Next-Generation Zero-Trust Identity Orchestration for Unified Human–Machine Access in Critical Infrastructure and Healthcare Networks
Keywords:
zero trust architecture, intent awareness, identity management, cyber-physical systemsAbstract
Background: Rapid convergence of cyber-physical systems (CPS), Internet of Medical Things (IoMT), and distributed cloud/edge services has created environments where human and machine identities coexist and interact continuously. Traditional perimeter-based security assumptions are no longer tenable; zero-trust architecture (ZTA) shifts the model to identity- and policy-centric access decisions (Rose et al., 2020; Kindervag, 2010). Despite substantial literature on ZTA components and industrial adaptations (Stafford, 2020; Syed et al., 2022; Feng & Hu, 2023), there is limited work that integrates intent-awareness — the capacity to interpret, represent, and enforce access based on the actor’s operational intent — across heterogeneous identity types (human users, service accounts, IoT devices, ML agents) within safety-critical domains such as healthcare.
Objective: This paper proposes a comprehensive, publication-ready design and evaluative narrative for an Intent-Aware Zero-Trust Identity Architecture (IA-ZTIA) that unifies human and machine access control. The architecture is grounded in contemporary ZTA guidance (Rose et al., 2020; Stafford, 2020), research surveys (Syed et al., 2022; Yan & Wang, 2020), and domain-specific constraints from healthcare and CPS literature (Loh et al., 2022; Feng & Hu, 2023; Lakhan et al., 2022).
Methods: We describe a systems-level methodology articulating identity modeling, intent representation, continuous trust evaluation, policy orchestration, telemetry and explainability, and privacy-preserving learning for intent inference. Methods are textually specified to be implementable without formulae: design choices, data flows, trust scoring semantics, and governance mechanisms are described in depth. We synthesize evidence from existing ZTA deployments (Gilman, 2016; Osborn et al., 2016) and healthcare-AI and federated learning work (Islam et al., 2023; Lakhan et al., 2022) to justify design decisions.
Results: The descriptive analysis identifies how IA-ZTIA improves risk differentiation, reduces lateral movement opportunities, and enables safe machine-to-machine delegation patterns while preserving patient privacy and auditability. We document qualitative outcomes: finer-grained authorization, improved incident forensics, reduced blast radius for compromised machine identities, and compatibility with regulatory privacy requirements. Trade-offs around latency, complexity, and model overfitting in intent classifiers are analyzed.
Conclusions: Intent-awareness augments ZTA by aligning access decisions with operational context and purpose, particularly valuable in CPS and healthcare where actions have physical consequences. We provide a roadmap for staged adoption, governance recommendations, and areas requiring future empirical validation, including real-world deployment studies and longitudinal safety evaluations. This article synthesizes interdisciplinary knowledge into a coherent architecture and critical discussion for researchers, engineers, and policy-makers seeking to unify human and machine identity under zero-trust principles. (Max. 400 words) (Rose et al., 2020; Stafford, 2020; Syed et al., 2022).
References
V. Stafford, “Zero trust architecture,” NIST special publication, vol. 800, p. 207, 2020.
S. Rose, O. Borchert, S. Mitchell, and S. Connelly, “NIST special publication 800-207 zero trust architecture,” NIST, US Department of Commerce, pp. 800–207, 2020.
N. F. Syed, S. W. Shah, A. Shaghaghi, A. Anwar, Z. Baig, and R. Doss, “Zero trust architecture (zta): A comprehensive survey,” IEEE Access, vol. 10, pp. 57 143–57 179, 2022.
Q. Yao, Q. Wang, X. Zhang, and J. Fei, “Dynamic access control and authorization system based on zero-trust architecture,” in Proceedings of the 2020 1st International Conference on Control, Robotics and Intelligent System, 2020, pp. 123–127.
X. Feng and S. Hu, “Cyber-physical zero trust architecture for industrial cyber-physical systems,” IEEE Transactions on Industrial Cyber-Physical Systems, vol. 1, pp. 394–405, 2023.
J. Kindervag et al., “Build security into your network’s dna: The zero trust network architecture,” Forrester Research Inc, vol. 27, pp. 1–16, 2010.
E. Gilman, Zero Trust Networks: Building Systems in Untrusted Networks. O’Reilly, 2016.
X. Yan and H. Wang, “Survey on zero-trust network security,” in International Conference Artificial Intelligence and Security (ICAIS), Hohhot, China, July 2020, pp. 50–60.
E. Bertino, “Zero trust architecture: does it help?” IEEE Security & Privacy, vol. 19, no. 05, pp. 95–96, 2021.
B. Osborn, J. McWilliams, B. Beyer, and M. Saltonstall, “BeyondCorp: Design to deployment at Google,” ;login: (USENIX), vol. 41, no. 1, pp. 28–34, 2016.
Cousins, G.; Durand, L.; O’Kane, A.; Tierney, J.; Maguire, R.; Stokes, S.; O’Reilly, D.; Arensman, E.; Bennett, K.E.; Vázquez, M.O.; et al. Prescription drugs with potential for misuse: Protocol for a multi-indicator analysis of supply, detection and the associated health burden in Ireland between 2010 and 2020. BMJ Open 2023, 13, e069665.
Islam, A. R.; Khan, K. M.; Scarbrough, A.; Zimpfer, M. J.; Makkena, N.; Omogunwa, A.; Ahamed, S. I. An Artificial Intelligence–Based Smartphone App for Assessing the Risk of Opioid Misuse in Working Populations Using Synthetic Data: Pilot Development Study. JMIR Formative Research 2023, 7, e45434.
Volovici, V.; Syn, N. L.; Ercole, A.; Zhao, J. J.; Liu, N. Steps to avoid overuse and misuse of machine learning in clinical research. Nature Medicine 2022, 28, 1996–1999.
Nancy, A. A.; Ravindran, D.; Raj Vincent, P. D.; Srinivasan, K.; Gutierrez Reina, D. IoT-cloud-based smart healthcare monitoring system for heart disease prediction via deep learning. Electronics 2022, 11, 2292.
Valizadeh, M.; Parde, N. The AI doctor is in: A survey of task-oriented dialogue systems for healthcare applications. In Proceedings of the 60th Annual Meeting of the Association for Computational Linguistics, Dublin, Ireland, 22–27 May 2022; Volume 1: Long Papers; pp. 6638–6660.
Loh, H. W.; Ooi, C. P.; Seoni, S.; Barua, P. D.; Molinari, F.; Acharya, U. R. Application of explainable artificial intelligence for healthcare: A systematic review of the last decade (2011–2022). Computer Methods and Programs in Biomedicine 2022, 226, 107161.
Chauhan, S.; Tanwar, H. K. S. Application of Blockchain Technology in Healthcare: A Systematic Review. In Proceedings of the 2022 International Conference on Applied Artificial Intelligence and Computing (ICAAIC), Salem, India, 9–11 May 2022.
Lakhan, A.; Mohammed, M. A.; Nedoma, J.; Martinek, R.; Tiwari, P.; Vidyarthi, A.; Alkhayyat, A.; Wang, W. Federated-learning based privacy preservation and fraud-enabled blockchain IoMT system for healthcare. IEEE Journal of Biomedical and Health Informatics 2022, 27, 664–672.
Bhushan, B.; Prassanna R Rajgopal; Kritika Sharma. An Intent-Aware Zero Trust Identity Architecture for Unifying Human and Machine Access. International Journal of Computational and Experimental Science and Engineering 2025, 11(3). https://doi.org/10.22399/ijcesen.3886
