A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls
The rapid advancement of technology and increasing data utilisation have underscored the need for new models to manage and secure big data effectively. However, the constraints of isolated network environments and the limitations of existing security frameworks hinder the adoption of cutting-edge te...
Saved in:
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
MDPI AG
2025-01-01
|
| Series: | Applied Sciences |
| Subjects: | |
| Online Access: | https://www.mdpi.com/2076-3417/15/2/785 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| _version_ | 1832589176830164992 |
|---|---|
| author | Jun-Hyung Park Sung-Chae Park Heung-Youl Youm |
| author_facet | Jun-Hyung Park Sung-Chae Park Heung-Youl Youm |
| author_sort | Jun-Hyung Park |
| collection | DOAJ |
| description | The rapid advancement of technology and increasing data utilisation have underscored the need for new models to manage and secure big data effectively. However, the constraints of isolated network environments and the limitations of existing security frameworks hinder the adoption of cutting-edge technologies such as AI and cloud computing, as well as the safe utilisation of data. To address these challenges, this study proposes an enhanced security model that integrates the concepts of Multi-Level Security (MLS) and Zero Trust (ZT). The proposed model classifies data into the following three sensitivity levels: “Classified”, “Sensitive”, and “Open”. It applies tailored security requirements and dynamic controls to each level, enhancing both data security and usability. Furthermore, the model overcomes the static access control limitations of MLS by incorporating ZT’s automated dynamic access capabilities, significantly improving responsiveness to anomalous behaviours. This study contributes to the design and evaluation of a new security model that ensures secure data protection and utilisation, even in isolated network environments such as those of military and governmental organisations. It also provides a foundation for the future development of advanced security frameworks. |
| format | Article |
| id | doaj-art-3c694089f9614d7c8fe9a47eaffe9517 |
| institution | Kabale University |
| issn | 2076-3417 |
| language | English |
| publishDate | 2025-01-01 |
| publisher | MDPI AG |
| record_format | Article |
| series | Applied Sciences |
| spelling | doaj-art-3c694089f9614d7c8fe9a47eaffe95172025-01-24T13:20:49ZengMDPI AGApplied Sciences2076-34172025-01-0115278510.3390/app15020785A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security ControlsJun-Hyung Park0Sung-Chae Park1Heung-Youl Youm2Department of Information Security Engineering, Soonchunhyang University, Asan 31538, Republic of KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, Republic of KoreaDepartment of Information Security Engineering, Soonchunhyang University, Asan 31538, Republic of KoreaThe rapid advancement of technology and increasing data utilisation have underscored the need for new models to manage and secure big data effectively. However, the constraints of isolated network environments and the limitations of existing security frameworks hinder the adoption of cutting-edge technologies such as AI and cloud computing, as well as the safe utilisation of data. To address these challenges, this study proposes an enhanced security model that integrates the concepts of Multi-Level Security (MLS) and Zero Trust (ZT). The proposed model classifies data into the following three sensitivity levels: “Classified”, “Sensitive”, and “Open”. It applies tailored security requirements and dynamic controls to each level, enhancing both data security and usability. Furthermore, the model overcomes the static access control limitations of MLS by incorporating ZT’s automated dynamic access capabilities, significantly improving responsiveness to anomalous behaviours. This study contributes to the design and evaluation of a new security model that ensures secure data protection and utilisation, even in isolated network environments such as those of military and governmental organisations. It also provides a foundation for the future development of advanced security frameworks.https://www.mdpi.com/2076-3417/15/2/785cybersecurityzero trustmulti-level securitysecurity modelsecurity strategysecurity control |
| spellingShingle | Jun-Hyung Park Sung-Chae Park Heung-Youl Youm A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls Applied Sciences cybersecurity zero trust multi-level security security model security strategy security control |
| title | A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls |
| title_full | A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls |
| title_fullStr | A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls |
| title_full_unstemmed | A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls |
| title_short | A Proposal for a Zero-Trust-Based Multi-Level Security Model and Its Security Controls |
| title_sort | proposal for a zero trust based multi level security model and its security controls |
| topic | cybersecurity zero trust multi-level security security model security strategy security control |
| url | https://www.mdpi.com/2076-3417/15/2/785 |
| work_keys_str_mv | AT junhyungpark aproposalforazerotrustbasedmultilevelsecuritymodelanditssecuritycontrols AT sungchaepark aproposalforazerotrustbasedmultilevelsecuritymodelanditssecuritycontrols AT heungyoulyoum aproposalforazerotrustbasedmultilevelsecuritymodelanditssecuritycontrols AT junhyungpark proposalforazerotrustbasedmultilevelsecuritymodelanditssecuritycontrols AT sungchaepark proposalforazerotrustbasedmultilevelsecuritymodelanditssecuritycontrols AT heungyoulyoum proposalforazerotrustbasedmultilevelsecuritymodelanditssecuritycontrols |