International Journal of Science, Engineering and TechnologyAuthors: Md. Abdul Momin, Md. Ezharul Islam
Abstract: Microservices are widely used to build modern applications, but their distributed design brings serious security risks that traditional perimeter-based models cannot handle. Once attackers bypass the perimeter, they can move across services unchecked. Zero Trust Architecture (ZTA) addresses this problem with its “never trust, always verify” principle. It secures microservices through continuous authentication, least-privilege access, micro-segmentation, and encrypted communication. This paper examines the core principles of ZTA, its primary benefits, such as enhanced security, regulatory compliance, resilience, and scalable security, and the challenges of adoption, including complex policy management, performance overhead, integration with legacy systems, skill shortages, and a lack of standardization. To overcome these barriers, best practices like Zero Trust Architecture, enabling tools, automated policy management, and unified governance are discussed. The paper also highlights the role of AI and ML in making ZTA smarter through adaptive authentication and real-time threat detection. Overall, ZTA offers a flexible and powerful approach for protecting microservices in cloud-native environments.
DOI: https://doi.org/10.5281/zenodo.17365282
