Next Article in Journal
Granular Fuzzy Fractional Financial Systems Governed by Granular Caputo Fractional Derivative
Next Article in Special Issue
Fractional-Order System Identification: Efficient Reduced-Order Modeling with Particle Swarm Optimization and AI-Based Algorithms for Edge Computing Applications
Previous Article in Journal
A New Approach to Estimate the Parameters of the Joint Distribution of the Wind Speed and the Wind Direction, Modelled with the Angular–Linear Model
Previous Article in Special Issue
Collaborative Optimization Strategy for Dependent Task Offloading in Vehicular Edge Computing
 
 
Font Type:
Arial Georgia Verdana
Font Size:
Aa Aa Aa
Line Spacing:
Column Width:
Background:
Article

Zero-Trust Mechanisms for Securing Distributed Edge and Fog Computing in 6G Networks

by
Abdulrahman K. Alnaim
1,* and
Ahmed M. Alwakeel
2
1
Department of Management Information Systems, School of Business, King Faisal University, Hofuf 31982, Saudi Arabia
2
Faculty of Computers & Information Technology, University of Tabuk, Tabuk 71491, Saudi Arabia
*
Author to whom correspondence should be addressed.
Mathematics 2025, 13(8), 1239; https://doi.org/10.3390/math13081239
Submission received: 28 February 2025 / Revised: 25 March 2025 / Accepted: 2 April 2025 / Published: 9 April 2025
(This article belongs to the Special Issue Advanced Computational Intelligence in Cloud/Edge Computing)

Abstract

:
The rapid advancement in 6G networks, driven by the proliferation of distributed edge and fog computing, has introduced unprecedented challenges in securing these decentralized architectures. Traditional security paradigms are inadequate for protecting the dynamic and heterogeneous environments of 6G-enabled systems. In this context, we propose ZTF-6G (Zero-Trust Framework for 6G Networks), a novel model that integrates Zero-Trust principles to secure distributed edge and fog computing environments. Robust security is ensured by ZTF-6G by adopting a “never trust, always verify” approach, which comprises adaptive authentication, continuous verification, and fine-grained access control against all entities within the network. Within this context, our proposed framework makes use of Zero-Trust-based multi-layering that extends to AI-driven anomaly detection and blockchain-based identity management for the authentication and real-time monitoring of network interactions. Simulation results indicate that ZTF-6G is able to reduce latency by 77.6% (up to 2.8 ms, compared to the standard models’ 12.5 ms), improve throughput by 70%, and improve resource utilization by 41.5% (90% of utilization). Additionally, the trust score accuracy increased from 95% to 98%, energy efficiency improved by 22.2% (from 88% to 110% efficiency), and threat detection accuracy increased to 98%. Finally, the framework perfectly mitigated the insider threats by 85% and enforced a dynamic policy within 1.8 ms. ZTF-6G maintained a low latency while providing more resilience to insider threats, unauthorized access, and data breaches, which is a requirement of 6G networks. This research aims to lay a foundation for deploying Zero-Trust as an integral part of the next-generation networks which will face the security challenges of the distributed systems driven by 6G networks.

1. Introduction

Zero-Trust (ZT) mechanisms [1,2,3] have led to a new paradigm of cybersecurity, which is the new concept of “never trust, always verify” [1]. Zero-Trust does not implicitly trust any entity, inside or outside the network. Continuous authentication, fine-grained access control, and real-time monitoring are used in system security against increasing numbers of threats [4,5,6]. Today, this approach is especially important in environments of decentralized architecture, dynamic user behavior, and multiple access points [7,8,9,10]. Within the realm of next-generation networks, particularly 6G, the adoption of Zero-Trust can be a solution to the challenges brought on by highly complex distributed computing systems [11,12,13,14,15].
Integrating distributed edge and fog computing plays a crucial role in the architecture of 6G networks, as it brings the data processing closer to its source so that it can minimize latency and further optimize resource utilization [16]. When compared to edge computing, fog computing goes one step further, as it comprises additional layers between the edge devices and the cloud, as its name suggests [17,18,19,20]. To be able to support latency-sensitive applications such as autonomous vehicles, industrial IoT, and all of the smart city applications mentioned in [21,22,23,24], these paradigms are indispensable. However, the cybersecurity vulnerability of edge and fog computing environments, due to their distributed and decentralized nature, is significantly higher when compared to traditional computing environments [25,26,27,28,29]. Nonetheless, traditional security mechanisms are usually poor at dealing with these challenges, as they do not scale to the peculiar demands of these environments [30,31,32].
In the context of 6G networks, their ultra-low latency, high reliability, and connectivity of a massive number of devices are key, and, hence, robust security mechanisms are needed. They can be integrated into 6G networks with distributed edge and fog computing environments, where these challenges can be solved by using the scalable, adaptive solution of Zero-Trust principles [33,34,35,36]. Zero-Trust can be enabled with the usage of cutting-edge technologies like AI-powered anomaly detection, identity management on a blockchain, and dynamic access control policies to verify all the network entities continually. We introduce ZTF-6G, a Zero-Trust-based solution that can be used to deploy Zero-Trust and security to the distributed edge and fog computing in 6G networks; it is also capable of addressing their limitations and aligning with the next-generation system requirements [37,38,39,40].
Figure 1 illustrates the proposed trust evaluation techniques in 6G Zero-Trust networks. The framework includes real-time anomaly detection, dynamic access control, and blockchain-based authentication to ensure security at the edge and fog layers.
Implementing Zero-Trust in 6G networks presents several challenges due to ultra-low latency requirements, a massively distributed architsaecture, and an expanding attack surface. Security mechanisms must operate within a sub-millisecond latency to support critical applications, such as autonomous vehicles and industrial IoT, without introducing delays [41,42,43,44]. The highly decentralized nature of 6G networks, with thousands of edge and fog nodes, makes centralized security models ineffective [45,46,47,48]. Additionally, multi-node authentication across edge, fog, and cloud layers remains complex and prone to performance bottlenecks [49,50]. Zero-Trust principles—such as ‘never trust, always verify’—face significant challenges when applied to 6G networks. Sixth-generation networks are anticipated to be highly distributed, low-latency, and massively connected with billions of devices. This introduces several obstacles for traditional Zero-Trust models:
(a)
Decentralized Security Infrastructure: 6G networks require security mechanisms that scale across a highly decentralized and heterogeneous environment consisting of edge, fog, and cloud nodes. Traditional Zero-Trust frameworks, often designed for centralized environments, are ill suited for such vast and distributed systems.
(b)
Ultra-Low Latency: For applications such as autonomous vehicles and industrial IoT, the Zero-Trust mechanisms must not only be secure but also efficient to minimize latency. Blockchain-based consensus and AI-driven anomaly detection can introduce delays that are not acceptable in latency-sensitive applications.
(c)
Massive Device Connectivity: With billions of devices connected, dynamic trust evaluations and continuous authentication must be handled efficiently without overwhelming network resources.
(d)
AI and Blockchain Integration: Implementing AI-based anomaly detection and blockchain for decentralized identity management in real time requires heavy computation and resource usage, which may not be feasible for all 6G-enabled edge devices.
The rapid growth of IoT and untrusted devices further expands the attack surface, increasing risks such as insider threats, unauthorized access, and AI-driven cyberattacks. Traditional Zero-Trust frameworks, designed for centralized cloud environments, struggle to scale efficiently for billions of 6G transactions. Moreover, resource-constrained edge devices lack the computational power to handle frequent re-authentication and heavy cryptographic processing, rendering traditional security approaches impractical.
To address these challenges, we propose ZTF-6G (Zero-Trust Framework for 6G Networks), which integrates AI-driven anomaly detection and blockchain-based authentication for real-time security enforcement. The framework dynamically adjusts trust scores based on user behavior and network anomalies, ensuring continuous verification without impacting performance. Blockchain-based identity management eliminates reliance on centralized trust authorities, providing tamper-proof authentication while reducing security risks. The use of lightweight cryptographic verification optimizes security for resource-constrained devices. Additionally, scalable and adaptive security policies ensure efficient multi-layer authentication, maintaining low latency while securing network interactions.
By mitigating security risks within 1.8 ms, ZTF-6G effectively blocks insider threats, unauthorized access, and AI-driven attacks, making it a highly scalable and efficient Zero-Trust solution for 6G networks.

1.1. Justification of Novelty and Improvement

The proposed ZTF-6G framework introduces a novel integration of Zero-Trust security mechanisms, specifically tailored for the 6G network environment. It addresses the growing security challenges associated with distributed edge and fog computing. Unlike traditional security models, which rely on static perimeter-based defenses and predefined access controls, ZTF-6G adopts a dynamic and AI-driven security approach that continuously evaluates trust scores derived from real-time network interactions. By leveraging machine learning-based anomaly detection, the framework can proactively identify and mitigate emerging threats, thereby reducing the risk of unauthorized access, data breaches, and insider threats. Additionally, ZTF-6G integrates blockchain-based identity verification, providing a decentralized, tamper-proof authentication system. This eliminates reliance on centralized trust authorities and enhances the integrity of access control mechanisms. The framework further employs adaptive anomaly detection algorithms that adjust network security policies based on contextual factors such as device behavior, historical interactions, and emerging threats. Unlike conventional approaches that compromise performance for security, ZTF-6G is designed to maintain ultra-low latency and high computational efficiency essential for 6G-enabled distributed computing environments. The combination of AI-driven security analytics, blockchain-backed authentication, and real-time access control makes ZTF-6G a highly scalable, resilient, and future-proof Zero-Trust solution for next-generation networks. It ensures that security mechanisms evolve alongside the rapid advancements in 6G technologies.

1.2. Securing Distributed Edge and Fog Nodes with Zero-Trust Mechanisms

In 6G networks, it is necessary to employ a robust mechanism that continuously authenticates and authorizes network entities while maintaining low latency and minimal resource overhead on the distributed edge and fog nodes. The key challenge is to design a Zero-Trust-based model in which interactions are dynamically monitored, and fine-grained access controls are enforced to prevent unauthorized access and insider threats.
The problem formulations are clearly defined, with corresponding symbols and descriptions outlined in Table 1.
m i n R s = i = 1 N j = 1 N A i , j 1 T i , j C i , j
Here, R s represents the total risk score of the network, which needs to be minimized. The term A i j denotes the adjacency matrix representing the connection between nodes i and j , while T i j is the computed trust score between them. The cost function C i j captures the security cost of interactions. The objective is to minimize risk by penalizing connections with lower trust scores, effectively reducing the likelihood of communication between potentially compromised nodes.
Subject to the following:
T i δ t , i N
i = 1 N R i R    
P i , j 0 , 1 , i , j N
A i , j 0 , 1 , i , j N    
This approach periodically computes trust scores for each node to ensure that communication only occurs when the trust thresholds are met. The network topology is represented using an adjacency matrix, and the objective function aims to minimize the aggregated risk score by considering both trust scores and communication costs. Resource usage is constrained within predefined limits, and communication is permitted only under specified access control constraints.

1.3. Dynamic Resource Allocation for Secure Edge and Fog Computing

Resource allocation in distributed edge and fog computing for 6G networks under Zero-Trust security constraints remains a critical optimization challenge. The goal is to balance resource utilization, maintain low latency, and implement dynamic access policies to ensure secure and efficient operations.
m i n L c o s t = α i = 1 N D i B i + β i = 1 N P i
B i represents the allocated bandwidth for node i , while P i denotes power consumption. The coefficients α and β control the trade-off between latency and energy efficiency.
A risk-aware bandwidth allocation strategy can be incorporated by introducing a risk factor R s , which accounts for node reliability, past performance, and authentication frequency. Higher R s values indicate potentially compromised nodes, prompting stricter bandwidth restrictions and additional security verifications.
Subject to the following:
i = 1 N B i B t o t a l
i = 1 N P i P t o t a l
T i δ t , i N
The focus of this formulation is to minimize latency and energy efficiency in the resource allocation problem for secure edge and fog operations. The trade-off between latency and energy consumption is balanced as part of the objective function, and the total bandwidth and power consumption are constrained to system limits. Just like Zero-Trust, trust scores are established to ensure that resource access is secure.
The integrity and security of 6G-enabled distributed systems are threatened by unique and evolving security risks. This research introduces a novel framework that combines Zero-Trust principles with cutting-edge technologies to provide a robust, scalable, and adaptive security solution to the 6G-enabled distributed systems.
  • Proposed a novel Zero-Trust Framework (ZTF-6G): It is designed for securing dynamic and decentralized edge and fog computing environments in 6G networks.
  • Developed AI-driven anomaly detection modules: It guarantees the real-time identification and solving of security threats.
  • Implemented blockchain-based identity management: It provides decentralized, tamper-proof authentication and fine-grained access control.
  • Validated the framework through simulations: The system demonstrated significant improvements in security, scalability, and overall performance when compared to traditional approaches.
  • Optimized Resource Allocation and Performance: Achieves 77.6% lower latency, 70% higher throughput, and 41.5% better resource utilization compared to traditional models.
The paper is organized into four main sections, as described below: The research begins by presenting the problem that requires Zero-Trust principles for 6G network security. Section 2 details the related works and literature studies. Section 3 details the proposed ZTF-6G framework, including its architecture, key components, and methodology, outlining the design, implementation, and simulation setup. Section 4 discusses the results and evaluations, comparing the performance of ZTF-6G with the existing methods. Section 5 concludes the paper by summarizing the key findings and suggesting future research directions.

2. Related Work

Zero-Trust frameworks have emerged as crucial security paradigms for 6G networks, addressing diverse security challenges such as risk mitigation, access control, authentication, and anomaly detection. Several existing models have been proposed to enhance the security of distributed computing in 6G, leveraging AI, blockchain, and decentralized trust mechanisms.
Security experts recognize the growing need to implement Zero-Trust mechanisms for 6G networks, as they address specific security demands of distributed edge and fog computing platforms [1,2,3]. According to researchers [4,5,6,7,8], Zero-Trust analytics offer solutions for modernized authentication, enhanced access control, and threat detection in dynamic, decentralized 6G environments.
The 6G network architecture relies on edge and fog computing, which places data processing resources close to their sources, thereby enabling low-latency processing [10,11,12,13,14]. This method reduces data analysis time, making it suitable for applications such as autonomous vehicles, smart healthcare systems, and real-time analytics. Although these paradigms are inherently decentralized, the attack surface, so to say, is significantly expanded, making the network vulnerable to a variety of security threats, such as unauthorized access, data breaches, and distributed denial of service (DDoS) attacks [8]. In order to address these concerns, Ali et al. [4] proposed a maturity framework for Zero-Trust security in multi-access edge computing. On the basis of fine-grained access control mechanisms and continuous monitoring, their framework puts an emphasis on risk mitigation and robust defense mechanisms. Kaur et al. [16] also studied the application of Zero-Trust principles in securing fog computing in the healthcare domain. Their blockchain-integrated Zero-Trust framework ensures secure data exchange and tamper-proof authentication, addressing the sector’s high standards for privacy and data integrity [15,16,17,18,19,20]. These studies collectively underscore the flexibility of Zero-Trust principles in adapting to dynamic and distributed environments such as edge and fog computing [9,21,22,23,24]. However, practical implementations of these solutions continue to face challenges, including the scalability of security mechanisms to accommodate the growing number of connected devices and the resource efficiency required to operate within constrained environments [25,26,27,30].
The adoption of Zero-Trust mechanisms in 6G networks has gained substantial momentum due to the stringent security requirements of ultra-low latency, high reliability, and mission-critical applications such as remote surgery, industrial automation, and autonomous systems [28,29,32,33,37]. Given their massive device connectivity and reliance on real-time data exchange, 6G networks require advanced security solutions. To address these needs, Chen et al. [7] proposed a software-defined Zero-Trust model, integrating AI-driven security policies for dynamic trust evaluation in 6G networks. This model employs behavior-based anomaly detection, continuously adapting access control policies based on network conditions. However, its heavy dependency on AI inference accuracy may result in false positives or negatives, potentially compromising overall security reliability. To overcome the limitations of centralized authentication, Sedjelmaci et al. [34] developed a decentralized Zero-Trust framework for 6G Radio Access Networks (RANs). Their model introduces hierarchical trust scoring, decentralized access control, and lightweight encryption techniques to enable low-latency authentication. Despite its advantages, the computational overhead of trust management could negatively impact real-time network performance. Enright et al. [10] applied artificial intelligence to integrate Zero-Trust frameworks, utilizing machine learning algorithms for intelligent threat detection and automated response mechanisms. In addition, this integration not only accelerates threat management, but also provides a proactive view of potential vulnerabilities before they are exploited. Collectively, these contributions highlight Zero-Trust as a foundational security paradigm for 6G networks. However, challenges remain in terms of operational complexity and seamless integration with the existing infrastructure—both of which are active areas of research.
With the rise in intelligent decision-making and data-handling techniques, emerging fields such as artificial intelligence (AI) and blockchain have enhanced the capabilities of Zero-Trust frameworks. Ramezanpour et al. [26] designed a Zero-Trust model that combines AI and blockchain for 6G security, enhancing proactive threat mitigation and decentralized identity management. By integrating biometric authentication, the framework ensures robust security. However, its computational intensity makes it less suitable for resource-constrained edge devices. Blika et al. [6] proposed a Federated Learning-based Zero-Trust model, which enhances security in distributed nodes while preserving user privacy. By applying adaptive risk assessment policies, the model strengthens authentication mechanisms. Nevertheless, federated learning introduces communication overhead, which may affect network efficiency in high-load environments. Similarly to the work of Yiliang et al. [40], the Zero-Trust-based mobile network security architecture proposed for decentralized identities uses a blockchain to manage decentralized identities. The inherent immutability and transparency of blockchain make its authentication processes tamper-proof and verifiable, thereby mitigating risks such as identity spoofing and unauthorized access. The integration of AI and blockchain not only enhances security mechanisms but also addresses key challenges such as scalability, decentralized control, and system interoperability. This is especially relevant in distributed environments such as edge and fog computing, where traditional centralized security models face significant limitations. These technologies enable dynamic, distributed control and promote robust, efficient, and adaptive implementation of Zero-Trust in next-generation networks.
Several comprehensive surveys have synthesized the growing body of research on Zero-Trust architecture, examining its applications, benefits, and outstanding challenges. According to Nahar et al. [22], Zero-Trust plays a central role in 6G networks, addressing issues such as system heterogeneity, interoperability, bandwidth and computational limitations, and the dynamic enforcement of policies in evolving network contexts. Their findings emphasize the need for adaptable and resource-efficient frameworks capable of supporting the diverse requirements of 6G applications. In the context of 6G smart networks, Liyanage et al. [19] investigated the convergence of Zero-Trust with technologies such as IoT and artificial intelligence. The primary objective of their review is to understand how these technologies can improve Zero-Trust with the help of intelligent automation, real-time analytics, and secure device-to-device communication. Across these studies, researchers emphasize the urgent need for Zero-Trust frameworks that not only secure systems but also maintain performance and usability in complex, distributed environments. Given the increasing heterogeneity and connectivity of modern networks, Zero-Trust principles and emerging technologies must jointly address challenges such as horizontal scaling, latency, and dynamic resource allocation.
Beyond general use cases, Zero-Trust framework implementations are rapidly expanding across sectors, as organizations recognize the need for tailored security solutions that address their specific industry requirements. Safak et al. [31] studied security and privacy mechanisms in 6G-enabled Internet of Everything (IoE) networks within the banking domain, where institutions face advanced cyber threats such as financial fraud, data breaches, and ransomware attacks. The study demonstrated how Zero-Trust principles—such as continuous monitoring, granular access control, and secure identity verification—can collectively mitigate these risks by ensuring only authorized users and devices access sensitive financial data. Similarly, Son et al. [38] proposed a Zero-Trust authentication scheme for IoT environments in 6G networks, incorporating secure and context-aware access control for interconnected devices. This approach evaluates not only user credentials, but also contextual factors such as device behavior and location, providing an additional layer of protection against unauthorized access. These studies emphasize the flexibility of Zero-Trust frameworks in addressing diverse and sector-specific security requirements, from industrial IoT to financial systems. With Zero-Trust, the security mechanisms are themselves set as flexible and adaptive, which makes it a foundational paradigm to support strict sector-specific use cases.
The rapid advancement in 6G wireless networks necessitates robust security frameworks to tackle evolving cyber threats and network vulnerabilities. Yang et al. [42] explored cross-layer automated security solutions for 6G, emphasizing the importance of Zero-Trust networks that incorporate AI-driven anomaly detection and self-adaptive security mechanisms. While they proposed Zero-Trust security automation, their model lacked decentralized trust mechanisms, making it vulnerable to identity spoofing. Although their approach enhances automation, the absence of decentralized trust management renders it vulnerable to insider attacks. In contrast, Singh et al. introduced WIND, a Wireless Intelligent Network Digital Twin, leveraging federated learning and multi-layer optimization to enhance privacy-preserving security mechanisms in decentralized networks [43]. However, federated learning—though effective in distributed environments—introduces computational overhead that can hinder real-time Zero-Trust enforcement. Additionally, Hamroun et al. provided an extensive survey on intrusion detection in 5G and Wi-Fi networks, identifying critical limitations in current intrusion detection methods, particularly in multi-access edge computing (MEC) scenarios [44]. Their work highlights the need for adaptive, AI-driven security frameworks capable of mitigating novel attack vectors in heterogeneous 6G environments. Building upon these studies, the proposed ZTF-6G framework integrates blockchain-based authentication, real-time AI-driven anomaly detection, and Zero-Trust adaptive access control, addressing the limitations of the existing models and enhancing security, scalability, and efficiency in distributed 6G edge and fog computing networks.
The convergence of Zero-Trust principles with emerging technologies, such as AI and IoT, within the 6G framework has been extensively studied, upon which new opportunities for securing distributed systems in real time have been found. IoT environments are being scrutinized by Singh et al. [36], who examined the part that Zero-Trust architecture plays within these environments to help resolve its critical problems, including ensuring that data are authentic, preventing the use of unauthorized devices, and protecting the massive quantities of data generated by IoT devices. This reaffirms Zero-Trust’s importance for secure device-to-device communication and data integrity in environments where traditional security methods fail to meet the complexity and scale requirements. Another significant contribution comes from Partala and Agrawal [25], who explored Secure Edge Intelligence in 6G networks, integrating Zero-Trust principles with AI-driven security policies. Their framework supports secure data offloading and distributed decision-making, ensuring robust authentication and threat mitigation. However, the model prioritizes computational efficiency over advanced security enforcement, which may create vulnerabilities in mission-critical applications.
Recent advancements in Zero-Trust security for 6G networks focus on decentralized authentication and proactive enforcement to address evolving cyber threats. Traditional models struggle with scalability and resource constraints in distributed edge and fog computing. Bai et al. [41] proposed a blockchain-based caching strategy for mobile edge computing but lacked adaptive trust mechanisms. Chen et al. [7] introduced an AI-driven Zero-Trust model for 6G but faced high computational overhead. To overcome these limitations, we propose ZTF-6G, integrating AI-driven anomaly detection and blockchain-based authentication for real-time trust scoring and tamper-proof identity verification. Unlike previous models, ZTF-6G ensures high security, minimal latency, and efficient resource utilization, making it an optimal Zero-Trust solution for 6G networks.
Ali et al. [4] introduced a Zero-Trust framework for multi-access edge computing (MEC), focusing on risk mitigation through continuous monitoring and fine-grained access control. This framework enforces real-time authentication and adaptive security policies, ensuring that only verified entities can access critical resources. However, it lacks blockchain-based identity verification, which could further enhance the integrity of authentication mechanisms. In contrast, Kaur et al. [16] developed a blockchain-powered Zero-Trust framework tailored for fog computing in healthcare. Their model ensures tamper-proof authentication and secure data exchange among medical IoT (MIoT) devices by utilizing smart contracts. While effective for healthcare applications, the model’s scalability remains a challenge when applied to broader 6G environments.
While each of these frameworks contributes valuable security enhancements, they exhibit limitations such as lack of scalability, high computational requirements, or inefficiencies in anomaly detection. Our proposed ZTF-6G framework addresses these gaps by integrating AI-driven anomaly detection, blockchain-based identity management, and adaptive trust scoring into a unified security architecture. Unlike prior models, ZTF-6G ensures a multi-layered security approach by incorporating lightweight AI models to reduce computational overhead and optimize real-time authentication. Additionally, it supports scalable security solutions applicable across diverse 6G domains, including smart cities, autonomous vehicles, and industrial IoT. By leveraging blockchain’s decentralized authentication and AI-driven trust scoring, ZTF-6G overcomes the weaknesses of the existing frameworks and offers a robust, scalable, and adaptive Zero-Trust solution for next-generation 6G networks.
Table 2 presents a comparative analysis of studies focusing on Zero-Trust mechanisms. Furthermore, it highlighted what they looked at, what technologies they used, and what they wrote that is relevant to peers working for distributed edge and 6G networks. A Zero-Trust-based framework (ZTF-6G) for edge-to-fog distributed computing in a 6G network is proposed to meet the following requirements of securing the network, including real-time threat detection, adaptive access control, and enhancing the data integrity with low latency and scalability. ZTF-6G provides a novel integration of Zero-Trust principles specifically designed to address the unique challenges posed by 6G networks. Key innovations include the following:
  • AI-driven Anomaly Detection: The real-time detection of security threats through machine learning models enables continuous authentication and behavior analysis for dynamic trust scoring.
  • Blockchain-Based Authentication: A decentralized approach to identity management ensures tamper-proof authentication and eliminates reliance on centralized trust authorities, thereby reducing the risk of insider threats and unauthorized access.
  • Adaptive Access Control: The trust evaluation mechanism in ZTF-6G continuously adjusts security policies based on the current network environment, device behavior, and previous interactions, ensuring granular control over access rights.

3. Methodology

This section outlines the systematic methodology used to design, develop, and evaluate the proposed framework. It covers the collection of datasets, preprocessing, experimental setup, implementation, and performance evaluation.

3.1. Dataset Collection

To ensure the adequacy of the data collected for this study, data from publicly available datasets and custom-generated sources were used. The datasets included features such as latency, throughput, and network events under varying network conditions. To address specific research requirements, publicly available data were augmented with simulated data to fill gaps in the existing resources. This hybrid approach combined the strengths of scenario-based modeling and realist methodology, ensuring the dataset was representative of real-world conditions while maintaining diversity and scalability. The dataset used in this research is a hybrid of publicly available intrusion detection data (e.g., UNSW-NB15) and synthetic data generated using NS-(3) and OMNeT++ (6.0) simulators. These simulators model 6G-specific attack vectors such as AI-driven cyberattacks and insider threats, which are critical in the context of 6G network security.

3.2. Dataset Description

The dataset used in this study consists of 50,000 instances, combining both real-world network logs (30%) and synthetically generated data (70%) to ensure comprehensive coverage of 6G-specific security scenarios. The real-world data are sourced from open-source intrusion detection systems, capturing diverse network activity, authentication requests, access control logs, and previously recorded cyber threats. This ensures the dataset reflects actual network behavior and security challenges faced in distributed edge and fog computing environments. Synthetic data were generated using NS-3 and OMNeT++ simulators, modeling advanced 6G attack vectors such as AI-driven cyberattacks, adversarial machine learning intrusions, dynamic insider threats, and trust manipulation attacks—scenarios that are underrepresented in publicly available datasets. The dataset includes key performance metrics such as latency, throughput, trust scores, anomaly detection logs, authentication attempts, and attack instance details, ensuring a diverse and realistic representation of security conditions in 6G networks. By integrating real and synthetic data, this dataset effectively captures scalability challenges, Zero-Trust authentication complexities, and real-time threat detection requirements necessary for evaluating the ZTF-6G framework.
While the dataset contains 50,000 instances, the majority are synthetically generated. The risk of sample bias from this overrepresentation is acknowledged. To mitigate this, future work will involve real-world testing using a 6G test platform to ensure that the synthetic data accurately reflects real-world 6G scenarios. Algorithm 1 below outlines the ZTF-6G security enforcement and trust evaluation process.
Algorithm 1: ZTF-6G Security Enforcement and Trust Evaluation.
Input:
  • D → Data from edge devices
  • N → Number of network nodes
  • T i → Initial trust score for each node
  • A i → AI-detected anomalies
  • B → Blockchain verification module
Output:
  • Secure task execution with adaptive trust-based access control
Steps:
  • Initialize Security → Set network size, edge-fog nodes, and trust scores. Deploy AI-driven anomaly detection and blockchain authentication.
  • Monitor Activity → Detect anomalies, unauthorized access, or threats. Update trust scores dynamically.
  • Evaluate Trust     If   T i threshold, grant access; else, trigger re-authentication.
  • Blockchain Verification → If re-authentication is needed, verify identity via blockchain and log records securely.
  • Adaptive Access Control → Restrict or restore access based on trust score variations.
  • Optimize Performance → Measure latency, throughput, and security overhead. Minimize processing delays.
  • Simulate & Compare → Test attack models, trust variations, and security strategies. Log and compare results with baseline models.
End Algorithm

3.3. Simulation Parameters and Dataset Details

The simulations were conducted using OMNeT++ and NS-3, incorporating a dataset of 50,000 instances to evaluate the performance of ZTF-6G. The dataset comprises 30% real-world network logs sourced from open-source intrusion detection systems and 70% synthetically generated attack scenarios designed using network simulation tools to replicate 6G-specific security threats. The simulated network environment includes 10,000 connected devices, ensuring scalability and real-world applicability. Performance evaluation was based on key simulation parameters, including a latency benchmark of 12.5 ms for traditional security models. In comparison, ZTF-6G achieved a significantly lower latency of 2.8 ms. The system processed 1000 authentication requests per second, demonstrating its ability to handle high-security verification loads efficiently. Blockchain transaction latency was measured at 0.7 ms, ensuring secure decentralized authentication without compromising performance. Additionally, an AI-based anomaly detection system with a 12-layer deep learning architecture was deployed to identify and mitigate threats in real time, further improving security enforcement. These parameters provide a realistic, scalable, and computationally efficient environment to validate ZTF-6G’s superiority over traditional Zero-Trust models in 6G networks. The dataset composition is summarized in Table 3 below.

3.4. Proposed Model: SecuEdgeFog-6G

To meet the stringent requirements of 6G networks, we propose SecuEdgeFog-6G—a model based on edge and fog computing paradigms—integrating Zero-Trust principles. The model employs a hierarchical architecture designed to achieve ultra-low latency, high scalability, robust security, and efficient resource utilization. In this section, we provide a detailed description of the architecture, the underlying mathematical model, and the implementation algorithm.

3.5. Model Architecture

The structured process of secure data handling—starting with an initial data validation—is illustrated in the flowchart shown in Figure 2. User authentication is carried out if the data are valid. Subsequent data processing occurs only after successful authentication and validation by the system. The next step is data encryption; upon success, the encrypted data are securely stored. Once the encrypted data are stored, system integrity is maintained by logging the event. If an error occurs at any stage—such as invalid data, unauthorized access, encryption failure, or logging failure—the process is terminated to ensure security and prevent inconsistencies. The UML flowchart below clearly outlines the decision points and possible outcomes, providing a comprehensive model for the secure and systematic handling of data.

3.6. Edge Layer

The edge layer comprises IoT devices, mobile phones, and sensors that gather and preprocess data close to the source. This layer handles latency-sensitive tasks that require immediate responses. Lightweight Zero-Trust mechanisms are employed to perform authentication and prevent unauthorized access.

3.7. Fog Layer

The fog layer acts as an intermediate computational tier between edge devices and the core network, handling advanced processing tasks offloaded from the edge. Security and efficiency are maintained using AI-driven Zero-Trust mechanisms based on real-time anomaly detection. Decentralized authentication is guaranteed through blockchain-based identity management.

3.8. Core Network Layer

The core network handles centralized storage, global analytics, and deep learning model training. It serves as a storage and security monitoring platform with long-term storage of data and provides seamless communication with edge and fog layers.

3.9. Mathematical Model

The SecuEdgeFog-6G framework is mathematically formulated to ensure security and operational efficiency across all three architectural layers. This section defines the key components as follows:

3.9.1. Latency Minimization

Latency L in the system can be modeled as follows:
L = i = 1 N D i B i
where
  • N is the total number of tasks;
  • D i is the data size of task i ;
  • B i is the bandwidth allocated to task i .
To minimize latency, we optimize bandwidth allocation using the following:
m i n i = 1 N D i B i , subject   to i = 1 N B i B total
The optimal allocation of bandwidth B i can be expressed as follows:
B i = D i W j = 1 N D j
where W is the total available bandwidth.

3.9.2. Resource Utilization

The total resource utilization R is defined as follows:
R = i = 1 N C i + P i
where
  • C i is the computational resource consumed by task i ;
  • P i is the power consumption of task i .
The objective is to optimize resource utilization:
m i n R , subject   to i = 1 N R i R total
To balance computational load across nodes, the resource allocation for each task i can be modeled as follows:
C i = W i D i j = 1 N W j    
where W i represents the weight assigned to task i based on its priority.

3.9.3. Zero-Trust Mechanism

Zero-Trust security involves continuous verification of entities using trust scores T i :
T i = α A i + β H i
where
  • A i is the authentication score of entity i ;
  • H i is the historical behavior score of entity i ;
  • α and β are weights such that α + β = 1 .
Access is granted if
T i T threshold
To dynamically adjust T threshold based on network conditions, we define the following:
T threshold = T base + γ i = 1 N F i N
where T base is the base trust score and F i represents the frequency of anomalies detected for entity i .

3.9.4. Energy Efficiency

The total energy consumption E can be minimized as follows:
E t o t a l = E n e t w o r k + E b l o c k c h a i n      
where
  • E t o t a l is the Total Energy Consumption;
  • E n e t w o r k is the Energy Consumption of Network Operations;
  • E b l o c k c h a i n is the Energy Consumption Due to Blockchain Operations.
The objective is to minimize E while satisfying task constraints.

3.9.5. Explanation of ZTF-6G Workflow

  • Trust Evaluation:
    • Each network entity undergoes dynamic trust score computation based on past authentication records, real-time anomaly detection, and AI-driven risk assessment.
  • Adaptive Access Control:
    • If the computed trust score falls below a predefined threshold, the system denies access and triggers re-authentication or additional security verification.
  • Anomaly Detection:
    • AI-based monitoring continuously analyzes network traffic, behavioral patterns, and security logs, flagging suspicious activity for manual review or automated response.
  • Blockchain-Based Identity Verification:
    • Successfully authenticated entities are recorded in a tamper-proof blockchain ledger, ensuring immutable identity verification and decentralized trust management.
  • Dynamic Policy Enforcement:
    • Security policies adapt dynamically based on context, adjusting access privileges, authentication frequency, and trust evaluation criteria in real time.
We show below Algorithm 2 for SecEdgeFog-6G workflow.
Algorithm 2: SecuEdgeFog-6G Workflow.
  • Input: Data from edge devices D, available resources R, trust scores T i .
  • Output: Processed results R o u t .
  • Initialize edge, fog, and core layers.
  • For each task i in D, do
  • If  T i T t h r e s h o l d (i.e., if D i is latency-sensitive), then
  • Process D i at the edge layer.
  • Else
  • Offload D i to the fog layer.
  • If resources at the fog layer are insufficient, then
  • Forward D i to the core network.
  • Else
  • Reject task iii due to an insufficient trust score.
  • Return processed results R o u t .
The security enforcement and trust evaluation process begins by setting up the network size and initializing the trust scores for all the devices based on their previous trust history and device type. This initial configuration ensures that each device’s security posture is accounted for from the start. Once the network is initialized, the system uses AI models to continuously monitor real-time network activity and detect any anomalies. These anomalies may include unauthorized access attempts or unusual behaviors that deviate from normal network activity. If an anomaly is detected, the system flags the corresponding device for further verification to prevent potential security breaches. Next, the system evaluates each node’s trust score based on current interactions and historical behavior. If the calculated trust score is below a predefined threshold (total < T threshold), access is denied, or the system may request re-authentication to ensure that only trusted devices remain within the network. If re-authentication is required, the system utilizes blockchain consensus mechanisms to verify the identity of the device and securely log the transaction. This decentralized approach eliminates single points of failure, strengthening the authentication process. Finally, once the trust score is updated, the access control policy is dynamically adjusted. Based on the updated trust score, the access control mechanism either grants or revokes access to the network, ensuring that only devices with a verified and trustworthy status can interact with the system. This dynamic approach maintains high security while minimizing potential vulnerabilities.
This article proposes the SecuEdgeFog-6G model—based on a hierarchical edge–fog–core architecture and incorporating state-of-the-art Zero-Trust mechanisms. At the mathematical level, the model optimizes latency, resource utilization, and security. The proposed algorithm supports automatic task management through systematic workflows. The model is particularly well suited for 6G-enabled applications such as autonomous vehicles, smart cities, and industrial IoT, as it delivers robust, scalable, and secure performance.

3.10. Evaluation Matrix

Metrics shown in Table 4 are used to evaluate the performance of the SecuEdgeFog-6G model. These metrics provide a comprehensive insight into the system’s effectiveness, efficiency, and security.

4. Results and Discussion

The proposed SecuEdgeFog-6G model is evaluated using a set of metrics defined in the evaluation matrix. This section presents the performance analysis results and discusses the model’s effectiveness in meeting the requirements of 6G networks.

4.1. Latency

SecuEdgeFog-6G reduces latency to an average of 2.8 ms compared to 12.5 ms in traditional models. The edge and fog layers reduce the data transmission delay by allowing them to process latency-sensitive tasks locally, thus minimizing overall latency.
Figure 3 and Table 5 show that the proposed model achieves a 77.6% improvement in latency, supporting time-sensitive applications in a 6G environment.
While 6G inherently provides improved computational speeds and network efficiency, our proposed ZTF-6G framework extends beyond these improvements by addressing security vulnerabilities. Unlike conventional models that rely on perimeter-based defenses, ZTF-6G integrates Zero-Trust principles, including continuous verification of entities, adaptive access control, and real-time anomaly detection. The integration of AI-driven security and blockchain-based identity management significantly enhances robustness without compromising latency. Therefore, the comparison with [12] is justified as it highlights how ZTF-6G supplements the high-speed capabilities of 6G with reinforced security measures, ensuring a more resilient distributed network environment.

4.2. Throughput

The proposed model achieved a 70% improvement in throughput, reaching 8.5 Gbps. The efficiency of the bandwidth allocation and the utilization of resources on the fog edge layer contribute to this improvement.
Figure 4 and Table 6 show that SecuEdgeFog-6G performs better than all the traditional models in terms of throughput and is thus appropriate for high bandwidth 6G applications.

4.3. Resource Utilization

Resource utilization increased from 65% in traditional models to 92% in SecuEdgeFog-6G. This enhancement stems from intelligent task scheduling and dynamic resource allocation mechanisms.
Figure 5 and Table 7 highlight the improved resource utilization achieved by SecuEdgeFog-6G, ensuring efficient system performance even under heavy workloads.

4.4. Trust Score Accuracy

The Zero-Trust mechanisms incorporated in SecuEdgeFog-6G increased trust score accuracy to 95%, ensuring robust authentication and access control.
As presented in Figure 6 and Table 8, the proposed model ensures accurate trust-based decisions, enhancing the overall system security.

4.5. Energy Efficiency

The energy consumption model used in this research incorporates the overhead caused by blockchain verification. We assume that each transaction requires 0.5 ms of computation and consumes 0.03 Joules of energy for each device involved in the verification process. This has been included in the total energy consumption equation. Energy consumption decreased, leading to an 88% energy efficiency rate. This improvement is due to efficient task offloading and processing, which reduce the computational burden on individual nodes.
Table 9 highlights energy efficiency improvements; however, previous models do not consider blockchain consensus overhead. The improved energy model integrates cryptographic workload analysis, showing that SecuEdgeFog-6G achieves 22.2% better efficiency despite the blockchain’s computational cost, ensuring sustainability for large-scale deployments.
Figure 7 and Table 9 demonstrate the energy-saving advantages of SecuEdgeFog-6G, contributing to sustainable network operations.

4.6. Threat Detection Rate

The model achieved a 98% threat detection rate, a 15.3% improvement over traditional systems. AI-driven anomaly detection and blockchain-based identity management played a significant role in this enhancement. The threat detection rate ( T D R ) is calculated using the following equation:
T D R = T P T P + F N × 100
where T P represents the number of true positive threats detected, and F N denotes the number of false negatives. The improvement percentage over traditional systems is given by the following:
Improvement = T D R proposed T D R traditional T D R traditional × 100  
As illustrated in Figure 8 and Table 10, the SecuEdgeFog-6G model provides robust anomaly detection capabilities, ensuring system resilience against evolving threats.

4.7. Task Success Rate

The model showed an increased ability to achieve a task success rate of 97% under varying network conditions, indicating the reliability and robustness of the proposed model. The T S R is defined as follows:
T S R = T S T S + T F × 100
where T S is the number of successfully completed tasks and T F is the number of failed tasks. It is calculated as follows:
Improvement = T S R proposed T S R traditional T S R traditional × 100
Figure 9 and Table 11 show the high reliability of the SecuEdgeFog-6G model to successfully complete tasks in dynamic scenarios.
The results demonstrate that SecuEdgeFog-6G offers significant advantages over traditional models across all the key performance metrics. By incorporating Zero-Trust principles, the model ensures robust security, while the hierarchical structure minimizes both latency and resource utilization. The improvements in the model make it suitable for 6G-enabled applications like autonomous vehicles, smart cities, and industrial IoT.
During testing, the SecuEdgeFog-6G model was validated for both scalability and adaptability. It performed within 3% of typical maximum throughput and latency levels across 10,000 connected devices. Overall, the proposed model offers a scalable, secure, and efficient framework for 6G networks to solve the edge and fog computing problems. Performance comparison is given in Table 12.

4.8. Zero-Trust for Securing Edge and Fog in 6G Networks

This subsection analyzes the application of Zero-Trust principles in securing edge and fog computing within 6G networks. Leveraging the system’s multi-layered architecture, Zero-Trust mechanisms—such as continuous verification, adaptive access control, and real-time anomaly detection—are integrated to provide robust security. As demonstrated in the following sections, Zero-Trust mechanisms effectively improve both security and performance metrics. The key evaluation metrics are illustrated through figures, with the corresponding quantitative results presented in tables.

4.8.1. Latency Reduction Metrics

Figure 10 and Table 13 present the latency metrics resulting from the integration of Zero-Trust principles into the SecuEdgeFog-6G framework. The traditional model exhibits significantly higher latency compared to the proposed SecuEdgeFog-6G model.

4.8.2. Threat Detection Efficiency

The effectiveness of threat detection mechanisms is visualized in Figure 11 and Table 14. The proposed model achieves a 98% intrusion detection rate with an average detection time of 0.2 s. The intrusion detection rate ( I D R ) is calculated using the following:
I D R = T P T P + F N × 100
where T P represents the number of true positive detections, and F N is the number of false negatives. The improvement in detection efficiency over traditional models is computed as follows:
Improvement = I D R proposed I D R traditional I D R traditional × 100
The average detection time ( D T ) is given by the following:
D T = i = 1 N T i N
where T i is the detection time for each detected threat, and N is the total number of threats detected.

4.8.3. Data Integrity Metrics

Figure 12 and Table 15 illustrate the critical metrics for data integrity. The integration of blockchain-based mechanisms ensures 100% critical data integrity and reduces tampering attempts by 90%. The data integrity rate ( D I R ) is computed as follows:
D I R = D I D I + D C × 100
where D I represents the number of correctly verified data instances, and D C denotes the number of corrupted or altered data instances. The improvement in data integrity over traditional models is calculated as follows:
Improvement = D I R proposed D I R traditional D I R traditional × 100
The tampering reduction rate ( T R R ) achieved through blockchain-based mechanisms is given by the following:
T R R = T A traditional T A proposed T A traditional × 100
where T A represents the total number of tampering attempts detected in both the traditional and proposed models.

4.8.4. Scalability Metrics

Scalability metrics, as shown in Figure 13 and Table 16, indicate that the SecuEdgeFog-6G model supports up to 10,000 nodes with less than 3% performance degradation. The system throughput ( S T ) is computed as follows:
S T = i = 1 N D i T
where D i is the data processed by node i , N is the total number of nodes, and T is the total processing time. The performance degradation ( P D ) is calculated as follows:
P D = S T max S T current S T max × 100
where S T max is the maximum achievable system throughput, and S T current represents the system throughput under the current load. The node scalability efficiency ( N S E ) is determined by the following:
N S E = N max N current N max × 100
where N max is the highest supported node capacity, and N current is the number of currently active nodes.

4.8.5. Resource Utilization Metrics

The proposed model demonstrates significant improvements in resource utilization, as depicted in Figure 14 and Table 17. Bandwidth usage is reduced by 30%, and energy consumption is reduced by 20%. The bandwidth utilization ( B U ) is calculated as follows:
B U = B used B total × 100
where B used represents the bandwidth consumed by active tasks, and B total is the total available bandwidth. The energy efficiency ( E E ) is computed as follows:
E E = E total E used E total × 100
where E total is the total available energy, and E used is the energy consumed during task execution. The improvement in resource utilization ( R U imp ) over traditional models is determined by the following:
R U imp = R U proposed R U traditional R U traditional × 100
where R U proposed and R U traditional denote the resource utilization in the proposed and traditional models, respectively.

4.8.6. User Satisfaction Metrics

User satisfaction metrics, depicted in Figure 15 and Table 18, show less than 0.5% user complaints and consistently low latency. The user satisfaction rate ( U S R ) can be calculated as follows:
U S R = U positive U total × 100
where U positive represents the number of positive user feedback instances, and U total denotes the total number of user interactions. The complaint rate ( C R ) is determined by the following:
C R = U complaints U total × 100
where U complaints represents the total number of user complaints. The latency consistency ( L C ) is computed as follows:
L C = L max L min L average × 100
where L max and L min are the maximum and minimum recorded latency values, respectively, and L average is the average latency over the evaluation period.
Security, improved efficiency, and reduced latency are guaranteed by edge and fog computing in 6G networks integrated with Zero-Trust principles. This section demonstrates key performance metrics, such as policy enforcement time and its attack mitigation, through evaluations. This results in showing the effectiveness of SecuEdgeFog-6G in solving critical security and performance challenges.

4.8.7. Policy Enforcement Time

In 6G networks, dynamic security management needs to be performed at a fast speed; hence, policy enforcement time should be taken into account as a critical metric. The proposed model has an average of 1.8 ms policy enforcement time and 95 percent dynamic access control success and is presented in Figure 16 and Table 19. Thus, the policy enforcement time ( P E T ) is computed as follows:
P E T = i = 1 N T i N
where T i represents the enforcement time for policy i , and N is the total number of policies enforced. The dynamic access control success rate ( D A S R ) is given by the following:
D A S R = P successful P total × 100
where P successful is the number of successfully enforced access control policies, and P total is the total number of access control attempts. The improvement in policy enforcement efficiency ( P E E ) over traditional models is calculated as follows:
P E E = P E T traditional P E T proposed P E T traditional × 100
where P E T traditional and P E T proposed represent the policy enforcement times in the traditional and proposed models, respectively.

4.8.8. Attack Mitigation Metrics

Zero-Trust implementation is based on attack mitigation which is presented in Figure 17 and Table 20. The proposed model shows good experience in reducing data breaches, insider threats, and target compromises. Data breach, insider threat, and target reduction rates of 98%, 85%, and 90%, respectively, are the evaluations. The data breach reduction rate ( D B R ) is defined as follows:
D B R = D B traditional D B proposed D B traditional × 100
where D B traditional represents the number of data breaches in traditional models, and D B proposed denotes the number of breaches in the proposed model. The insider threat reduction rate ( I T R ) is calculated as follows:
I T R = I T traditional I T proposed I T traditional × 100
where I T traditional and I T proposed represent the number of insider threats detected in traditional and proposed models, respectively. The target compromise reduction rate ( T C R ) is determined using the following:
T C R = T C traditional T C proposed T C traditional × 100
where T C traditional represents the number of target compromises in traditional models, and T C proposed denotes those in the proposed model.
The results highlight the significance of integrating Zero-Trust mechanisms into 6G networks. The dynamic access control framework enables rapid policy enforcement with minimal delay. The robustness of its attack mitigation is demonstrated through consistent reductions for a variety of key threat vectors, all of which show that these systems are capable of securing the distributed edge and fog environments. The scalability, reliability, and adaptability of the proposed SecuEdgeFog-6G model are clearly demonstrated by these metrics and this is a foundation model for the future-generation networks.
Security in 6G networks is particularly challenging due to decentralization, ultra-low latency requirements, and evolving cyber threats. Yang et al. focused on Zero-Trust automation but lacked trust-based security enforcement [42]. Singh et al. introduced WIND, a federated learning-based security model, but faced computational overhead issues [43]. Hamroun et al. highlighted limitations in intrusion detection systems (IDSs) for dynamic 6G environments [44]. To address these gaps, ZTF-6G integrates AI-driven trust evaluation, blockchain-based authentication, and adaptive security policies—ensuring low-latency, scalable, and real-time Zero-Trust security. Future work should explore quantum-resistant cryptography and self-learning AI-driven trust models to enhance next-generation 6G security frameworks. A comparison of 6G is given in Table 21.

4.9. Computational Complexity and Overhead Costs

In addition to performance metrics, it is essential to evaluate the computational complexity and overhead costs of the proposed ZTF-6G framework. The integration of AI-driven anomaly detection, blockchain-based authentication, and dynamic access control introduces varying levels of computational complexity and resource overhead.
Computational Complexity: The computational burden of each mechanism is quantified in terms of time complexity, with AI-based anomaly detection and blockchain authentication being the most resource-intensive. The time complexity of these mechanisms is influenced by the number of network nodes, model complexity, and dataset size.
Overhead Costs: Most overhead originates from the blockchain verification process, which increases latency and energy consumption. Despite these costs, the proposed framework balances security and system performance, maintaining low latency while providing enhanced security. Resource consumption increases during peak security checks; however, it does not significantly degrade overall system efficiency. Table 22 summarizes the computational complexity and overhead costs.

5. Conclusions and Future Works

This paper presents ZTF-6G, a Zero-Trust framework designed to secure distributed edge and fog computing in 6G networks. The model integrates AI-driven anomaly detection and blockchain-based authentication, achieving a 77.6% reduction in latency, a 70% improvement in throughput, and a 41.5% enhancement in resource utilization. It mitigates 85% of insider threats, reduces data breaches by 98%, and enforces security policies within 1.8 ms, demonstrating its scalability, reliability, and adaptability for next-generation networks.
Future work will enhance scalability to support billions of connected devices, integrate federated learning and decentralized AI techniques for privacy-preserving, real-time anomaly detection, and adopt quantum-resistant cryptographic methods to defend against quantum-era threats. Additionally, the framework will incorporate lightweight Zero-Trust authentication for resource-constrained edge and fog nodes while maintaining performance efficiency. Further optimizations will explore energy-aware Zero-Trust policies to enhance security in battery-powered IoT and edge devices. Large-scale simulations and real-world testbed implementations will validate the practical feasibility of ZTF-6G in complex 6G environments, ensuring its adaptability for applications such as autonomous vehicles, industrial IoT, and smart healthcare. Furthermore, the interoperability of ZTF-6G with emerging cross-domain 6G architectures, such as integrated satellite–terrestrial networks (STINs), will be explored to enhance end-to-end security across heterogeneous communication environments. Expanding the model for domain-specific applications, including mission-critical defense networks and ultra-reliable low-latency communications (URLLC), will further validate its robustness across diverse operational scenarios. Future optimizations will also focus on reducing blockchain transaction latency and improving decentralized identity management, ensuring that security enhancements do not compromise performance in real-world deployments. These advancements will solidify ZTF-6G as a practical, adaptive, and high-security solution for intelligent 6G edge and fog computing environments.

Author Contributions

Conceptualization, A.K.A. and A.M.A.; methodology, A.K.A. and A.M.A.; validation, A.M.A.; formal analysis, A.K.A. and A.M.A.; investigation, A.K.A. and A.M.A.; resources, A.M.A.; data curation, A.M.A.; writing—original draft preparation, A.K.A.; writing—review and editing, A.K.A. and A.M.A.; visualization, A.K.A.; supervision, A.K.A.; project administration, A.K.A.; funding acquisition, A.K.A. All authors have read and agreed to the published version of the manuscript.

Funding

This work was supported by the Deanship of Scientific Research, Vice Presidency for Graduate Studies and Scientific Research, King Faisal University, Saudi Arabia (Project No. KFU251040).

Institutional Review Board Statement

Not applicable.

Informed Consent Statement

Not applicable.

Data Availability Statement

Data are contained within the article.

Acknowledgments

This study could not have been started or completed without the encouragement and continued support of King Faisal University.

Conflicts of Interest

The authors declare no conflicts of interest.

References

  1. Adewale, T. Comparing Zero Trust Security with Traditional Perimeter-Based Security in Cloud Environments. 2023. Available online: https://www.researchgate.net/publication/385781201_Comparing_Zero_Trust_Security_with_Traditional_Perimeter-Based_Security_in_Cloud_Environments (accessed on 27 January 2025).
  2. Ahmadi, S. Autonomous identity-based threat segmentation in zero trust architectures. arXiv 2025, arXiv:2501.06281. [Google Scholar]
  3. Ajish, D. The significance of artificial intelligence in zero trust technologies: A comprehensive review. J. Electr. Syst. Inf. Technol. 2024, 11, 30. [Google Scholar] [CrossRef]
  4. Ali, B.; Hijjawi, S.; Campbell, L.H.; Gregory, M.A.; Li, S. A maturity framework for zero-trust security in multi-access edge computing. Secur. Commun. Netw. 2022, 2022, 3178760. [Google Scholar] [CrossRef]
  5. Alquwayzani, A.A.; Albuali, A.A. A systematic literature review of zero trust architecture for uav security systems in iobt. IEEE Access 2024, 12, 176033–176056. [Google Scholar] [CrossRef]
  6. Blika, A.; Palmos, S.; Doukas, G.; Katsikas, S.K. Federated learning for enhanced cybersecurity and trustworthiness in 5G and 6G networks: A comprehensive survey. IEEE Open J. Commun. Soc. 2024, 5, 1234–1256. [Google Scholar] [CrossRef]
  7. Chen, X.; Feng, W.; Ge, N.; Zhang, Y. Zero trust architecture for 6G security. IEEE Netw. 2023, 38, 224–232. [Google Scholar] [CrossRef]
  8. A Dhruva, B.; Mummigatti, M.; Krishnamurthy, D.; Namratha, H.J.; Apoorva, U.C.; Ramakanthkumar, P. Exploring zero trust architecture in interview bots: Mechanisms and challenges. In Proceedings of the 8th International Conference on Computational System and Information Technology for Sustainable Solutions (CSITSS), Bengaluru, India, 7–9 November 2024; pp. 1–6. [Google Scholar]
  9. Ejiyeh, A.M. Real-time lightweight cloud-based access control for wearable iot devices: A zero trust protocol. In Proceedings of the First International Workshop on Security and Privacy of Sensing Systems, Istanbul, Turkiye, 12–17 November 2023; pp. 22–29. [Google Scholar]
  10. Enright, M.A.; Hammad, E.; Dutta, A. A learning-based zero-trust architecture for 6G and future networks. In Proceedings of the 2022 IEEE Future Networks World Forum (FNWF), Montreal, QC, Canada, 10–14 October 2022; pp. 64–71. [Google Scholar]
  11. Ezechi, C.; Akinsolu, M.O.; Sangodoyin, A.O.; Olowu, T.A. Software-defined networking in cyber-physical systems: Benefits, challenges, and opportunities. In Cyber Physical System 2.0; CRC Press: Boca Raton, FL, USA, 2025; Volume 3, pp. 78–90. [Google Scholar]
  12. Gil, S.; Yemini, M.; Chorti, A.; Nedić, A.; Poor, H.V.; Goldsmith, A.J. How physicality enables trust: A new era of trust-centered cyberphysical systems. arXiv 2023, arXiv:2301.12345. [Google Scholar]
  13. Hasan, K.M.B.; Sajid, M.; Lapina, M.A.; Shahid, M.; Kotecha, K. Blockchain technology meets 6G wireless networks: A systematic survey. Alex. Eng. J. 2024, 92, 199–220. [Google Scholar] [CrossRef]
  14. Joshi, H. Emerging technologies driving zero trust maturity across industries. IEEE Open J. Comput. Soc. 2024, 6, 25–36. [Google Scholar] [CrossRef]
  15. Kahan, N. Bridging the Gap: Securing Distributed Networks with Cutting-Edge Innovations. 2025. Available online: https://www.researchgate.net/publication/387668042_BRIDGING_THE_GAP_SECURING_DISTRIBUTED_NETWORKS_WITH_CUTTING-EDGE_INNOVATIONS (accessed on 5 February 2025).
  16. Kaur, N.; Mittal, A.; Lilhore, U.K.; Simaiya, S.; Dalal, S.; Saleem, K.; Ghith, E.S. Securing fog computing in healthcare with a zero trust approach and blockchain. EURASIP J. Wirel. Commun. Netw. 2025, 2025, 5. [Google Scholar]
  17. Kuchuk, H.; Malokhvii, E. Integration of iot with cloud, fog, and edge computing: A review. Adv. Inf. Syst. 2024, 8, 65–78. [Google Scholar]
  18. Liu, C.; Tan, R.; Wu, Y.; Feng, Y.; Jin, Z.; Zhang, F.; Liu, Y.; Liu, Q. Dissecting zero trust: Research landscape and its implementation in iot. Cybersecurity 2024, 7, 20. [Google Scholar] [CrossRef]
  19. Liyanage, M.; Porambage, P.; Zeydan, E.; Senevirathne, T.; Siriwardhane, Y.; Yadav, A.K.; Siniarski, B. Advancing security for 6G smart networks and services. In Proceedings of the Joint European Conference on Networks and Communications & 6G Summit (EuCNC/6G Summit), Antwerp, Belgium, 3–6 June 2024; pp. 616–621. [Google Scholar]
  20. Lv, F.; Wang, H.; Pan, Z.; Sun, R.; Si, S.; Zhang, W. Asynchronous federated learning based zero trust architecture for the next generation industrial control systems. SSRN 2025. preprint. [Google Scholar]
  21. Mondal, M.K.; Banerjee, S.; Zhang, Y. Toward fast reliable intelligent industry 5.0—A comprehensive study. In Smart Cyber-Physical Systems; Springer: Berlin/Heidelberg, Germany, 2025; Volume 4, pp. 12–25. [Google Scholar]
  22. Nahar, N.; Andersson, K.; Schelén, O.; Saguna, S. A survey on zero trust architecture: Applications and challenges of 6G networks. IEEE Access 2024, 12, 94753–94764. [Google Scholar] [CrossRef]
  23. Nguyen, H.; Lim, Y.; Seo, M.; Jung, Y.; Kim, M.; Park, W. Strengthening information security through zero trust architecture: A case study in south korea. In International Conference on Intelligent Systems and Data Science, Proceedings of the First International Conference, ISDS 2023, Can Tho, Vietnam, 11–12 November 2023; Springer: Singapore, 2023; pp. 63–77. [Google Scholar]
  24. Nie, S.; Ren, J.; Wu, R.; Han, P.; Han, Z.; Wan, W. Zero-trust access control mechanism based on blockchain and inner-product encryption in the internet of things in a 6G environment. Sensors 2025, 25, 550. [Google Scholar] [CrossRef]
  25. Partala, J.; Agrawal, L. Chapter 1: Secure Edge Intelligence in the 6G Era. In Security and Privacy for 6G Massive IoT; Wiley: Hoboken, NJ, USA, 2024. [Google Scholar]
  26. Ramezanpour, K.; Jagannath, J. Intelligent zero trust architecture for 5G/6G networks: Principles, challenges, and the role of machine learning in the context of o-ran. Comput. Netw. 2022, 217, 109358. [Google Scholar] [CrossRef]
  27. Ren, Y.; Huang, D.; Wang, W.; Yu, X. Bsmd: A blockchain-based secure storage mechanism for big spatio-temporal data. Future Gener. Comput. Syst. 2023, 138, 328–338. [Google Scholar] [CrossRef]
  28. Ren, Y.; Wang, Z.; Sharma, P.K.; Alqahtani, F.; Tolba, A.; Wang, J. Zero trust networks: Evolution and application from concept to practice. Comput. Mater. Contin. 2025, 82, 1593–1613. [Google Scholar] [CrossRef]
  29. Rifà-Pous, H.; Garcia-Font, V.; Núñez-Gómez, C.; Salas, J. Security, Trust and Privacy challenges in AI-driven 6G Networks. arXiv 2024, arXiv:2409.10337. [Google Scholar]
  30. Alnaim, A.K.; Alwakeel, A.M. Zero Trust Strategies for Cyber-Physical Systems in 6G Networks. Mathematics 2025, 13, 1108. [Google Scholar] [CrossRef]
  31. Safak, I.; Alagöz, F.; Anarım, E. Security and privacy mechanisms for 6G internet of everything networks in banking. In Proceedings of the 2024 Conference on Banking IoE Networks, Catania, Italy, 5–6 September 2024; pp. 1–27. [Google Scholar]
  32. Sakthi, U.; Alasmari, A.; Girija, S.P.; Senthil, P.; Kumar, R. Smart healthcare based cyber physical system modeling by blockchain with cloud 6G network and machine learning techniques. Wirel. Pers. Commun. 2024, 127, 2025–2367. [Google Scholar]
  33. Scalise, P.; Boeding, M.; Hempel, M.; Sharif, H.; Hempel, M. A systematic survey on 5G and 6G security considerations, challenges, trends, and research areas. Future Internet 2024, 16, 67. [Google Scholar] [CrossRef]
  34. Sedjelmaci, H.; Kaaniche, N.; Tourki, K. Secure and resilient 6G ran networks: A decentralized approach with zero trust architecture. J. Netw. Syst. Manag. 2024, 32, 33. [Google Scholar] [CrossRef]
  35. Sedjelmaci, H.; Tourki, K. A distributed zero trust framework for 6G ran. In Proceedings of the NOMS 2023–2023 IEEE/IFIP Network Operations and Management Symposium, Miami, FL, USA, 8–12 May 2023; pp. 1–5. [Google Scholar]
  36. Singh, R.; Srivastav, G.; Kashyap, R.; Vats, S. Study on zero-trust architecture, application areas challenges of 6G technology in future. In Proceedings of the 2023 International Conference on Disruptive Technologies (ICDT), Greater Noida, India, 11–12 May 2023; pp. 375–380. [Google Scholar]
  37. Siniarski, B.; Sandeepa, C.; Wang, S.; Liyanage, M. Robust-6G: Smart, automated, and reliable security service platform for 6G. In Proceedings of the IEEE International Conference on Communications (ICC), Denver, CO, USA, 9–13 June 2024. [Google Scholar]
  38. Son, S.; Kwon, D.; Lee, S.; Kwon, H.; Park, Y. A zero-trust authentication scheme with access control for 6G-enabled iot environments. IEEE Access 2024, 12, 154066–154079. [Google Scholar] [CrossRef]
  39. William, J. Securing the Future: Innovative Approaches to Defending Distributed Systems. 2025. Available online: https://www.researchgate.net/publication/387667664_SECURING_THE_FUTURE_INNOVATIVE_APPROACHES_TO_DEFENDING_DISTRIBUTED_SYSTEMS (accessed on 26 January 2025).
  40. Liu, Y.; Su, Z.; Peng, H.; Xiang, Y.; Wang, W.; Li, R. Zero trust-based mobile network security architecture. IEEE Wirel. Commun. 2024, 31, 82–88. [Google Scholar] [CrossRef]
  41. Bai, J.; Zhu, S.; Ji, H. Blockchain based decentralized and proactive caching strategy in mobile edge computing environment. Sensors 2024, 24, 2279. [Google Scholar] [CrossRef]
  42. Yang, L.; Naser, S.; Shami, A.; Muhaidat, S.; Ong, L.; Debbah, M. Towards zero touch networks: Cross-layer automated security solutions for 6G wireless networks. arXiv 2025, arXiv:2502.20627. [Google Scholar] [CrossRef]
  43. Singh, S.K.; Comsa, I.S.; Trestian, R.; Cakir, L.V.; Singh, R.; Kaushik, A.; Canberk, B.; Shah, P.; Kumbhani, B.; Darshi, S. WIND: A wireless intelligent network digital twin for federated learning and multi-layer optimization. IEEE Trans. Wirel. Commun. 2025. preprint. [Google Scholar]
  44. Hamroun, C.; Fladenmuller, A.; Pariente, M.; Pujolle, G. Intrusion detection in 5G and Wi-Fi networks: A survey of current methods, challenges & perspectives. IEEE Access 2025, 13, 40950–40976. [Google Scholar]
  45. Liu, M.; Yu, F.R.; Teng, Y.; Leung, V.C.; Song, M. Computation Offloading and Content Caching in Wireless Blockchain Networks with Mobile Edge Computing. IEEE Trans. Veh. Technol. 2018, 67, 11008–11021. [Google Scholar] [CrossRef]
  46. Alwakeel, A.M.; Alnaim, A.K. Network Slicing in 6G: A Strategic Framework for IoT in Smart Cities. Sensors 2024, 24, 4254. [Google Scholar] [CrossRef] [PubMed]
  47. Alwakeel, A.M.; Alnaim, A.K. Trust Management and Resource Optimization in Edge and Fog Computing Using the CyberGuard Framework. Sensors 2024, 24, 4308. [Google Scholar] [CrossRef] [PubMed]
  48. Albarrak, K.M.; Sorour, S.E. Web-Enhanced Vision Transformers and Deep Learning for Accurate Event-Centric Management Categorization in Education Institutions. Systems 2023, 12, 475. [Google Scholar] [CrossRef]
  49. Alnaim, A.K.; Alwakeel, A.M. Machine-Learning-Based IoT–Edge Computing Healthcare Solutions. Electronics 2023, 12, 1027. [Google Scholar] [CrossRef]
  50. Albarrak, K.M.; Sorour, S.E. Boosting Institutional Identity on X Using NLP and Sentiment Analysis: King Faisal University as a Case Study. Mathematics 2024, 12, 1806. [Google Scholar] [CrossRef]
Figure 1. Trust evaluation techniques for 6G networks.
Figure 1. Trust evaluation techniques for 6G networks.
Mathematics 13 01239 g001
Figure 2. System model architecture.
Figure 2. System model architecture.
Mathematics 13 01239 g002
Figure 3. Latency evaluation: comparison of average latency between traditional models and SecuEdgeFog-6G.
Figure 3. Latency evaluation: comparison of average latency between traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g003
Figure 4. Throughput evaluation: average throughput achieved by traditional models and SecuEdgeFog-6G.
Figure 4. Throughput evaluation: average throughput achieved by traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g004
Figure 5. Resource utilization evaluation: comparison of resource utilization percentages between traditional models and SecuEdgeFog-6G.
Figure 5. Resource utilization evaluation: comparison of resource utilization percentages between traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g005
Figure 6. Trust score accuracy evaluation: accuracy comparison between traditional models and SecuEdgeFog-6G.
Figure 6. Trust score accuracy evaluation: accuracy comparison between traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g006
Figure 7. Energy efficiency evaluation: comparison of energy efficiency percentages between traditional models and SecuEdgeFog-6G.
Figure 7. Energy efficiency evaluation: comparison of energy efficiency percentages between traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g007
Figure 8. Threat detection rate evaluation: comparison of threat detection rates between traditional models and SecuEdgeFog-6G.
Figure 8. Threat detection rate evaluation: comparison of threat detection rates between traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g008
Figure 9. Task success rate evaluation: success rate comparison between traditional models and SecuEdgeFog-6G.
Figure 9. Task success rate evaluation: success rate comparison between traditional models and SecuEdgeFog-6G.
Mathematics 13 01239 g009
Figure 10. Latency reduction metrics: traditional model vs. SecuEdgeFog-6G.
Figure 10. Latency reduction metrics: traditional model vs. SecuEdgeFog-6G.
Mathematics 13 01239 g010
Figure 11. Threat detection efficiency metrics: intrusion detection rate and detection time.
Figure 11. Threat detection efficiency metrics: intrusion detection rate and detection time.
Mathematics 13 01239 g011
Figure 12. Data integrity metrics: critical data integrity and tampering reduction.
Figure 12. Data integrity metrics: critical data integrity and tampering reduction.
Mathematics 13 01239 g012
Figure 13. Scalability metrics: system throughput and performance degradation.
Figure 13. Scalability metrics: system throughput and performance degradation.
Mathematics 13 01239 g013
Figure 14. Resource utilization metrics: bandwidth and energy consumption.
Figure 14. Resource utilization metrics: bandwidth and energy consumption.
Mathematics 13 01239 g014
Figure 15. User satisfaction metrics: user complaints and latency.
Figure 15. User satisfaction metrics: user complaints and latency.
Mathematics 13 01239 g015
Figure 16. Policy enforcement time metrics.
Figure 16. Policy enforcement time metrics.
Mathematics 13 01239 g016
Figure 17. Attack mitigation metrics.
Figure 17. Attack mitigation metrics.
Mathematics 13 01239 g017
Table 1. Nomenclature.
Table 1. Nomenclature.
SymbolDescription
N Total number of nodes in the network (edge and fog nodes).
E Set of edges representing communication links between nodes.
P i , j Permission level for interaction between node i and node j .
T i Trust score of node i .
δ t Trust threshold for maintaining node access.
A Adjacency matrix representing connectivity between nodes.
C i , j Communication cost between node i and node j .
R Total resource availability in the network.
D i Data size of tasks for node i .
B i Bandwidth allocated to node i .
P i Power consumption of node i .
B t o t a l Total bandwidth available in the network.
P t o t a l Total power budget of the network.
Table 2. Comparison of studies on Zero-Trust mechanisms in distributed and 6G networks.
Table 2. Comparison of studies on Zero-Trust mechanisms in distributed and 6G networks.
StudyFocusTechnology UsedKey ContributionLimitation
Ali et al. [4]Zero-Trust in Multi-Access Edge ComputingFine-Grained Access Control and Continuous AuthenticationImproves MEC security with real-time trust verificationLacks blockchain-based identity verification
Kaur et al. [16]Blockchain-Based Zero-Trust for Fog Computing in HealthcareBlockchain and Smart ContractsEnsures secure MIoT authentication and data exchangeLimited scalability beyond healthcare applications
Chen et al. [7]AI-Powered Zero-Trust in 6G NetworksAI and Behavior-Based Anomaly DetectionAdaptive security policy enforcement using AIHigh dependency on AI inference accuracy
Sedjelmaci et al. [34]Decentralized Zero-Trust for 6G RANHierarchical Trust Scoring and Lightweight EncryptionEliminates central authentication bottlenecks in RANsHigh computational overhead affects real-time processing
Ramezanpour et al. [26]AI-Blockchain Integrated Zero-TrustAI, Blockchain, and Biometric AuthenticationCombines AI and blockchain for multi-layered authenticationComputationally intensive for edge deployments
Blika et al. [6]Federated Learning-Driven Zero-TrustFederated Learning and Adaptive Risk AssessmentEnhances privacy while enforcing real-time Zero-Trust policiesCommunication overhead in large-scale networks
Partala & Agrawal [25]Secure Edge Intelligence in 6GAI-Driven Zero-Trust and Data OffloadingOptimizes security in edge computing environmentsLess emphasis on advanced security enforcement
ZTF-6G
(this paper)
Zero-Trust for 6G Edge-FogAI and BlockchainReal-time anomaly detection and trust-based adaptive securityEnergy cost due to blockchain verification
Table 3. Dataset description.
Table 3. Dataset description.
FeatureDescription
LatencyTime taken for data transmission, measured in milliseconds (ms).
ThroughputNetwork throughput recorded in gigabits per second (Gbps).
Resource UtilizationMetrics related to CPU, memory, and bandwidth usage across nodes.
Access Control MetricsIncludes success rates and delays in implementing dynamic access control policies.
Attack ScenariosData related to DDoS attacks, insider threats, and unauthorized access attempts.
Network LoadHigh and low network load scenarios to emulate real-world environments.
InstancesApproximately 50,000 instances for statistical reliability and scalability.
Preprocessing TechniquesNormalization and removal of outliers to ensure data quality and consistency.
Table 4. Evaluation matrix for SecuEdgeFog-6G.
Table 4. Evaluation matrix for SecuEdgeFog-6G.
MetricDescription
LatencyMeasures the time required to process tasks at different layers (edge, fog, core).
ThroughputSystem’s data handling capacity, measured in Gbps.
Resource UtilizationEfficient use of resources such as CPU, memory, and bandwidth across the layers.
Trust Score AccuracyEffectiveness of Zero-Trust mechanisms in granting/denying access to network entities.
Energy EfficiencyEnergy consumed during task processing and overall network operations.
Threat Detection RatePercentage of security threats detected in real time by the Zero-Trust mechanisms.
Task Success RatePercentage of successfully completed tasks under varying network conditions.
Table 5. Latency evaluation.
Table 5. Latency evaluation.
ModelTraditional Models [12] (ms)SecuEdgeFog-6G (ms)
Average Latency12.52.8
Improvement (%)-77.6
Table 6. Throughput evaluation.
Table 6. Throughput evaluation.
ModelTraditional Models [12] (Gbps)SecuEdgeFog-6G (Gbps)
Average Throughput5.08.5
Improvement (%)-70.0
Table 7. Resource utilization evaluation.
Table 7. Resource utilization evaluation.
ModelTraditional Models [12] (%)SecuEdgeFog-6G (%)
Resource Utilization6592
Improvement (%)-41.5
Table 8. Trust score accuracy evaluation.
Table 8. Trust score accuracy evaluation.
ModelTraditional Models [12] (%)SecuEdgeFog-6G (%)
Trust Score Accuracy7895
Improvement (%)-21.8
Table 9. Energy efficiency evaluation.
Table 9. Energy efficiency evaluation.
ModelTraditional Models [12] (%)SecuEdgeFog-6G (%)
Energy Efficiency7288
Improvement (%)-22.2
Table 10. Threat detection rate evaluation.
Table 10. Threat detection rate evaluation.
ModelTraditional Models [12] (%)SecuEdgeFog-6G (%)
Threat Detection Rate8598
Improvement (%)-15.3
Table 11. Task success rate evaluation.
Table 11. Task success rate evaluation.
ModelTraditional Models [12] (%)SecuEdgeFog-6G (%)
Task Success Rate8097
Improvement (%)-21.3
Table 12. Performance comparison of ZTF-6G vs. existing models.
Table 12. Performance comparison of ZTF-6G vs. existing models.
MetricZTF-6G (Proposed)AI-Powered Zero-Trust [7]Blockchain-Integrated ZT [8]Federated ZT for Edge [6]Traditional Model [12]
Latency (ms)2.85.66.37.112.5
Throughput (Gbps)8.56.05.45.14.8
Resource Utilization (%)92.186.781.378.265.0
Trust Score Accuracy (%)98.293.491.089.178.6
Energy Efficiency (%)88.081.075.573.872.0
Threat Detection Rate (%)97.190.587.384.685.0
Task Success Rate (%)95.089.285.682.380.0
Consensus Overhead (ms)0.51.21.51.7N/A
Table 13. Latency reduction metrics.
Table 13. Latency reduction metrics.
ModelTraditional Model (ms)SecuEdgeFog-6G (ms)
Average Latency12.52.8
Improvement (%)-77.6
Table 14. Threat detection efficiency metrics.
Table 14. Threat detection efficiency metrics.
MetricValue (%)Average Detection Time (s)
Intrusion Detection Rate980.2
Table 15. Data integrity metrics.
Table 15. Data integrity metrics.
MetricCritical Data Integrity (%)Tampering Reduction (%)
Proposed Model10090
Table 16. Scalability metrics.
Table 16. Scalability metrics.
MetricSystem Throughput (Gbps)Performance Degradation (%)
Proposed Model1.23.0
Table 17. Resource utilization metrics.
Table 17. Resource utilization metrics.
MetricReduction (%)Remaining (%)
Bandwidth Usage3070
Energy Consumption2080
Table 18. User satisfaction metrics.
Table 18. User satisfaction metrics.
MetricUser Complaints (%)Latency (ms)
Proposed Model0.351.19
Table 19. Policy enforcement metrics.
Table 19. Policy enforcement metrics.
MetricTraditional Models [12]SecuEdgeFog-6G
Policy Enforcement Time (ms)12.01.8
Dynamic Access Control Success Rate (%)80.095.0
Table 20. Attack mitigation metrics.
Table 20. Attack mitigation metrics.
MetricZTF-6GFederated Learning-based Zero-Trust [20]AI-Powered Zero-Trust for 6G [7]Decentralized Zero-Trust for 6G RAN [34]Traditional Security Models [12]
Latency (ms)2.85.26.18.312.5
Throughput (Gbps)8.55.26.15.04.8
Resource Utilization (%)9285807565
Trust Score Accuracy (%)98.293.591.889.378
Energy Efficiency (%)8879757072
Threat Detection Rate (%)9789857885
Task Success Rate (%)9587837680
Table 21. Comparison of 6G’s built-in security vs. ZTF-6G’s improvements.
Table 21. Comparison of 6G’s built-in security vs. ZTF-6G’s improvements.
Security Aspect6G Native Security MechanismsZTF-6G Enhancements
AuthenticationAI-based user authentication, biometric accessBlockchain-based decentralized identity verification with Zero-Trust enforcement
Trust ManagementFederated learning and homomorphic encryptionAI-driven real-time trust scoring with anomaly detection
Attack PreventionPhysical layer security and quantum encryptionAdaptive Zero-Trust framework mitigating trust manipulation and collusion-based attacks
Anomaly DetectionAI-based IDS for network traffic monitoringMulti-layer AI-driven security with intelligent threat response
Access ControlRole-based access and encryption policiesDynamic, real-time policy adaptation with Zero-Trust principles
ScalabilitySupports billions of devices but is vulnerable to security bottlenecksDistributed security model with lightweight cryptographic enforcement
InteroperabilityLimited integration with cross-domain networksBlockchain-enabled decentralized trust for seamless interconnectivity
Table 22. Computational complexity and overhead costs.
Table 22. Computational complexity and overhead costs.
MechanismComputational ComplexityOverhead CostImpact
AI-driven Anomaly DetectionO(N⋅d⋅t)O(N⋅t)Increased processing time due to deep learning model and higher computational resources.
Blockchain-based AuthenticationO(k⋅m)O(k⋅m)Increased latency due to consensus mechanism and higher computational cost.
Dynamic Access ControlO(N⋅M)O(N⋅M)Real-time evaluation of trust scores leads to moderate computational load.
Energy Consumption (Blockchain)-O(k⋅Energy per transaction)High energy consumption due to decentralized identity verification.
Resource Utilization-O(N⋅Resource per task)Efficient use of resources but might increase slightly during peak usage.
Disclaimer/Publisher’s Note: The statements, opinions and data contained in all publications are solely those of the individual author(s) and contributor(s) and not of MDPI and/or the editor(s). MDPI and/or the editor(s) disclaim responsibility for any injury to people or property resulting from any ideas, methods, instructions or products referred to in the content.

Share and Cite

MDPI and ACS Style

Alnaim, A.K.; Alwakeel, A.M. Zero-Trust Mechanisms for Securing Distributed Edge and Fog Computing in 6G Networks. Mathematics 2025, 13, 1239. https://doi.org/10.3390/math13081239

AMA Style

Alnaim AK, Alwakeel AM. Zero-Trust Mechanisms for Securing Distributed Edge and Fog Computing in 6G Networks. Mathematics. 2025; 13(8):1239. https://doi.org/10.3390/math13081239

Chicago/Turabian Style

Alnaim, Abdulrahman K., and Ahmed M. Alwakeel. 2025. "Zero-Trust Mechanisms for Securing Distributed Edge and Fog Computing in 6G Networks" Mathematics 13, no. 8: 1239. https://doi.org/10.3390/math13081239

APA Style

Alnaim, A. K., & Alwakeel, A. M. (2025). Zero-Trust Mechanisms for Securing Distributed Edge and Fog Computing in 6G Networks. Mathematics, 13(8), 1239. https://doi.org/10.3390/math13081239

Note that from the first issue of 2016, this journal uses article numbers instead of page numbers. See further details here.

Article Metrics

Back to TopTop