Paper Title
A PERFORMANCE-OPTIMIZED ZERO TRUST ARCHITECTURE FOR SECURING MICROSERVICES APIS
Keywords
- ai-driven cybersecurity
- api authentication
- cloud-native security
- dynamic policy enforcement
- kubernetes security
- microservices security
- mutual tls (mtls)
- service mesh security
- token-less authentication
- zero trust security.
Publication Info
Volume: 16 | Issue: 3 | Pages: 177-187
Published On
May, 2025
Downloads
FULL PDF
Abstract
Microservices-based architectures have become increasingly prevalent due to their inherent scalability, modularity, and agility. However, their distributed nature introduces significant security challenges, as traditional API security mechanisms — such as OAuth 2.0, JWT, and API gateways — largely rely on static authentication methods. These conventional approaches, while effective to an extent, contribute to performance overhead and often fail to keep pace with evolving cyber threats. Zero Trust Architecture (ZTA) offers a promising alternative by enforcing strict authentication and authorization for every API request. Yet, existing implementations of ZTA can degrade API performance due to the frequent execution of authentication procedures and complex policy validations. In this paper, we propose a performance-optimized Zero Trust API security model specifically tailored for microservices environments. Our approach integrates a lightweight, token-less authentication mechanism, an optimized mutual TLS (mTLS) protocol, and dynamic policy enforcement embedded within Kubernetes-based service meshes. This model aims to enhance both security and performance, ensuring efficient and scalable microservices operations.
View more »