Risk-adaptive authorization in zero trust with dynamic trust and tokens
The article addresses the problem of risk-adaptive authorization in a Zero Trust architecture using a mechanism of dynamic trust assessment and adaptive access token management. The relevance of the study is driven by the increasing number of attacks related to credential compromise, session hijacki...
Gespeichert in:
| Datum: | 2026 |
|---|---|
| Hauptverfasser: | , , |
| Format: | Artikel |
| Sprache: | Ukrainisch |
| Veröffentlicht: |
PROBLEMS IN PROGRAMMING
2026
|
| Schlagworte: | |
| Online Zugang: | https://pp.isofts.kiev.ua/index.php/ojs1/article/view/892 |
| Tags: |
Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
|
| Назва журналу: | Problems in programming |
| Завантажити файл: |  |
Institution
Problems in programming| Zusammenfassung: | The article addresses the problem of risk-adaptive authorization in a Zero Trust architecture using a mechanism of dynamic trust assessment and adaptive access token management. The relevance of the study is driven by the increasing number of attacks related to credential compromise, session hijacking, and privilege misuse in corpo rate information systems. The proposed approach is based on continuous analysis of user behavioral character istics, device parameters, network context, and resource criticality, enabling the formation of an integral risk indicator in real time. Unlike traditional models with fixed token lifetimes and static access policies, the devel oped model provides dynamic adjustment of the trust level throughout the entire interaction session. The integral risk indicator is defined as a function of threat likelihood and potential impact on the asset, ensuring adaptive adjustment of authorization parameters, including privilege scope, token lifetime, requirement for re-authentica tion, or enforced cryptographic key rotation. A mechanism for shortening or extending the token lifecycle de pending on changes in the security context is implemented, thereby minimizing the window of opportunity for exploiting compromised credentials. Special attention is paid to maintaining a balance between security level, system performance, and usability. The proposed approach increases resilience against session hijacking, cre dential stuffing, and insider misuse attacks and can be integrated into modern access management systems with out significant growth in computational overhead. Modeling results confirm the effectiveness of dynamic trust as a key element of risk-adaptive authorization.Problems in programming 2026; 1: 12-22 |
|---|