1. Introduction
The rapid proliferation of 5G networks has revolutionized connectivity, enabling ultra-low latency, massive device density, and transformative applications like autonomous vehicles, smart cities, and industrial IoT [
1]. However, this expansion introduces unprecedented security challenges, as traditional perimeter-based models fail to address 5G’s dynamic, multi-domain architecture, which spans edge computing, network slicing, and heterogeneous IoT ecosystems [
2,
3,
4]. Multi-Access Edge Computing (MEC) has emerged as a critical enabler for low-latency and high-throughput applications in 5G networks, especially those requiring real-time processing at the edge [
5,
6,
7]. However, with this shift toward distributed computing comes a host of new challenges related to data security, privacy, and trust management in edge environments [
8]. However, none of the existing ZTA frameworks are adapted to the temporal variation of the 5G network, where the real time of the network is subjected to fluctuations; device mobility, ephemeral connections, and alternating threat landscape call for certain monitoring and policy deployment on a more frequent basis [
9,
10,
11,
12]. This gap highlights the need for adaptive Zero Trust (ZT) policy management that is specifically adapted to 5G’s operation [
13].
There are three core imperatives driving the transition to adaptive ZT in 5G. First, ZTA models that incur delays as high as 150 ms are incompatible with requirements of 5G’s ultra-reliable low latency communication (URLLC) needs including 1 ms, or less, latency for industrial automation [
14,
15,
16]. Second, as IoT devices are still projected to grow exponentially to 25 billion by 2025, context aware access controls are needed to confine the lateral movement attack in an environment with a hyper connection [
15,
16,
17]. Third, 5G networks are multi domain and need such trusted, unified and AI driven policy orchestration across vendor slices and edge nodes to coordinate the trust fragmentation [
18,
19,
20]. Challenges to SPM include this need to ramp up security at a speed faster than that at which changes in the load are detected. AI powered anomaly detection can reduce the false positives by 35% [
21,
22,
23], and lightweight authentication protocols in 5G Vehicular Networks (VANETs) leads to a latency of 15 ms [
24]. Adaptive ZT not only mitigates risk but also enables the full deployment of 5G’s speed, scalability and the next-generation applications such as autonomous transportation to secure smart grids.
Granular access control [
25] and multi domain trust [
26] are already a part of existing ZT frameworks for 5G but do not include adaptive mechanisms for updating the policies in real timely environments. Static policies lead to inefficiencies, with 67% of 5G security breaches stemming from delayed threat responses [
27,
28,
29,
30]. Despite advancements in AI-driven security [
31,
32,
33] and Zero Touch Network and Service Management [
34,
35], ZT integration remains fragmented, especially in heterogeneous 5G use cases like IoT and edge computing, expected to reach 25 billion devices by 2025 [
11]. Scalability remains a concern, as Bello et al. [
5] report latency spikes exceeding 150 ms in ZT-enabled 5G core networks, affecting URLLC requirements. Our approach addresses these limitations by proposing an adaptive ZT policy engine leveraging federated reinforcement learning (FRL) and context-aware authentication, synthesizing insights from AI-driven adaptive systems [
23] and decentralized trust models [
4]. Unlike static frameworks [
20], our method dynamically evaluates risk scores using real-time telemetry (e.g., device posture, traffic anomalies) and optimizes policy enforcement via lightweight microservices, reducing latency by 40% in simulations. Integrating Jorquera et al.’s [
14] Trust-as-a-Service (TaaS) with Li et al.’s [
17] game-theoretic defenses ensures scalable, automated 2 policy management, validated in 5G multi-domain scenarios [
6], bridging the adaptability gap while ensuring compliance with 3GPP’s 5G security standards.
The novelty of this research lies in the integration of adaptive trust scoring, reinforcement learning, and blockchain-based identity verification within a unified Zero Trust framework tailored for 5G environments. Unlike static Zero Trust models that rely on predefined policies, SecureChain-ZT continuously evaluates user and device behavior in real time and updates access control decisions based on contextual risk assessments. The model also supports slice-specific policy enforcement, allowing fine-grained control across heterogeneous 5G network slices such as industrial IoT, smart cities, and healthcare. By combining decentralized blockchain authentication with AI-powered anomaly detection and automated policy updates, the proposed system offers a scalable and intelligent security architecture that addresses the limitations of traditional perimeter-based and semi-static Zero Trust approaches.
1.1. Aims and Objectives
The primary aim of this research is to develop an adaptive Zero Trust (ZT) policy management framework that enforces context-aware security controls, reduces latency and administrative overhead, and ensures scalability across heterogeneous 5G environments. To achieve this, the paper sets out the following research goals:
To create an autonomous ZT access policy engine capable of operating in dynamic 5G environments by using reinforcement learning (RL), real-time threat intelligence, and network telemetry inputs.
To design a lightweight, microsegmentation-based ZT architecture that reduces policy enforcement latency by at least 40% compared to conventional approaches, while aligning with 5G URLLC (Ultra-Reliable Low-Latency Communications) requirements.
To integrate cross-domain reputation systems and AI-based anomaly detection to enable unified trust evaluation across diverse network slices (e.g., healthcare, finance, IoT).
To validate a decentralized, blockchain-enhanced authentication system that secures device-to-device communication in 5G-VANETs and increases resistance against lateral movement attacks.
1.2. Contributions
Building upon these goals, this paper introduces AZTPF (Adaptive Zero Trust Policy Framework)—an AI-driven solution that dynamically enforces Zero Trust security policies in 5G networks. The major contributions of this research include:
An AI-enhanced Zero Trust threat detection mechanism that employs machine learning for real-time risk assessment and threat mitigation.
A context-aware trust evaluation engine that continuously analyzes user and device behavior to apply dynamic access control decisions.
The integration of reinforcement learning for automated policy adaptation, reducing false positives, authentication delays, and manual intervention.
A blockchain-supported policy enforcement system to support decentralized trust and identity validation across multiple 5G slices and edge environments.
A full system simulation and performance evaluation, demonstrating improvements in security, reduced latency, improved scalability, and adaptability over traditional ZT models.
Despite several advances in Zero Trust frameworks for 5G, most existing works either rely on static policy rule sets or lack the integration of intelligent, autonomous policy adaptation mechanisms. They also fail to address the unique challenges posed by real-time 5G network slicing, such as latency-sensitive access control and dynamic trust scoring. Moreover, limited attention has been paid to combining blockchain-based identity verification with AI-powered anomaly detection in decentralized architectures. Prior approaches such as those by [
17,
23] focus on policy control or authentication layers separately, without a unified, end-to-end adaptive enforcement model. This research fills that gap by introducing SecureChain-ZT—a slice-aware, AI-integrated Zero Trust framework with real-time decision-making, risk-sensitive adaptation, and blockchain-based policy validation.
The rest of the paper is organized as follows:
Section 2 reviews existing Zero Trust models in 5G networks and identifies key research gaps.
Section 3 outlines the proposed methodology, including dataset processing, model design, and system architecture.
Section 4 presents simulation results and evaluates the performance of SecureChain-ZT using multiple security and latency metrics.
Section 5 discusses key findings and highlights limitations. Finally,
Section 6 concludes the paper and suggests future research directions.
2. Literature Review
Currently there is a convergence of 5G networks and ZTA that proves as a critical paradigm in satisfying evolving cyber threats in hyper connected environments. Traditional perimeter based security models, for example sake, are obsolete for 5G’s dynamic multi domain ecosystems; such as, edge computing, IoT, and network slicing [
19]. As pointed out by Lyu et al. [
19], 67% of 5G security breaches are caused by a lack of response to threats in a timely manner due to static policies, and this highlights the need for adaptive ZTA. ZTA principles like “never trust, always verify” have already been established, and although the principles are well studied, implementation in 5G is especially challenging with 5G, because of its latency constraints, need for scalability, and various trust boundaries [
22]. For example, ZT-enabled 5G core networks are shown by Bello et al. [
5] to provide more than 150 ms latency spikes which violate URLLC requirements. Thus, there is a gap and an urgency of adaptive policy frameworks that go between security and performance.
Conceptually, the evolution of ZTA in cloud and 5G networks has been quite different. In this regard, such work was pioneered by Ike et al. [
11] for providing granular, dynamic and context aware policy enforcement in cloud networks. Yet, their framework is not integrated with the 5G’s distributed architecture, which is comprised of network slices and multi-vendor environments that make trust management a complex problem [
14]. A multi-domain trust framework for 5G based on Software-Defined Networking (SDN) was proposed by Jorquera Valero et al. [
14] to automate the security policies. Their approach reduced the manual interventions by 30 percent but their approach had 30 percent dependency on centralized controllers resulting in bottlenecks for large scale involvement. Similarly, Liyanage et al. [
18] surveyed Zero Touch Network and Service Management (ZSM), identifying automation as a key enabler for ZTA. Yet, their study noted that only 22% of ZSM implementations incorporate real-time threat analytics, limiting adaptive capabilities.
Artificial Intelligence (AI) and Machine Learning (ML) have been widely explored to enhance ZTA adaptability. Jiang et al. [
13] designed an AI-driven security system for 5G smart grids, combining neural networks and case-based learning to achieve 89% accuracy in anomaly detection. However, their model focused narrowly on smart grids, neglecting broader 5G use cases like VANETs or industrial IoT. Nour [
23] advanced this by proposing a dynamic Zero Trust Intrusion Detection System (ZT-IDS) for 5G IoT, using ML to reduce false positives by 35%. Despite these strides, Tiwari et al. [
27] identified a critical gap: most AI-driven ZTA models lack interoperability with legacy 5G protocols, causing compatibility issues in hybrid networks. Furthermore, Awan et al. [
4] demonstrated that blockchain-based ZT access control introduces 20–30 ms overhead per transaction, which is unsustainable for latency-sensitive applications like autonomous vehicles.
Multi-domain trust management remains a persistent challenge. Jorquera Valero et al. [
14] introduced a TaaS, a reputation-enabled framework for 5G resource provisioning, achieving 92% accuracy in malicious node detection. Nevertheless, their work did not address cross domain policy harmonization’s result being a fragmented trust evaluation in multi operator scenarios. To tackle this, Li et al. [
17] proposed a game theoretic defense against lateral movement attacks in 5G multi domain networks and decrease breach rates by 40%. However, their approach was quite computationally intensive and thus was not scalable. In comparison with them, Jamil et al. [
12] proposed a lightweight ZT framework for 5G VANETs with 15 ms authentication latency using elliptic curve cryptography. However, their solution is not combined with AI enabled policy engines, which thus hinders real time adaptation.
Much effort has been given to decentralizing architectures to offer scalability and latency. As mentioned in Coronado et al. [
6], 78% of ZTM solutions leverage centralized orchestration, a strategy that is ill suited for 5G’s distributed edge nodes. In 6G, Ridhawi et al. [
24] proposed a decentralized ZT framework for the 6G digital twins that reduces authentication latency by 25%. But it is unrealistic in 5G’s heterogeneous environment, and their model also assumes uniform trust across domains. Gazeta [
10] offered an application of this, where Ge et al. advanced an IoT game theoretic ZT authentication scheme with Gazeta, that reduced lateral movement attacks by 35%, through stochastic modeling. Despite these innovations, Porambage [
20] highlighted that 60% of telecom operators still rely on static ZT policies, citing complexity in transitioning to decentralized models.
Furthermore, Adaptive policy enforcement mechanisms are critical to address 5G’s dynamic threat landscape. El Rajab et al. [
8] emphasized that zero-touch networks require self-optimizing ZTA frameworks, yet existing solutions lack context-aware risk scoring. Feng et al. proposed a dual-layer ZT architecture for 5G industrial MEC, reducing unauthorized access incidents by 50% through role- and attribute-based controls. However, their framework’s reliance on predefined policies limits responsiveness to novel threats. Da Silva et al. [
7] introduced an adaptive access control system for smart homes, using real-time user behavior analytics to achieve 94% policy accuracy. While effective in constrained environments, their model does not scale to 5G’s macro-level networks. Asensio-Garriga et al. [
3] bridged this gap with a ZSM framework for Beyond 5G (B5G), automating security Service Level Agreement (SLA) management. Their trials showed a 45% reduction in policy misconfigurations, but interoperability with legacy systems remained unresolved.
The growing adoption of ZTA across industries highlights its critical role in securing digital ecosystems. Joshi [
15] reports that 72% of organizations implementing ZTA see improved resilience against ransomware, 4 driven by AI and blockchain. In 5G, tailored security frameworks are essential for diverse use cases like healthcare and smart manufacturing. Sowjanya et al. [
26] note that 5G’s service-based architecture aligns with ZTA, yet only 34% of telecom operators have moved beyond pilot phases due to interoperability issues. Addressing these gaps requires industry-specific ZTA models that balance scalability with sector-specific security needs, such as ultra-low latency in industrial automation and data sovereignty in healthcare.
Cloud-native 5G infrastructures redefine ZTA strategies, leveraging containerized cores for improved security. Kholidy et al. [
16] demonstrate a 40% reduction in mean time to detect (MTTD) threats through Kubernetes-based policy automation. Ali [
1] introduces a dual fuzzy logic model for trust-aware authentication in MEC, achieving 92% accuracy in detecting compromised nodes with sub-20 ms latency. Valero et al. [
28] propose TaaS for dynamic access control, yet Sarkar et al. [
25] caution that 58% of cloud-based ZT implementations suffer from policy inconsistencies, necessitating unified cross-cloud governance as 5G workloads shift increasingly to the edge.
With IoT proliferation in 5G, ZTA must address mobility and scalability challenges. Annabi et al. [
2] report that 63% of automotive cyberattacks exploit weak authentication, highlighting the need for context-aware security. Feng et al. [
9] propose a dual-layer ZT framework integrating role-based access control and real-time posture checks, reducing unauthorized access by 55%. Veeramachaneni [
29] emphasizes ZT-integrated Identity and Access Management (IAM) for seamless credential management. However, Annabi’s findings show 70% of V2X systems lack adaptive risk scoring, leaving them vulnerable to lateral attacks.
Recent advancements in Zero Trust frameworks and secure 6G network architectures have broadened the scope for Zero Trust implementation in cyber-physical systems and distributed computing. [
30] proposed Zero Trust strategies specifically designed for cyber-physical systems operating within 6G environments, emphasizing dynamic policy enforcement and decentralized access control. In a related study, they further extended Zero-Trust principles to secure distributed edge and fog computing layers, reinforcing trust evaluation in volatile 6G ecosystems [
31,
32] conducted a critical analysis on securing 5G virtual networks through the lens of SDN, NFV, and network slicing security, outlining architectural vulnerabilities and proposing hardened trust boundaries. Complementary work by [
33] focused on machine learning–based security solutions for IoT-edge integrated healthcare systems, showcasing real-time adaptability and resilience. Additionally, [
34] introduced security reference architecture for NFV-based systems, aiming to align Zero Trust with standard virtualization protocols. On a related technological front, [
35] utilized NLP and sentiment analysis to assess institutional engagement and identity on X (formerly Twitter), offering insights into trust and sentiment modeling that could inform social trust metrics in Zero Trust frameworks.
AI-driven ZTA models must dynamically adjust policies based on real-time telemetry, such as geolocation shifts or abnormal data patterns in vehicular networks. Synthesis of these works reveals three unresolved challenges:
Latency-Security Trade-offs: Existing ZTA models either prioritize security at the cost of latency (e.g., blockchain-based systems [
4]) or optimize performance with weakened safeguards (e.g., lightweight frameworks [
12]).
Cross[-Domain Trust Fragmentation: Multi-domain 5G environments lack unified trust evaluation mechanisms, leading to inconsistent policy enforcement [
17].
Limited AI-5G Protocol Integration: Most AI-driven ZTA solutions operate in isolation, failing to align with 3GPP standards or network slicing requirements [
21].
Comparative table of studies are shown in
Table 1.
3. Methodology
Here, we present the methodology adopted to develop, implement, and evaluate the proposed SecureChain-ZT framework. This section provides a structured explanation of each phase involved in the research process to ensure scientific rigor and reproducibility. It begins by describing the data collection process, including the use of real-time and synthetically augmented network datasets obtained from diverse 5G-enabled infrastructure scenarios. The methodology also includes the preprocessing steps applied to clean, normalize, and anonymize the raw data, making it suitable for downstream model training and evaluation. Following this, the model design approach is detailed, highlighting how blockchain-backed authentication, AI-based anomaly detection, and adaptive Zero Trust policies are integrated into the SecureChain-ZT architecture. The model selection rationale, system parameters, and simulation settings are also outlined to provide transparency and reproducibility. Additionally, the performance evaluation strategy is explained, including the metrics used to assess authentication accuracy, threat detection, policy enforcement efficiency, latency overhead, and system adaptability under dynamic network conditions. By detailing each of these stages, the methodology section ensures that the research is not only technically sound but also aligned with best practices in cybersecurity research. It provides a foundation that supports the credibility and replicability of the results presented in later sections of the paper.
3.1. Dataset Collection
The data used in this study was taken from several trustworthy sources and therefore it is not a homogeneous data set for the diversity and representativeness purposes, as data taken from several sources. It is comprised of real time network traffic logs, 5G infrastructure security event records, and authentication logs. The network slices that we collected the data from were from various critical domains like healthcare, finance and industrial IoT. In order to make the model more robust, more synthetic data was generated to generate data for edge cases and adversarial attacks. All the data was preprocessed to remove inconsistencies, to normalize the values and to anonymize sensitive data which comply with the privacy rules. Sourced from repositories such as CIC-IDS 2018 Dataset and TON_IoT Dataset. The dataset consists of real-time 5G network logs, session metadata, and synthetic intrusion events. Features include login frequency, session duration, anomaly scores, and attack labels. These were used to model adaptive trust scoring and latency thresholds. A total of 500 devices across 5 slices (Industrial IoT, Vehicular, Healthcare, Finance, Smart Cities) were simulated.
3.2. Dataset Description
This research utilizes a comprehensive dataset comprising real-time network traffic logs, security event records, and authentication logs gathered from operational 5G-enabled infrastructures. It takes in data from several network slices (critical such as) healthcare, finance, industrial IoT, and smart city applications. The attributes of the dataset are various including, user access pattern, device authentication logs, traffic flow anomalies, intrusion tries. And to strengthen the dataset’s robustness, synthetic data augmentation such as adversarial scenarios and rare edge case simulation were added to the dataset. Preprocessing of the data was added in order to remove inconsistencies, normalize numerical values, deal with missing values and anonymize sensitive user information in compliance with privacy regulations. As a result, the final dataset is structured and unstructured data to develop advanced security models to detect unauthorized access and cyber threat in real time. The data set used in this work is a good base on which to evaluate the effectiveness of the proposed Zero Trust security framework in dynamic 5G environments. In our simulation, the maximum number of devices involved was = 500, including a mix of IoT nodes, user endpoints, and service gateways across five network slices.
The features extracted from the dataset were directly used to define and calibrate parameters in the proposed mathematical model. Specifically, metrics such as user login frequency, session duration, device trust scores, anomaly scores, and intrusion flags were used to compute dynamic trust thresholds
, latency bounds
, and policy update triggers. These inputs allowed the SecureChain-ZT framework to learn adaptive behaviors and make context-aware security decisions in real-time. Thus, the dataset not only supports model training and evaluation but also forms the foundation of the analytical model presented in
Section 4.3.
3.3. Computing Environment
All simulations, model training, and evaluation experiments were conducted on a dedicated workstation configured with an Intel Core i7 (12th Gen, 3.4 GHz) processor, 32 GB RAM, and a 1 TB SSD, running Ubuntu 22.04 LTS. The AI components of the SecureChain-ZT framework, including anomaly detection and adaptive trust scoring, were implemented using Python 3.10 with TensorFlow 2.12, Keras, and Scikit-learn libraries. Data preprocessing and analytics were handled via Pandas and NumPy, while visualization was performed using Matplotlib (3.10) and Seaborn (0.13).
For simulating the blockchain-backed authentication and decentralized policy enforcement layer, we used Hyperledger Fabric v2.5 configured in a multi-node Dockerized environment. The network slicing simulation and policy orchestration were emulated using custom scripts combined with Mininet-WiFi to reflect dynamic 5G traffic conditions. All experiments were repeated across five independent trials to ensure result consistency and statistical significance.
6. Conclusions and Future Works
This research presented an Adaptive Zero Trust Policy Management framework for 5G networks, integrating AI-driven policy adaptation, blockchain authentication, and microsegmentation to enhance network security. Thus, the proposed framework greatly enhances both the authentication accuracy, threat detection, and policy enforcement at the expense of relatively low performance overhead. Adaptive Zero Trust has an authentication success rate of 97.8% and a reduction in the unauthorized access attempts from 17.5% to 2.2%. The threat detection accuracy increased to 99.3%, successfully blocking 95.6% of cyber intrusions. In 5G-enabled smart factories, cyber-physical system intrusions, including unauthorized robot access, IoT breaches, and human operator exploits, were reduced by 70–75%. The blockchain-enhanced identity security mechanism eliminated 97% of identity spoofing incidents, reinforcing Zero Trust enforcement. Furthermore, network slicing isolation security improved by up to 88%, safeguarding critical sectors such as healthcare and finance. The latency impact was minimal, reducing network delays across different slices by up to 32%, ensuring low-latency performance for real-time applications. Future work will focus on enhancing quantum-resistant cryptographic techniques for Zero Trust authentication, integrating self-learning AI models to improve real-time policy adaptation, and extending the framework to support 6G networks and satellite-based communications. Additionally, optimizing computational overhead for AI-driven decision-making and deploying a federated learning approach for decentralized Zero Trust implementation will be explored. The findings demonstrate that Adaptive Zero Trust Policy Management is a scalable and future-proof security model for 5G and beyond, ensuring highly secure, resilient, and intelligent network infrastructure. The SecureChain-ZT framework achieved 98.6% authentication accuracy, reduced latency by 62.6%, and blocked 95.6% of intrusion attempts. Compared to baseline AI-ZT models, it demonstrated a 34% improvement in policy update speed. These results validate the proposed model’s contribution to secure, low-latency policy enforcement in 5G environments.
Building upon the promising results of this research, several avenues can be pursued to further enhance the Adaptive Zero Trust Policy Framework (AZTPF). First, we plan to integrate quantum-resistant cryptographic techniques, such as lattice-based or hash-based cryptography, into the framework. As quantum computing capabilities evolve, traditional encryption methods like RSA and ECC may become vulnerable. Incorporating post-quantum cryptography will ensure that the authentication mechanisms within AZTPF remain secure against quantum-enabled attacks, especially for critical applications such as finance, healthcare, and autonomous systems.
Secondly, we aim to advance the intelligence of AZTPF by developing self-learning AI models. These models will utilize continual learning and online training approaches to automatically refine security policies in response to new threats and behavioral patterns in real time. This will reduce reliance on human administrators, minimize policy drift, and enhance the system’s responsiveness in dynamic 5G environments.
Another critical direction involves extending the applicability of AZTPF to future communication paradigms such as 6G networks and satellite-based systems. As 6G is expected to support ultra-massive machine-type communications (umMTC), intelligent surfaces, and terahertz frequencies, the security policies will need to be more adaptive, distributed, and resilient. Similarly, satellite integration will require handling asynchronous connectivity and global trust management, which AZTPF can potentially address with appropriate modifications.
Moreover, to ensure scalability and efficiency, we will explore ways to minimize the computational overhead of AI-based policy decision-making. This includes optimizing inference pipelines, leveraging edge AI accelerators, and using model pruning and quantization. Reducing resource usage without compromising detection accuracy is essential for deployment in resource-constrained edge devices and IoT nodes.
Finally, we plan to implement a fully decentralized version of AZTPF using federated learning. This will enable collaborative model training across distributed network slices, domains, and edge nodes while preserving data privacy. By avoiding centralized bottlenecks and enabling privacy-preserving threat intelligence sharing, federated learning can significantly improve the robustness, scalability, and real-time capabilities of Zero Trust security in heterogeneous 5G and beyond networks.