Cryptographic Identity Propagation in Asynchronous Event-Driven Architectures: Implementing Zero-Trust Envelopes for High-Velocity Payment Streams
DOI:
https://doi.org/10.63282/3050-9246.IJETCSIT-V4I2P121Keywords:
Event-Driven Architecture, Zero-Trust Security, Cryptographic Identity, Payment Systems, Distributed Systems, Asynchronous MessagingAbstract
The asynchronous event-driven architectures in the modern high-velocity payment systems are increasingly being used to provide scalability, resilience, and low-latency processing. Nevertheless, a serious problem arising out of these architectures is the issue of ensuring secure and trustworthy identity propagation among loosely coupled distributed services. The use of traditional mechanisms like session based authentication, perimeter security is not sufficient in such environment where events move through various independent processing steps and there is no continuous trust boundary between them. The drawback subjects systems to security weaknesses such as image spoofing, replaying, alteration of messages and absence of end to end responsibility. This paper will offer a zero-trust cryptographic envelope system to handle such issues; this system entails directly inserting verifiable identity metadata into each event message and then enforcing digital signatures, encryption, and integrity checks. The strategy of imposing independent checking of the individual service removes implicit trust and guarantees sustained identity checking throughout the sequence of occasions.The suggested methodology consists of creating a structured cryptographic envelope that has payload information, identity statements, and trust validation attributes, combined with such recent streaming platforms. Strong security assurances and performance demands are balanced with efficient cryptographic processes which include ECDSA-based signatures and hybrid encryptions. This is measured against a prototype system which is applied and burdened with high throughput payment loads and is proved to have very low overheads and provides a great deal of added security. The experimental outcomes indicate that the framework provides high throughput and lower latency enhancements are insignificant, serving to counter replay and impersonation attacks and enhance message integrity and non-repudiation. The most significant are a new concept of a zero-trust envelope, a scalable identity propagation design, an efficient implementation framework of real-time payment systems, and an overall analysis that can confirm its effectiveness within high-velocity environments.
Downloads
References
[1] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture. NIST special publication, 800 (207), 1-52.
[2] Buterin, V. (2014). A next-generation smart contract and decentralized application platform. white paper, 3(37), 2-1.
[3] Emily, H., & Oliver, B. (2020). Event-driven architectures in modern systems: designing scalable, resilient, and real-time solutions. International Journal of Trend in Scientific Research and Development, 4(6), 1958-1976.
[4] Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method for obtaining digital signatures and public-key cryptosystems. Communications of the ACM, 21(2), 120-126.
[5] Koblitz, N. (1987). Elliptic curve cryptosystems. Mathematics of computation, 48(177), 203-209.
[6] Diffie, W., & Hellman, M. E. (2022). New directions in cryptography. In Democratizing cryptography: the work of Whitfield Diffie and Martin Hellman (pp. 365-390).
[7] Pautasso, C., Zimmermann, O., & Leymann, F. (2008, April). Restful web services vs." big"'web services: making the right architectural decision. In Proceedings of the 17th international conference on World Wide Web (pp. 805-814).
[8] Burns, B., Grant, B., Oppenheimer, D., Brewer, E., & Wilkes, J. (2016). Borg, omega, and kubernetes. Communications of the ACM, 59(5), 50-57.
[9] Kreps, J., Narkhede, N., & Rao, J. (2011, June). Kafka: A distributed messaging system for log processing. In Proceedings of the NetDB (Vol. 11, No. 2011, pp. 1-7).
[10] Hunt, P., Konar, M., Junqueira, F. P., & Reed, B. (2010). {ZooKeeper}: Wait-free coordination for internet-scale systems. In 2010 USENIX Annual Technical Conference (USENIX ATC 10).
[11] Sabelfeld, A., & Myers, A. C. (2003). Language-based information-flow security. IEEE Journal on selected areas in communications, 21(1), 5-19.
[12] Ahmed, M. R., Islam, A. M., Shatabda, S., & Islam, S. (2022). Blockchain-based identity management system and self-sovereign identity ecosystem: A comprehensive survey. Ieee Access, 10, 113436-113481.
[13] Dib, O., & Toumi, K. (2020). Decentralized identity systems: Architecture, challenges, solutions and future directions. Annals of Emerging Technologies in Computing, 4(5), 19–40. https://doi.org/10.33166/AETiC.2020.05.002
[14] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero trust architecture (NIST Special Publication 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207
[15] Kapoor, B., Pandya, P., & Sherif, J. S. (2011). Cryptography: A security pillar of privacy, integrity and authenticity of data communication. Kybernetes, 40(9-10), 1422-1439.
[16] Cho, J. H., Xu, S., Hurley, P. M., Mackay, M., Benjamin, T., & Beaumont, M. (2019). Stram: Measuring the trustworthiness of computer-based systems. ACM Computing Surveys (CSUR), 51(6), 1-47.
[17] Ali, B., Hijjawi, S., Campbell, L. H., Gregory, M. A., & Li, S. (2022). A maturity framework for zero‐trust security in multiaccess edge computing. Security and Communication Networks, 2022(1), 3178760.
[18] Yang, Y. S., Lee, S. H., Wang, J. M., Yang, C. S., Huang, Y. M., & Hou, T. W. (2023). Lightweight authentication mechanism for industrial IoT environment combining elliptic curve cryptography and trusted token. Sensors, 23(10), 4970.
[19] John, V., & Liu, X. (2017). A survey of distributed message broker queues. arXiv preprint arXiv:1704.00411. https://arxiv.org/abs/1704.00411
[20] Syed, N. F., Shah, S. W., Shaghaghi, A., Anwar, A., Baig, Z., & Doss, R. (2022). Zero trust architecture (zta): A comprehensive survey. IEEE access, 10, 57143-57179.
[21] Pendleton, M., Garcia-Lebron, R., Cho, J. H., & Xu, S. (2016). A survey on systems security metrics. ACM Computing Surveys (CSUR), 49(4), 1-35.
[22] Savola, R. M. (2013). Quality of security metrics and measurements. Computers & Security, 37, 78-90.
[23] Jimmy, F. (2022). Zero trust security: Reimagining cyber defense for modern organizations. International Journal of Scientific Research and Management, 10(4), 887–905. https://doi.org/10.18535/ijsrm/v10i4.ec11
[24] Syed, N. F., Shah, S. W., Shaghaghi, A., Anwar, A., Baig, Z., & Doss, R. (2022). Zero trust architecture (ZTA): A comprehensive survey. IEEE Access, 10, 57143–57179. https://doi.org/10.1109/ACCESS.2022.317467
