zero-trust.html
[31] Raj. (2025, Ocak 16). Policy enforcement point (PEP). AppSentinels Academy. https://appsentinels.com/blog/pep-role
[32] Ragothaman, K., Wang, Y., Rimal, B., & Lawrence, M. (2023). Access control for IoT: A survey of existing research, dynamic policies and future directions. Sensors, 23(4), 1805. https://doi.org/10.3390/s23041805
[33] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust architecture (NIST SP 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207
[34] Servos, D., & Osborn, S. L. (2017). Current research and open problems in attribute-based access control. ACM Computing Surveys, 49(4), Article 79. https://doi.org/10.1145/3127322
[35] Suleski, T., Heartfield, R., & Merabti, M. (2023). Adaptive multi-factor authentication in IoHT: A data taxonomy. Journal of Medical Internet Research, 25(1), e44114. https://doi.org/10.2196/44114
[36] Thales Group. (n.d.). Behavioral biometrics and biometrics in payment cards: Beyond the PIN and password. Thales eSecurity Blog. https://blog.thalesesecurity.com/behavioral-biometrics-payment-cards
[37] Tripwire. (2024, Ağustos 19). 10 authentication trends in 2024 and beyond. State of Security Blog. https://www.tripwire.com/state-of-security/10-authentication-trends-2024
[38] Trnka, M., Abdelfattah, A. S., Shrestha, A., Coffey, M., & Cerny, T. (2022). Systematic review of authentication and authorization advancements for the Internet of Things. Sensors, 22(4), 1361. https://doi.org/10.3390/s22041361
[39] Verizon Enterprise. (2020). Data breach investigations report, 2020.
[40] Weston, M. (2024, Kasım 26). Unlocking the future: 5 game-changing benefits of next-gen IAM. Kyndryl. https://www.kyndryl.com/blog/next-gen-iam-benefits
[41] Westin, M. (2024, Kasım 26). Unlocking the future: 5 game-changing benefits of next-gen IAM. Kyndryl. https://www.kyndryl.com/blog/next-gen-iam-benefits
[42] Dhiman, P., Saini, N., Gulzar, Y., Turaev, S., Kaur, A., Nisa, K. U., & Hamid, Y. (2024). A review and comparative analysis of relevant approaches of Zero Trust network model. Sensors, 24(4), 1328. https://doi.org/10.3390/s24041328
Downloads
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 International Journal of Computational and Experimental Science and Engineering
This work is licensed under a Creative Commons Attribution 4.0 International License.
