1. Introduction

2. Overview of ZTA

Table 1. Contrasting the conventional security model with the zero trust model

2.1. ZTA Logical Components

The architecture is made up of various services that have multiple logical components. These components are operated through the cloud, either onsite or offsite. National Institute of Standards and Technology (NIST) [10] has defined three of these components as core: Policy Engine (PE) in the control plane, Policy Administrator (PA) in the control plane, and Policy Enforcement Point (PEP) in the data plane. These three components are displayed in the Figure 2. Their functions include the following:

• PE: makes access decisions according to the policies of the company. The system achieves this by utilizing external inputs and employing a TA as its cognitive mechanism.
• PA: works along with the PE to provide or refuse access depending on the PE’s decision. This system may be seamlessly included with PE and establishes communication with PEP for the purpose of enforcing policies.
• PEP is responsible for facilitating, overseeing, and terminating the connection between the subject and the resource. The system consists of two sub components: the client (such as an agent installed on a device) and the resource (such as a gateway). The trust-zone is typically located beyond the PEP. Apart from the core components, [9] mentions several additional components that help achieve zero trust security, including continuous monitoring. The decision to allow access is made by the PE using Trust. This utilizes various measures such as diagnostics, mitigation, data access policies, identity management, Security Information and Event Management (SIEM) alongside activity logs.

Table 2. ZTA components for IoBT.

Table 2. ZTA components for IoBT.

ZTA Component	Component Description
Access Management: - Identity Access Management - Privilege Access Management - Whitelisting	Defines and manages the roles and access privileges of individual network users and the circumstances in which users are granted (or denied) those privileges. Access management is the process of controlling and monitoring access to resources within the IoBT (Internet of Battlefield Things) network. Access management guarantees that only authorized people or devices can interact with an unmanned aerial vehicle (UAV), lowering the danger of unauthorized access, data breaches, or tampering.
Segmentation: - Micro segmentation - Macro segmentation	An approach in computer networking that is the act or practice of splitting a computer network into sub-networks, each being a network segment. Micro-segmentation involves dividing networks into logical units and applying policies to control access to data and applications within these segments. By segmenting the network and restricting traffic between segments, organisations can significantly enhance security. Micro-segmentation for UAV security in IoBT networks aids in establishing of discrete zones or compartments within the network, hence limiting the attack surface and preventing lateral threat movement.
Encryption: - Data-at-Rest - Data-in-Transit - Data-in-Use	The process of encoding information. Keeps data encrypted while in transit between the enterprise server and the device itself. In the context of UAV security in IoBT networks, data encryption ensures that sensitive information exchanged between the UAV and ground stations or other network components is secure and confidential.

2.3. Analysis of the ZTA’s Role in IoBT and Refinement of ZTA Protocols to Address IoBT Challenges

The ZTA has been able to secure the IoBT network and protect the operations of the UAVs with strong authentication and authorisation methods, continued verification, continued monitoring, micro-segemtation and strict access control. However, the IoBT experiences some challenges that may influence the refinement of the ZTA protocols. One of the challenges experiences by the IoBT is security vulnerability associated with those battlefield devices. Many IoBT devices lack proper configuration of encryption and authentication mechanisms and the diversity of these IoBT devices makes them easy targets to cyber criminals who can exploit the weak security measures of these devices to gain unauthorized access to the battlefield network and manipulate the data there. To overcome this challenge, there must be strict adherence of the ZTA principle of "never trust, only verify" to ensure all loBT devices are properly configured before given access. Additionally, the absence of standardization in the IoBT is a difficulty. Without uniform standards, interoperability of IoBT devices suffers greatly, and with unstandardized security procedures across IoBT devices, cyber thieves can infiltrate the network’s weakest link. This might lead to serious breaches involving vast amounts of data, with severe consequences for privacy and financial loss. ZTA would need to strike a compromise between standardization and guaranteeing that all IoBT devices are uniformly standardized. Furthermore, the IoBT is concerned with privacy hazards since sensitive data may slip into the wrong hands. This emphasizes the importance of the ZTA implementing strong security measures as well as thorough privacy legislation. Moreover, the rapid rate at which IoBT data is generated exacerbates these management problems, necessitating real-time or near-real-time processing to extract timely insights and enable swift decision-making. This demonstrates that ZTA’s network access advantages for UAVs must be balanced against the operational speed required in IoBT, which promotes real-time or near-real-time processing to extract timely insights and enable rapid decision-making.

Table 3. Challenges in implementing ZTA for UAV security in IoBT.

Table 3. Challenges in implementing ZTA for UAV security in IoBT.

Challenges	Possible Solutions
Cultural Barriers and Organizational Resistance: Organizational culture must change to implement Zero Trust in place of conventional security paradigms. The zero trust concepts of least privilege access and constant verification may not sit well with team members used to perimeter-based trust models.	Providing tangible evidence of successful UAV deployments in IoBT, including improved operational efficiency, enhanced situational awareness, and reduced risks to personnel, can help overcome skepticism and build trust in the technology. Also through implementing change management strategies, comprehensive training.
Problems with integration and technical complexity prevent UAVs from being fully utilized in the Internet of Battlefield Things (IoBT). Advanced technology is needed for UAV systems in order to integrate payloads, operate autonomously, and maintain cybersecurity.	Collaborative development activities are crucial to addressing the issues given by technical complexity and integration when introducing UAVs into the Internet of Battlefield Things (IoBT). Promoting standardization projects and allocating resources towards continuous improvement techniques can effectively optimize integration procedures and guarantee smooth interoperability throughout the IoBT network.
One of the biggest challenges in using UAVs in the Internet of Battlefield Things (IoBT) is striking a balance between security and usability. Robust cybersecurity protections are vital to fend against threats like jamming and hacking, but in order to maintain smooth and productive operation in dynamic battlefield conditions, they must be balanced with usability needs. Comprehensive risk assessment, user-friendly security protocol implementation, continuous monitoring, and adaptation to changing threats and operational requirements are all necessary to achieve this balance.	Balancing security and usability in UAV implementation within IoBT necessitates creating intuitive interfaces and speeding authentication processes to ensure user productivity while improving security safeguards. Optimising procedures enables efficient operation while maintaining the effectiveness of security upgrades.
Financial considerations are important in the deployment of UAVs within the Internet of Battlefield Things (IoBT). UAV system procurement, maintenance, and operation incur significant expenditures, including initial hardware, software, and infrastructure investments, as well as continuous fees for training, support, and upgrades.	To mitigate the financial impact, strategies such as leveraging economies of scale through centralized procurement, prioritizing cost-effective UAV models with long-term viability, and exploring public-private partnerships for shared investment and resource allocation can help optimize budget utilization and ensure UAV deployment affordability within IoBT.
Data privacy and regulatory compliance are key barriers to the deployment of UAVs in the Internet of Battlefield Things (IoBT). Strict rules govern the collection, storage, and transmission of sensitive data recorded by UAVs, requiring compliance with privacy laws and security requirements to prevent unauthorized access and misuse of information.	To solve these issues, employing strong data encryption techniques, anonymizing personally identifiable information, and developing explicit standards for data management and sharing can assure regulatory compliance while protecting privacy in UAV operations under IoBT.
Organizational scalability has a substantial impact on UAV implementation within the Internet of Battlefield Things (IoBT). As demand for UAV capabilities develops and mission requirements change, organizations must ensure that their structures, processes, and people can expand to meet increasing operational demands.	Implementing flexible organizational structures, engaging in ongoing training and development programs, and developing relationships with industry and academics can improve organizational scalability, allowing for effective use of UAVs in a variety of operational scenarios within IoBT.

3. Literature Review

3.1. Related Work of Zero Trust

In 2010, Kindervag [16] introduced a zero trust architectural model and provided a practical implementation methodology. Their publication proposed a ZTA, emphasizing the "Data Acquisition Network" (DAN). The DAN system streamlines the extraction of network data to the management center, enabling real-time inspection and analysis. This, in turn, results in the implementation of the zero trust concept. However, this progress accompanied by challenges, such as heightened network complexity and increased user communication delays.

Subsequently, in the year 2016, DeCusatis et al. [17] introduced a zero trust approach that relies on transport access control. The suggested method is based on the principles of stenography and overwriting. Specifically, the authentication token is hidden in the TCP request packet and the initial authentication packet. This approach strengthens enterprise security in cloud computing environments by adhering to the zero trust concept and efficiently reducing the risk of unauthorized fingerprinting of protected resources. It is crucial to highlight that while this strategy protects layer 3/4, it does not extend its security measures to layer 7.

In a further study conducted in, 2020, Rose et al. [18] provided a comprehensive summary of the prevailing fundamental ZTA schemes. Additionally, they put forth the essential logical components that constitute the ZTA. Furthermore, the authors emphasized the practical implementation of ZTA. Instead of implementing a comprehensive overhaul of infrastructure or procedures, this approach entails systematically implementing specific measures, for example, robust identity and access management (IAM) protocols, to apply ZTA in a network. currently built on a perimeter-centric architecture.

Zero trust promotes a host-based monitoring approach, allowing each device owner to define the methods and criteria to access it. This indicates that the host can dictate the target audience while prohibiting unauthorized users from accessing the restricted data [19]. Zero Trust security guarantees that no item within the system limits can stray out of scope. As a result, every component is treated as a potential target for either accidental or adversarial effects [20]. According to the US Department of Defense, zero trust (ZT) embeds security throughout a defined and limited framework, preventing malicious actors from accessing essential resources. This works in the sense that every device, application, user and network are managed and monitored within the defined security perimeters. This mitigates the risk of unverified trust that can lead to serious security breaches [21]. For already established entities with traditional cybersecurity implementations, migrating and adopting ZTA can involve various principles and stages.

NIST advises that an organization can pursue the adoption of the ZTA from an incremental perspective. This means that enterprises can choose to adopt the new security framework from a hybrid standpoint, involving both the zero trust and perimeter-based mode for an indefinite period. The Canadian Government suggests that the implementation of zero trust security systems can also leverage software-defined approaches which can help in building security environments that allow context-based and logical access in various application systems. Using such approaches can limit access to application assets in public visibility since the trust broker must validate the identity, context, and policy adherence of the specified users [22]. ZTA thrives on creating a paradigm that relies on the “never Trust, always verify” principles. The deployment of a zero trust system within a given system can restrict access to resources by only permitting "trusted agents". The validation of every access by the trusted agents is necessary and continuous [23]. This approach aims to eliminate unauthorized access to the system’s data and services, thus security enforcement becomes more granular by breaking down privileged access to resources into little pieces.

In order to address the issue of trust deficit, the researchers in [24] utilized ZTA framework to create a trust model customized for cloud environments. The research introduces a comprehensive model aimed at enhancing trust within an organization’s information system. The model’s design integrates reference components sourced from the National Institute of Standards and Technology. The researchers conducted a performance analysis to evaluate the effectiveness of the proposed model. The results clearly demonstrated that the distribution of trust-based nodes can effectively mitigate intrusions. Due to the existing shortcomings of cybersecurity measures in virtual power plants, the authors in [25] implemented ZTA as a means to improve privacy and data protection within the energy sector. Their approach was based on the fundamental principles of ZTA and demonstrated satisfactory performance, offering a viable solution to mitigate the risks of data theft and breaches. Since the beginning of the pandemic, there has been a considerable increase in the use of zero trust, resulting in significant shifts in workplace dynamics.

Organizations have implemented remote working arrangements in an effort to mitigate the spread of viral infections. However, this approach has inadvertently made networks and systems more vulnerable to intrusion. To address this issue, the zero trust model has gained popularity as a means to bridge the gap in network security and prevent hacking incidents. As a result, various organizations, including prominent institutions such as the United States government’s Department of Defense, Department of Health and Services, and Department of Homeland Security, have adopted this model [26]. In order to facilitate the widespread implementation and utilization of the model, some information technology companies have devised a functional prototype that aligns with the principles outlined in the NIST policy. One notable organization that has made significant contributions in this regard is Microsoft [27]. Table 4 represent summary of articles for zero trust.

Table 4. Summary of Articles Table for Zero Trust.

Table 4. Summary of Articles Table for Zero Trust.

Paper	Year	Key Findings	Description
Kindervag [16]	2010	Proposed a ZTA, emphasizing the "Data Acquisition Network" (DAN)	This report paper is a deep dive into how you can potentially use and implement the Zero Trust model concepts in the real world. One of the most important goals is to improve security architectures and technologies for future usage. This paper can benefit you in starting to design infrastructure using zero trust. Their publication proposed a ZTA, emphasizing the "Data Acquisition Network" (DAN). The DAN system streamlines the extraction of network data to the management center, enabling real-time inspection and analysis.
DeCusatis et al. [17]	2016	Principles of steganography and overwriting. In particular	This paper introduced a zero trust approach that relies on transport access control. The suggested method is based on the principles of steganography and overwriting. In particular, the authentication token is hidden in both the TCP request packet and the initial authentication packet. By adhering to the zero trust principle, this approach strengthens the security of enterprises functioning in cloud computing environments and efficiently reduces the risk of unauthorized fingerprinting of protected resources.
Rose et al. [18]	2020	Authors placed greater emphasis on the execution of ZTA, with a particular focus on achieving the realization of ZTA	Authors put forth the essential logical components that constitute the ZTA. Furthermore, the author placed greater emphasis on the execution of ZTA, with a particular focus on achieving the realization of ZTA. Instead of implementing a comprehensive overhaul of infrastructure or procedures, this approach entails a systematic implementation of specific measures to apply ZTA in a network that is currently built on a perimeter centric architecture.
[23]	2023	Implementation of the zero trust system can reduce access to resources by only allowing “trusted agents”.	This paper advices to use ZTA for creating a paradigm that relies on the “never Trust, always verify” principles. Within in a given system, the implementation of the zero trust system can reduce access to resources by only allowing “trusted agents”. The validation of every access by the trusted agents is necessary and continuous. This approach targets eliminating unauthorized access to data and services of the system and so, the security enforcement becomes granular through dividing up privileged access to resources into small pieces.
[24]	2021	ZTA framework is utilized to create a trust model customized for cloud environments.	The research introduces a comprehensive model aimed at enhancing trust within an organization’s information system. The model’s design integrates reference components sourced from the National Institute of Standards and Technology. The researchers conducted a performance analysis to evaluate the effectiveness of the proposed model. The results clearly demonstrated that the distribution of trust-based nodes can effectively mitigate intrusions.
[25]	2022	Implemented ZTA as a means to improve privacy and data protection within the energy sector.	Their approach was based on the fundamental principles of ZTA and demonstrated satisfactory performance, offering a viable solution to mitigate the risks of data theft and breaches. The adoption of zero trust has experienced a notable increase in usage scenarios since the onset of the pandemic, resulting in significant shifts in the dynamics of the workplace setting.

3.2. Related work of UAV

Paper Finn et al. [28] utilization of UAVs for surveillance and civilian assignments has increased significantly in recent years. Moreover, UAVs will have an increasing number of uses in the future. The accelerated development of technology permits the diminution of device size and price. All of this makes it possible to utilize UAVs in ways that ten years ago were unimaginable. UAVs have a variety of social applications, including search and rescue operations [29], automatic forest fire surveillance and measurement [30] and disaster management [31]. Commercial tasks are also found in the agriculture [32], construction [33], surveying and geology [34], surveillance [35], and film industries [36] industries.

Compared to alternative choices, the affordability of new UAVs and their applicability across diverse fields have generated significant attention for this technology. The widespread use of UAVs has reached a point where regulations are necessary to curb illicit activities and mitigate accidents. Numerous studies have explored the legal implications of utilizing robots and autonomous systems, particularly in sectors like video surveillance, image rights, and defense. Addressing these intricate matters is already a central focus in managing the deployment and operation of UAVs. Finn and Scheduling [37] conducted among the initial comprehensive analyses of these legal and ethical issues. However, an analysis of the vast array of UAV capabilities is insufficient for the development of a platform to monitor UAV flights. When developing the platform, security and legal considerations must be taken into account, as all laws governing the utilization of these vehicles should be incorporated into the platform, and the UAV must be protected from attacks that could compromise its operation or cause of loss sensitive data, the issue can be fixed by implementing the zero trust in UAVs. Table 5 represent summary of articles for UAV.

Table 5. Summary of Articles Table for UAV.

Table 5. Summary of Articles Table for UAV.

Authors	Key Findings	Research Type
U.S. Department of Defense	zero trust (ZT) enhances security by embedding it throughout the framework, limiting unauthorized access.	Government Report
NIST	Organizations can adopt zero trust incrementally, combining it with perimeter- based security for a period.	Government Report
Canadian Government	zero trust security can leverage software- defined approaches, enhancing context-based access control.	Government Report
Unnamed Paper (Finn et.)	Unmanned Aerial Vehicles (UAVs) have diverse applications, spanning surveillance, search and rescue agriculture, and more.	Academic Paper
R. L. Finn and D. Wright (2012)	UAVs raise legal and ethical issues related to surveillance, privacy, and civil applications.	Academic Paper
S. Waharte and N. Trigoni (2010)	UAVs can support search and rescue operations.	Conference Paper
Merino et al. (2012)	UAVs can be used for automatic forest fire monitoring.	Academic Paper
M. Quaritsch et al. (2010)	Networked UAVs have the capability to operate as an aerial sensor network dedicated to disaster management.	Academic Paper
D. Gómez-Candón et al. (2014)	UAV imagery is accurate for precision agriculture purposes.	Academic Paper
Y. Ham et al. (2016)	UAVs can visually monitor civil infrastructure systems.	Academic Paper
S. P. Bemis et al. (2014)	Photogrammetry, whether ground-based or UAV-based, serves as a high-resolution mapping tool for structural geology	Academic Paper
C. Bracken et al. (2014)	UAVs raise privacy implications in Canada due to surveillance.	Report
J. Fleureau et al. (2016)	An all-encompassing drone control platform can independently capture cinematic scenes	Conference Paper
A. Finn and S. Scheding (2010)	Advancements and obstacles are present in autonomous unmanned vehicles.	Academic Paper

3.3. Related Work of Zero Trust in UAV Using ML

Nour [38] provides an in-depth study of Internet of Things (IoT) security vulnerabilities and highlights the limitations of limited power capacity, which compromises encryption and timely updates. The study highlights the importance of a zero trust model for IoT and the risks of not applying such strong authentication and authorization measures. Using 5G’s low latency potential, Nour proposes an ML-based intrusion detection system (IDS) within a zero trust framework optimized for real-time threat detection in power-constrained 5G edge environments.

Notably, after evaluating multiple ML models, decision trees and extreme gradient boosting classifiers were the most effective Ramezanpour and Jagannath [39] studied the integration of zero trust (ZT) principles into new 5G/6G communication networks and discovered significant vulnerabilities associated with such large and complex systems. By introducing Intelligent zero trust architecture (i-ZTA), they highlight its novelty in effectively handling network security with untrusted components. Their approach uniquely integrates artificial intelligence and focuses on the MED (monitoring, evaluation, and decision-making) component as critical for dynamic trust assessment. Similar to the current project, while focusing on 5G/6G networks, the overall principles used by i-ZTA and AI can provide useful insights when applied to detect suspicious behavior in military drones under a zero trust framework.

Keshavarz et al. [40] addressed critical security vulnerabilities faced by drones and highlighted notable threats such as Global Positioning System (GPS) spoofing, distributed denial-of-service (DDoS), and man-in-the-middle (MITM) attacks. They emphasized the urgency of ensuring the safety of drones, not only to protect their integrity, but also to protect the wider operational environment and human safety. Their core proposal is a trust monitoring mechanism, controlled by a central entity such as a ground station, that measures the trustworthiness of a drone by assessing its actions and behavior in real time. This approach can effectively identify drones that are vulnerable to cyberattacks. Kulunathan et al. [41] provided a comprehensive overview of integrating ML methods into unmanned aerial vehicle (UAV) operations and communications. The study highlights the growing synergies between ML and drones, demonstrating their joint potential to improve drone intelligence and autonomy. Their research examined four main operational components of drones where ML can make significant advances: perception, feature interpretation, trajectory planning, and aerodynamic control. A basic understanding of ML applications in drones is established, but the overarching need to increase reliability and trust in line with the goals of the future project is emphasized. The study [42] discusses the rapid development of Internet of Vehicles (IoV) technology, as well as the security threats associated with it, especially hacker attacks that could target user devices and identities. To prevent tampering attacks, the authors suggest a multi-factor authentication approach that involves device fingerprinting and Public Key Infrastructure (PKI). They utilize algorithms classified as state secrets for data encryption and blockchain technology to protect and ensure the security and integrity of data collection and transmission. The zero trust security network architecture is used to improve the system’s security during data transmission, perform dynamic access control, monitor user behavior in real-time, and eliminate malicious nodes. The paper introduces an evaluation system for vehicles based on various pass rates for authentication and acceptance rates for packet transmission.

Table 6. Summary of Articles Table for zero trust in UAV using ML.

Table 6. Summary of Articles Table for zero trust in UAV using ML.

Authors	Year	Key Focus	Methodology/Technique	Key Findings
Nour [38]	2023	IoT security vulnerabilities in 5G-based networks.	ML-based Intrusion Detection System (IDS) in a zero trust framework.	Decision Tree and Extreme Gradient Boosting were the most efficient models for real-time detection.
Ramezanpour & Jagannath. [39]	2022	zero trust in 5G/6G networks.	i-ZTA with AI, focusing on the MED components.	i-ZTA principles and AI might offer insights for detecting suspicious behavior in military UAVs.
Keshavarz et al. [40]	2020	UAV security threats like GPS spoofing, DDoS.	Real-time trust monitoring mechanism assessing UAV behaviors via a centralized unit.	Identified UAVs undergoing cyber-attacks, emphasizing real-time monitoring.
Kurunathan et al. [41]	2023	ML in UAV operations and communications.	Comprehensive review on ML methodologies within UAV operations.	Identified gaps in ML applications for UAVs, emphasizing the need for enhanced reliability and trust.

4. ZTA Implementation Techniques

4.3. Four Levels of UAV Security

In UAVs, security is an all encompassing mission. It extends far beyond the skies, delving into every facet of these autonomous flying machines. UAV security is typically categorized into four levels, each with priorities and measures. Let us embark on a comprehensive journey through these four levels, unveiling the intricacies and importance of each [44].

4.3.1. Hardware Security

For UAVs, physical security is their first line of protection. It has a variety of safeguards to protect the actual UAV and its parts from dangers like theft, tampering, or unauthorized access [46]. Imagine physical security as the fortress that houses the UAV, complete with moats, drawbridges, and impenetrable walls.

4.3.2. Software Security

Software security ensures that UAV missions are executed with the utmost security and precision. It’s like the strategic planning and coordination required for a military campaign, ensuring that the UAV operates only in authorized airspace, follows predefined flight paths, and communicates securely with ground stations.

4.3.3. Communication/Network Security

Communication and network security are the guardian of the virtual pathways that connect the UAV to the GCS via antenna. It is concerned with securing the data transmitted between these two vital nodes in the UAV ecosystem. Think of it as the invisible shield that envelops the fortress, ensuring that no message or data is intercepted or tampered with during its journey [47].

4.3.4. Sensor Security

UAVs depend on utilizing sensors to collect data about their immediate environment, this information is critical and requires protection from malicious attackers. Compromised UAV sensors might result in the failure and malfunction of the UAV system. Table 7 outlines countermeasures at the UAVs levels, focusing on current approaches that can be employed to safeguard against assaults on UAVs.

Table 7. Features of four UAV levels.

Table 7. Features of four UAV levels.

Level	Paper	Feature	Description
Hardware	[46]	Secure Storage	Protects UAV during non-operation. Fortified storage areas with surveillance and alarm systems to prevent hardware theft and unauthorized access.
	[46]	Biometric Locks	Restricts access to UAV hardware components. Only individuals with authorized biometric data (fingerprints or retinal scans) can interact with the UAV.
	[48]	Tamper-Evident Seals	Applied to critical components, similar to fortress drawbridges. Reveals signs of interference, alerting security personnel to potential breaches during storage or transport.
Software	[49]	Authorized Airspace	Ensures UAV adherence to designated airspace regulations and restrictions. Software security plans missions within authorized zones, preventing unintentional or intentional incursions.
	[50]	Predefined Flight Paths	UAV routes during missions are predefined, and software security ensures strict adherence to these paths, minimizing the risk of deviation or intrusion into unauthorized areas [50].
	[51]	Secure Communication with Ground Stations	Vital for UAV operations, software security ensures safe communication channels between the UAV and Ground Control Stations (GCS). Encryption, secure protocols, and frequency-hopping techniques protect data in transit [51].
Communication	[52]	Encryption	Foundation of communication security, transforms data into an unreadable format decipherable only by authorized recipients. End-to-end encryption ensures data security, even if intercepted [53].
	[53]	Secure Protocols	Utilizes secure communication protocols (e.g., TLS) for UAV and ground station data exchanges. Establishes secure connections to prevent eavesdropping or data manipulation [54].
	[54]	Frequency-Hopping Techniques	Involves rapidly and unpredictably changing communication frequencies. Enhances difficulty for malicious entities to intercept or jam UAV communication signals, ensuring data confidentiality [55].
Sensor	[55]	Detecting Unusual Signals	To detect GPS spoofing, observes anomalous signal power fluctuations, indicating a potential spoofing attempt. Cooperative data attestation method suggested for multiple UAV situations, validating shared data precision [56].
	[56]	Enable Autonomous Navigation	Mitigates jamming attempts by implementing a system facilitating autonomous navigation and self-directed movement in the absence of signal reception by the flight controller. Proposal presented by authors in [57].
	[57] [58].	Use of Machine Learning (ML)	Utilizes Intrusion Detection Systems (IDS) with ML algorithms to identify sensor-based attacks, whether familiar or unfamiliar [58] [59]. IDS systems gather training data from UAV onboard components, considering challenges related to energy and compute resources [59].

5. Internet of Battlefield Things Attacks

Table 8. Table of Attacks on Military UAVs and IoBT.

6. Zero Trust in Internet of Battlefield Things

6.3. Applying Zero Trust Concepts to UAVs

Incorporating zero trust concepts into UAV systems necessitates a robust framework for access control, ensuring that sensitive operations and data are shielded from unauthorized access. This paper contains three types of access control. of Role-Based Access Control (RBAC) serves as a foundational layer, restricting system privileges based on predefined roles within the UAV’s operational protocol. Complementing RBAC, Attribute-Based Access Control (ABAC) adds a nuanced layer of security by considering a multitude of attributes, such as the context of access, the sensitivity of the data, and the state of the UAV, to make real-time access decisions. For mission-critical applications like battlefield surveillance, an access control protocol specifically tailored for Surveillance-IoT can be integrated, leveraging zero trust’s rigorous verification processes to ensure that every access request is continuously validated, thus fortifying UAV networks against the evolving threats in dynamic and adversarial environments.

6.3.1. Access Control Mechanisms

• Role-based Access Control (RBAC)

RBAC is a popular access control model vital in enhancing security and managing user privileges. When integrated into zero trust drone architecture, RBAC enables fine-grained control over user permissions, ensuring that only authorized individuals can access sensitive drone systems and data.

RBAC operates on the principle of assigning permissions based on predefined roles [71]. Each role represents a set of responsibilities and tasks within an organization or system. Users are then transferred to specific parts based on their job functions or duties. RBAC simplifies access management by associating permissions with roles rather than individual users, streamlining the process and reducing administrative overhead. When integrated into ZTA, RBAC strengthens the security posture of drone systems by enforcing strict access controls. The concept of least privilege allocates rights to users and correctly defines user roles. This means users are granted only the minimum privileges necessary to perform their functions and tasks. By limiting access rights, RBAC minimizes the potential impact of a compromised user account or device, mitigating the risks associated with unauthorized access or malicious activities.

RBAC within ZTA also enables efficient and centralized access control management. The defined roles and associated permissions are managed centrally, allowing administrators to easily add, modify, or revoke access privileges based on changes in user responsibilities or organizational requirements. This centralized management ensures consistency and reduces the likelihood of access control errors or unauthorized access.

Moreover, RBAC supports the segregation of duties, which is crucial for maintaining a separation of responsibilities and preventing conflicts of interest. RBAC enables the assignment of complementary roles to different individuals, ensuring that critical tasks require multiple authorized individuals to collaborate [72]. This segregation enhances accountability and reduces the likelihood of insider threats or unauthorized actions. Integrating RBAC into ZTA for drones also enhances audibility and accountability. RBAC provides a clear audit trail by associating user actions with their assigned roles and permissions. This traceability facilitates the identification of any security breaches or policy violations, enabling swift investigation and response.

• Attribute-based Access Control (ABAC)

ABAC is an advanced access control model that provides a flexible and dynamic approach to managing resource access. When integrated into ZTA for drones, ABAC enables access decisions based on various attributes, including user location, time, device characteristics, and other contextual factors. This attribute centric approach enhances the security of drone operations by providing dynamic and context-aware access control [73].

ABAC takes into consideration multiple attributes to make access decisions. These attributes can include user attributes (such as role, department, or clearance level), environmental attributes (such as location, time, or network status), and object attributes (such as the sensitivity or classification of the resource being accessed). The attributes define the ABAC policies because of their accurate and fine-tuned access permissions. Drone systems can implement context-aware access control by leveraging ABAC within ZTA. For example, access to sensitive drone control systems or data can be restricted based on the user’s location. Access can be denied if a user attempts to access the drone system from an unauthorized area, preventing potential security breaches. Similarly, access permissions can be dynamically adjusted based on other attributes, such as the time of day or device type.

ABAC enhances security by providing dynamic access control mechanisms that adapt to changing circumstances. For instance, if a user’s clearance level or the sensitivity of specific resources changes, access policies can be automatically adjusted. This ensures that access permissions align with the current security requirements, reducing the risk of unauthorized access or data breaches. Furthermore, ABAC enables attribute-based risk assessments. By considering attributes such as user behavior patterns or device health status, access decisions can be influenced by the perceived risk level associated with a specific attribute value. For example, if a user’s behavior deviates from their usual patterns or a device is detected as compromised, access can be restricted, or additional authentication measures can be required to prevent potential security threats [74]. ABAC integration into ZTA also promotes interoperability and scalability. ABAC policies can be defined in a standardized format, such as the XACML (extensible Access Control Markup Language), allowing for interoperability across different systems and applications. Additionally, ABAC’s flexible nature enables the scalability of access control policies as the drone ecosystem expands, accommodating new attributes and adapting to evolving security requirements [75].

Table 9. Access Control Mechanism.

Table 9. Access Control Mechanism.

Mechanisms	Feature	Description
Role-Based Access Control (RBAC)	Least privilege access: Evaluates and reevaluates a user’s access based on context and adapts permissions accordingly	RBAC assigns permissions based on predefined roles, streamlining access management. In battlefield surveillance, roles could include operators, commanders, and analysts. For example, an operator may have access to live feeds, while an analyst may access historical data.
Attribute-Based Access Control (ABAC)	Evaluate several attributes for authorization decisions.	ABAC considers attributes such as user characteristics, environmental conditions, and resource properties for access decisions. In battlefield surveillance, ABAC can dynamically control access based on factors like location, mission status, and security clearance. For instance, an agent’s access may change based on their location and the nature of the ongoing mission and system will look for any unusual or anomalous behavior.

• Access Control Protocol for Battlefield Surveillance-IoT
  ACPBS-IoT is an access control protocol specifically designed for battlefield surveillance within drone-assisted IoT environments. Zhang et al. [76] introduced this protocol in their article published in 2022, titled "Ac-cess Control Protocol for Battlefield Surveillance in Drone-Assisted IoT Environment" The primary aim of ACPBS-IoT is to mitigate several security challenges by employing several robust security techniques:

  -

  Symmetric encryption: all messages between the drones and the GCSs are encrypted using symmetric encryption, which makes it difficult for an adversary to eavesdrop on the communication.

  -

  Message authentication codes: message authentication codes are used to verify the authenticity of messages, which makes it difficult for an adversary to impersonate a legitimate drone or GSS.

  -

  Key freshness: the keys used for encryption and message authentication are refreshed periodically, which makes it difficult for an adversary to crack the keys.

  -

  Replay protection: a replay protection mechanism is used to detect and prevent replay attacks.

  ACPBS-IoT has undergone extensive security evaluations, both formal and informal. The formal analysis confirms the protocol’s resilience against various potential attacks, including eavesdropping, impersonation, drone hijacking, and replay attacks. The informal analysis supports the protocol’s defense against numerous practical attacks. ACPBS-IoT presents a promising solution for enhancing security in drone-assisted IoT environments for battlefield surveillance. It incorporates multiple security features to defend against diverse threats. Nonetheless, further real-world evaluations are necessary to fully validate the effectiveness of ACPBS-IoT in actual deployment scenarios.

6.3.2. Authentication Mechanisms

• Multi-Factor Authentication (MFA)

MFA is a robust authentication mechanism that enhances the security of access to drone systems by requiring users to provide multiple authentication factors. When integrated into ZTA for drones, MFA ensures that only authenticated and authorized individuals can interact with the drone systems, adding an extra layer of protection to sensitive operations [4]. MFA combines two or more authentication factors to verify the identity of a user. These factors typically fall into knowledge, possession, and inherence. Knowledge factors include the user’s ability, such as a password or PIN. Possession factors involve something the user possesses, such as a physical token or a mobile device. Inheritance factors are based on distinctive biological characteristics, such as fingerprints, iris scans, or facial recognition.

Drone systems can establish a robust authentication process by utilizing MFA within ZTA. Passwords, the most common used knowledge factor, are strengthened by requiring additional factors for authentication. For example, after entering a password, the user may need to provide a one-time password (OTP) generated by an authentication app on their mobile device or a physical token. This combination of factors significantly reduces the risk of unauthorized access, as an attacker must possess both the password and the additional authentication factor. Biometric factors add an extra layer of security to MFA. Drones can incorporate biometric authentication methods such as fingerprint, iris scans, or facial recognition. These unique biological traits provide a high level of assurance in verifying the user’s identity. Integrating biometric authentication into MFA ensures that only authorized individuals with the correct biometric attributes can access the drone systems, further strengthening security [77].

Physical tokens, such as smart cards or hardware tokens, are possession factors that can be integrated into MFA for drones. These tokens generate dynamic authentication codes or digital signatures used with other elements to verify the user’s identity. Physical tokens offer an additional layer of protection as they are not easily replicated or compromised. The integration of MFA into ZTA for drones brings several benefits. Firstly, it significantly increases the difficulty for attackers to gain unauthorized access, as they must possess multiple factors simultaneously. Secondly, MFA reduces the reliance on passwords alone, addressing the vulnerability of password-based authentication and minimizing the risk of password related security breaches. Moreover, MFA enhances the overall security posture of drone systems by adding a layer of defense against credential theft, phishing attacks, and social engineering attempts. Even if an attacker obtains one authentication factor, they would still be unable to access the system without the other required factors.

Table 10. Different authentication approaches and their various attacks.

Table 10. Different authentication approaches and their various attacks.

Authentication Approach	Brute-Force Attack	Guess Attack	Phishing Attack	Spoofing Attack	Impersonation Attack	Apply on drone	Using zero trust	Ref.
Face Recognition	No	No	No	Yes	No	✓	✓	[78,79]
Fingerprint Scanner	No	No	No	Yes	No	✓	✓	[80,81]
Geographical Location	No	No	No	No	No		✓	[80]
Ocular-based Methods	No	No	No	No (retina) & Yes (iris)	No		✓	[78]
OTPs	No	No	Yes	No	Yes	✓	✓	[82,83]
Password/PIN	Yes	Yes	Yes	No	Yes	✓	✓	[81,84]
SmartPhone Applications	No	No	Yes	No	Yes	✓	✓	[84,85]
SmartCards	No	No	No	Yes	Yes	✓	✓	[85]
Thermal Image Recognition	No	No	No	No	No		✓	[78]
Vein Recognition	No	No	No	Yes	No		✓	[80,81]
Voice Recognition	No	No	No	Yes	No		✓	[80]

• Certificate-based Authentication

Certificate-based authentication is a robust method that utilizes digital certificates to verify the identities of devices and users. Certificate-based authentication can be used in ZTA for drones to provide secure communication channels while preventing unauthorized access to drone systems. Certificate-based authentication relies on X.509 certificates, widely adopted in PKI systems. These certificates contain the entity’s public key, digital signature, and other identifying details. They are a dependable way to confirm the legitimacy and integrity of the communicating parties and are issued by a reputable certificate authority (CA) [86].

In the case of drone systems, certificate-based authentication ensures that only trusted and authorized devices and users can access and interact with the drone systems. Each user or device is issued a unique digital certificate as a digital credential. When attempting to connect with the drone system, the machine or user presents their certificate as proof of identity [87]. The drone system, acting as the verifier, checks the presented certificate against a trusted CA’s certificate store. If the presented certificate is valid and trusted, the authentication process proceeds, allowing the device or user to access the drone system. This authentication mechanism ensures that only entities with valid and recognized certificates can communicate with the drone system, mitigating the risk of unauthorized access. Certificate-based authentication offers several advantages within the zero trust framework for drones. Firstly, it provides a strong level of assurance regarding the identity of the communicating parties. The use of digital certificates, coupled with the rigorous validation process against trusted CAS, ensures that the entities interacting with the drone system are indeed whom they claim to be.

Furthermore, certificate-based authentication enables secure communication channels between the drone system and other devices or users [86]. Public-key cryptography within the certificates facilitates establishing encrypted connections, protecting the confidentiality and integrity of the data transmitted between the entities. This ensures that sensitive information, such as control commands or telemetry data, remains protected from unauthorized interception or tampering. Additionally, certificate-based authentication supports the scalability and manageability of authentication in large-scale drone deployments. By relying on standardized digital certificates, issuing, revoking, and managing credentials becomes more streamlined. Certificates can be centrally managed and easily updated or withdrawn as needed, enabling for effective access control management in dynamic and evolving drone environments.

Table 11. Authentication Factor.

Table 11. Authentication Factor.

Authentication Factor	MFA (Multi-Factor Authentication)	Certificate-Based Authentication
Description	Enhances security by requiring users to provide multiple authentication factors before gaining access.	Relies on digital certificates issued to users or devices, utilizing Public Key Infrastructure (PKI) for secure communication.
Factors Used	- Something You Know (Password or PIN) - Something You Have (Temporary code from a mobile app or hardware token) - Something You Are (Biometric data like fingerprints or facial recognition)	- Something You Have (Digital certificate issued by a Certificate Authority) - Something You Are (Authentication based on cryptographic keys)
Security Strength	Provides a high level of security by adding layers of verification, reducing the risk of unauthorized access.	Offers robust security, especially in environments where strong identity verification is essential.
Suitability	Well-suited for environments requiring strong user authentication, such as military systems or confidential databases.	Highly suitable for secure communication channels, military networks, or any context where rigorous identity validation is critical.
Ease of Use	Depending on factors used, may involve additional steps for users, but advancements like biometrics improve user experience.	Requires the management and deployment of digital certificates, which can be seamless once set up but may involve initial configuration complexities.

6.6. Strengthening UAV Security: Implementing Zero Trust Principles in the IoBT

A comprehensive zero trust approach is essential to safeguard against attacks and unauthorized access. This article delves into the critical components of securing UAVs in the IoBT using the zero trust model.

• Device Authentication: Implementing robust device authentication mechanisms is fundamental to establishing trust within the IoBT network. Each drone must be equipped with unique digital certificates and device identifiers, making it possible to identify and validate its authenticity during the connection process. Secure boot processes ensure that only genuine and untampered software can run on the UAV, mitigating the risk of compromised firmware or software [91].
• Data Encryption: Data transmitted between drones and GCS must be encrypted using robust encryption protocols to prevent unauthorized interception and tampering. End-to-end encryption guarantees that intercepted data remains unintelligible unless accompanied by the requisite decryption keys. protecting sensitive information from falling into the wrong hands [92].
• Continuous Monitoring: Real-time monitoring is indispensable in detecting anomalies and suspicious activities in the IoBT network. By constantly analyzing drone activities and network traffic, security teams can swiftly respond to potential threats, unauthorized access attempts, abnormal data transfers, and deviations from expected flight patterns. Early detection allows for proactive mitigation measures [93].
• Segmentation and Micro-segmentation: Dividing the network into logical segments and applying granular access controls significantly reduces the attack surface and minimizes the lateral movement of attackers in case of a breach. Micro-segmentation ensures that each piece is fortified with its access permissions, limiting the scope of any potential infringement and containing it effectively [94].
• Identity and Access Management (IAM): A robust IAM strategy is vital for managing user and device identities within the IoBT. Implementing rigorous password policies, RBAC, and MFA ensures that only authorized personnel can control or interact with drones, significantly reducing the risk of unauthorized access [95].
• Secure Communication Protocols: Secure communication protocols such as Secure Shell (SSH) or TLS should be employed to exchange commands, telemetry, and other data between drones and GCS. Encrypting communication channels prevents eavesdropping and ensures that transmitted data remains confidential and unchanged during transmission [96].
• Secure Firmware and Software Updates: Establishing a secure process for applying firmware and software updates is critical to prevent potentially malicious code injection. Verifying the integrity and authenticity of updates before deployment minimizes the risk of compromising drone systems with malware or unauthorized modifications [97].
• Incident Response and Recovery: A comprehensive incident response plan is essential to swiftly and efficiently address security breaches or compromises. This plan should outline clear steps for isolating compromised drones, conducting forensics to identify the source of the attack, and safely returning operations to normalcy [98].
• Compliance and Regulations: Compliance with relevant regulations, guidelines, and standards is crucial for UAV operations and security. The IoBT network can maintain a strong security posture and protect itself from potential legal and operational repercussions by aligning its zero trust implementation with aviation authorities’ regulations and industry organizations’ best practices.

Table 12. Comparison of Selected Papers in Drone.

Table 12. Comparison of Selected Papers in Drone.

Features	Our paper	Dong et al. [4]	Nour [38]	Ramezanpour et al. [39]	Keshavarz et al. [40]	Kurunathan et al. [41]	Fang at al.[42]
Model or Framework	✓	✓	✓	✓	✓	✓	✓
Security and Privacy	✓	✓	✓	✓	✓	✓	✓
Challenges	✓	✓	✓	✓	✓	✓	✓
Components	✓	✗	✗	✗	✗	✓	✗
Internet of Things	✓	✓	✓	✓	✗	✓	✓
Military sector	✓	✗	✗	✗	✗	✗	✗
Mechanism	✓	✗	✓	✓	✓	✓	✓

7. Future Direction

8. Conclusion

Nomenclature

References

1. Yang, D.; Zhao, Y.; Wu, K.; Guo, X.; Peng, H. An efficient authentication scheme based on Zero Trust for UAV swarm. 2021 International Conference on Networking and Network Applications (NaNA) 2021. [CrossRef]
2. Keshavarz, M.; Shamsoshoara, A.; Afghah, F.; Ashdown, J. A real-time framework for trust monitoring in a network of unmanned aerial vehicles. IEEE INFOCOM 2020 - IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS) 2020. [CrossRef]
3. Rani, C.; Modares, H.; Sriram, R.; Mikulski, D.; Lewis, F.L. Security of unmanned aerial vehicle systems against cyber-physical attacks. The Journal of Defense Modeling and Simulation: Applications, Methodology, Technology 2015, 13, 331–342. [Google Scholar] [CrossRef]
4. Dong, C.; Jiang, F.; Chen, S.; Liu, X. Continuous authentication for UAV delivery systems under Zero-Trust Security Framework. 2022 IEEE International Conference on Edge Computing and Communications (EDGE) 2022. [CrossRef]
5. Shafique, A.; Mehmood, A.; Elhadef, M. Survey of security protocols and vulnerabilities in Unmanned Aerial Vehicles. IEEE Access 2021, 9, 46927–46948. [Google Scholar] [CrossRef]
6. Penmetsa, S.; Minhuj, F.; Singh, A.; Omkar, S. Autonomous UAV for suspicious action detection using pictorial human pose estimation and classification. ELCVIA Electronic Letters on Computer Vision and Image Analysis 2014, 13, 18. [Google Scholar] [CrossRef]
7. Maďar, T. STIENNON, Richard. There Will Be Cyberwar: How the Move to Network-Centric War Fighting Has Set the Stage for Cyberwar. Obrana A Strategie (defence and Strategy) 2017, 17, 161–163. [Google Scholar] [CrossRef]
8. Mukhandi, M.; Damião, F.; Granjal, J.; Vilela, J.P. Blockchain-based Device Identity Management with Consensus Authentication for IoT Devices. 2022 IEEE 19th Annual Consumer Communications & Networking Conference (CCNC) 2022, pp. 433–436. [CrossRef]
9. Syed, N.F.; Shah, S.W.; Shaghaghi, A.; Anwar, A.; Baig, Z.; Doss, R. Zero trust architecture (ZTA): A comprehensive survey. IEEE Access 2022, 10, 57143–57179. [Google Scholar] [CrossRef]
10. Zero Trust Architecture: NIST Publishes SP 800-207. National Institute of Standards and Technology, 2020. [CrossRef]
11. Moffa, A. Implementing zero-trust to IOT solutions, 2024.
12. Canada, H. Securing a new Digital World with Zero trust, 2021.
13. Bhattacharjya, S. A novel zero-trust framework to secure IOT Communications, 2020.
14. Morel, A.E.; Kavzak Ufuktepe, D.; Ignatowicz, R.; Riddle, A.; Qu, C.; Calyam, P.; Palaniappan, K. Enhancing network-edge connectivity and computation security in drone video analytics. 2020 IEEE Applied Imagery Pattern Recognition Workshop (AIPR) 2020. [Google Scholar] [CrossRef]
15. Feng, Y.; Li, M.; Zeng, C.; Liu, H. Robustness of internet of battlefield things (IoBT): A directed network perspective. Entropy 2020, 22, 1166. [Google Scholar] [CrossRef]
16. Kindervag, J. Build security into your network’s DNA: The Zero Trust Network Architecture, 2010.
17. DeCusatis, C.M.; Liengtiraphan, P.; Sager, A.; Pinelli, M. Implementing Zero Trust Cloud Networks with Transport Access Control and First Packet Authentication. 2016 IEEE International Conference on Smart Cloud (SmartCloud) 2016, pp. 5–10. [CrossRef]
18. Rose, S.; Borchert, O.; Mitchell, S.; Connelly, S. Zero trust architecture. 2020. [Google Scholar] [CrossRef]
19. Solodov, A.A.; Williams, A.D.; Hanaei, S.A.; Goddard, B. Analyzing the threat of unmanned aerial vehicles (UAV) to nuclear facilities. Security Journal 2018, 31, 305–324. [Google Scholar] [CrossRef]
20. Awan, S.M.; Azad, M.A.; Arshad, J.; Waheed, U.; Sharif, T. A Blockchain-Inspired Attribute-Based Zero-Trust Access Control Model for IoT. Inf. 2023, 14, 129. [Google Scholar] [CrossRef]
21. Hale, B.; Van Bossuyt, D.L.; Papakonstantinou, N.; O’Halloran, B. A zero-trust methodology for security of Complex Systems with machine learning components. Volume 2: 41st Computers and Information in Engineering Conference (CIE) 2021. [CrossRef]
22. Phiayura, P.; Teerakanok, S. A comprehensive framework for migrating to zero trust architecture. IEEE Access 2023, 11, 19487–19511. [Google Scholar] [CrossRef]
23. Kerman, A. Zero trust cybersecurity: “never trust, always verify”, 2023.
24. Ferretti, L.; Magnanini, F.; Andreolini, M.; Colajanni, M. Survivable zero trust for cloud computing environments. Computers & Security 2021, 110, 102419. [Google Scholar] [CrossRef]
25. Alagappan, A.; Venkatachary, S.K.; Andrews, L.J. Augmenting Zero trust network architecture to enhance security in virtual power plants. Energy Reports 2022, 8, 1309–1320. [Google Scholar] [CrossRef]
26. Macri, K. What is Zero trust? Federal Agencies Embrace Cybersecurity Innovation, 2021.
27. Embrace proactive security with Zero Trust.
28. Finn, R.L.; Wright, D. Unmanned aircraft systems: Surveillance, ethics and privacy in civil applications. Comput. Law Secur. Rev. 2012, 28, 184–194. [Google Scholar] [CrossRef]
29. Waharte, S.; Trigoni, A. Supporting Search and Rescue Operations with UAVs. 2010 International Conference on Emerging Security Technologies 2010, pp. 142–147. [CrossRef]
30. Journal of Intelligent & Robotic Systems manuscript No. (will be inserted by the editor) An Unmanned Aircraft System for Automatic Forest Fire Monitoring and Measurement. [CrossRef]
31. Quaritsch, M.; Kruggl, K.; Wischounig-Strucl, D.; Bhattacharya, S.; Shah, M.; Rinner, B. Networked UAVs as aerial sensor network for disaster management applications. e & i Elektrotechnik und Informationstechnik 2010, 127, 56–63. [Google Scholar] [CrossRef]
32. Gómez-Candón, D.; Castro, A.I.; López-Granados, F. Assessing the accuracy of mosaics from unmanned aerial vehicle (UAV) imagery for precision agriculture purposes in wheat. Precision Agriculture 2014, 15, 44–56. [Google Scholar] [CrossRef]
33. Ham, Y.; Han, K.K.; Lin, J.J.; Golparvar-Fard, M. Visual monitoring of civil infrastructure systems via camera-equipped Unmanned Aerial Vehicles (UAVs): a review of related works. Visualization in Engineering 2016, 4, 1–8. [Google Scholar] [CrossRef]
34. Bemis, S.P.; Micklethwaite, S.; Turner, D.; James, M.R.; Akciz, S.O.; Thiele, S.T.; Bangash, H.A. Ground-based and UAV-Based photogrammetry: A multi-scale, high-resolution mapping tool for structural geology and paleoseismology. Journal of Structural Geology 2014, 69, 163–178. [Google Scholar] [CrossRef]
35. Bracken-Roche, C.; Lyon, D.H.; Mansour, M.; Molnar, A.; Saulnier, A.; Thompson, S. Surveillance drones: privacy implications of the spread of unmanned aerial vehicles (UAVs) in Canada. 2014.
36. Fleureau, J.; Galvane, Q.; Tariolle, F.L.; Guillotel, P. Generic Drone Control Platform for Autonomous Capture of Cinema Scenes. Proceedings of the 2nd Workshop on Micro Aerial Vehicle Networks, Systems, and Applications for Civilian Use 2016. [CrossRef]
37. Finn, A.; Scheding, S. Developments and Challenges for Autonomous Unmanned Vehicles - A Compendium. Intelligent Systems Reference Library, 2010. [CrossRef]
38. Nour, M.G. Implementing Machine Learning to Achieve Dynamic Zero-Trust Intrusion Detection Systems (ZT-IDS) in 5G Based IoT Networks. PhD thesis, The George Washington University, 2023.
39. Ramezanpour, K.; Jagannath, J. Intelligent zero trust architecture for 5G/6G networks: Principles, challenges, and the role of machine learning in the context of O-RAN. Computer Networks 2022, 217, 109358. [Google Scholar] [CrossRef]
40. Keshavarz, M.; Shamsoshoara, A.; Afghah, F.; Ashdown, J. A real-time framework for trust monitoring in a network of unmanned aerial vehicles. IEEE INFOCOM 2020-IEEE Conference on Computer Communications Workshops (INFOCOM WKSHPS). IEEE, 2020, pp. 677–682. [CrossRef]
41. Kurunathan, H.; Huang, H.; Li, K.; Ni, W.; Hossain, E. Machine learning-aided operations and communications of unmanned aerial vehicles: A contemporary survey. IEEE Communications Surveys & Tutorials 2023. [CrossRef]
42. Fang, L.; Wu, C.; Kang, Y.; Ou, W.; Zhou, D.; Ye, J. Zero-Trust-Based Protection Scheme for Users in Internet of Vehicles. Security and Communication Networks 2022. [Google Scholar] [CrossRef]
43. Ko, Y.; Kim, J.; Duguma, D.G.; Astillo, P.V.; You, I.; Pau, G. Drone Secure Communication Protocol for Future Sensitive Applications in Military Zone. Sensors (Basel, Switzerland) 2021, 21. [Google Scholar] [CrossRef] [PubMed]
44. Mekdad, Y.; Aris, A.; Babun, L.; Fergougui, A.E.; Conti, M.; Lazzeretti, R.; Uluagac, A.S. A survey on security and privacy issues of uavs. Computer Networks 2023, 224, 109626. [Google Scholar] [CrossRef]
45. Abro, G.E.M.; Zulkifli, S.A.; Masood, R.J.; Asirvadam, V.S.; Laouti, A. Comprehensive Review of UAV Detection, Security, and Communication Advancements to Prevent Threats. Drones 2022. [Google Scholar] [CrossRef]
46. Pirker, D.; Fischer, T.; Lesjak, C.H.; Steger, C. Global and Secured UAV Authentication System based on Hardware-Security. 2020 8th IEEE International Conference on Mobile Cloud Computing, Services, and Engineering (MobileCloud) 2020, pp. 84–89. [CrossRef]
47. Krichen, L.; Fourati, M.; Fourati, L.C. Communication Architecture for Unmanned Aerial Vehicle System. Ad-hoc, Mobile, and Wireless Networks 2018, 213–225. [Google Scholar] [CrossRef]
48. Allan, B.M.; Ierodiaconou, D.; Hoskins, A.J.; Arnould, J.P.Y. A Rapid UAV Method for Assessing Body Condition in Fur Seals. Drones 2019. [Google Scholar] [CrossRef]
49. LaFlamme, M. Traffic: Authorizing Airspace, Appifying Governance. 2020.
50. Nguyen, D.D.; Rohacs, J.; Rohacs, D. Autonomous flight trajectory control system for drones in Smart City Traffic Management. ISPRS International Journal of Geo-Information 2021, 10, 338. [Google Scholar] [CrossRef]
51. Agron, D.J.; Ramli, M.R.; Lee, J.M.; Kim, D.S. Secure Ground Control Station-based routing protocol for UAV Networks. 2019 International Conference on Information and Communication Technology Convergence (ICTC) 2019. [CrossRef]
52. Cecchinato, N.; Toma, A.; Drioli, C.; Oliva, G.; Sechi, G.; Foresti, G.L. A Secure Real-time Multimedia Streaming through Robust and Lightweight AES Encryption in UAV Networks for Operational Scenarios in Military Domain. Procedia Computer Science 2022. [Google Scholar] [CrossRef]
53. Vadlamudi, S.R.; Bharathy, D.A.M.V.; Rani, S.; Vadlamudi. DESIGN AND DEVELOPMENT OF A SECURE DATA TRANSMISSION PROTOCOL FOR UAV. europeanchemicalbulletin 2023. [Google Scholar] [CrossRef]
54. Ye, J.; Zou, J.; Gao, J.; Zhang, G.; Kong, M.; Pei, Z.; Cui, K. A New Frequency Hopping Signal Detection of Civil UAV Based on Improved K-Means Clustering Algorithm. IEEE Access 2021, 9, 53190–53204. [Google Scholar] [CrossRef]
55. Abera, T.; Bahmani, R.; Brasser, F.; Ibrahim, A.; Sadeghi, A.R.; Schunter, M. DIAT: Data Integrity Attestation for Resilient Collaboration of Autonomous Systems. Proceedings 2019 Network and Distributed System Security Symposium 2019. [CrossRef]
56. Wu, A.; Johnson, E.N.; Kaess, M.; Dellaert, F.; Chowdhary, G.V. Autonomous Flight in GPS-Denied Environments Using Monocular Vision and Inertial Sensors. J. Aerosp. Inf. Syst. 2010, 10, 172–186. [Google Scholar] [CrossRef]
57. Whelan, J.; Sangarapillai, T.; Minawi, O.; Almehmadi, A.; El-Khatib, K. Novelty-based Intrusion Detection of Sensor Attacks on Unmanned Aerial Vehicles. Proceedings of the 16th ACM Symposium on QoS and Security for Wireless and Mobile Networks 2020. [CrossRef]
58. Arthur, M.P. Detecting Signal Spoofing and Jamming Attacks in UAV Networks using a Lightweight IDS. 2019 International Conference on Computer, Information and Telecommunication Systems (CITS) 2019, pp. 1–5. [CrossRef]
59. Glade, D. Unmanned Aerial Vehicles: Implications for Military Operations. 2012.
60. Xiaoning, Z. Analysis of military application of UAV swarm technology. 2020 3rd International Conference on Unmanned Systems (ICUS) 2020, pp. 1200–1204. [CrossRef]
61. Rutravigneshwaran, P.; Anitha, G. Security model to mitigate black hole attack on internet of battlefield things (IoBT) using trust and K-means clustering algorithm. International Journal of Computer Networks and Applications 2023, 10, 95. [Google Scholar] [CrossRef]
62. Abuzainab, N.; Saad, W. Misinformation Control in the Internet of Battlefield Things: A Multiclass Mean-Field Game. 2018 IEEE Global Communications Conference (GLOBECOM), 2018, pp. 1–7. [CrossRef]
63. Sánchez, P.M.; Celdrán, A.H.; Bovet, G.; Pérez, G.M.; Stiller, B. SpecForce: A Framework to secure IOT spectrum sensors in the internet of battlefield things. IEEE Communications Magazine 2023, 61, 174–180. [Google Scholar] [CrossRef]
64. Tugsad Seferoglu, K.; Serdar Turk, A. Review of Spoofing and Jamming Attack on the Global Navigation Systems Band and Countermeasure. 2019 9th International Conference on Recent Advances in Space Technologies (RAST), 2019, pp. 513–520. [CrossRef]
65. Cavender, C. The internet of battlefield things is changing connector designs, 2019.
66. Miller, K.; O’Halloran, B.; Pollman, A. Securing the Internet of Battlefield Things While Maintaining Value to the Warfighter, 2019.
67. Popescu, F.C. From the IoT to the IoBT. The Path to Superior Situational Understanding. Land Forces Academy Review 2019, 24, 276–282. [Google Scholar] [CrossRef]
68. Alawneh, M.; Abbadi, I.M. Integrating Trusted Computing Mechanisms with Trust Models to Achieve Zero Trust Principles. 2022 9th International Conference on Internet of Things: Systems, Management and Security (IOTSMS) 2022, pp. 1–6. [CrossRef]
69. Zeng, R.; Li, N.; Zhou, X.; Ma, Y. Building A Zero-trust Security Protection System in The Environment of The Power Internet of Things. 2021 2nd International Seminar on Artificial Intelligence, Networking and Information Technology (AINIT) 2021, pp. 557–560. [CrossRef]
70. Gao, P.; Yan, L.; Chen, Z.; Wei, X.; Guo, L.; Shi, R. Research on Zero-Trust Based Network Security Protection for Power Internet of Things. 2021 IEEE 4th International Conference on Automation, Electronics and Electrical Engineering (AUTEEE) 2021, pp. 458–461. [CrossRef]
71. Gofman, M.I.; Luo, R.; Solomon, A.C.; Zhang, Y.; Yang, P.; Stoller, S.D. RBAC-PAT: A Policy Analysis Tool for Role Based Access Control. International Conference on Tools and Algorithms for Construction and Analysis of Systems, 2009. [CrossRef]
72. Jeong, H.J.; guk Ha, Y. RBAC-Based UAV Control System for Multiple Operator Environments. 2012. [CrossRef]
73. Hu, V.C.; Ferraiolo, D.F.; Kuhn, R.; Schnitzer, A.; Sandlin, K.; Miller, R.; Scarfone, K. Guide to Attribute Based Access Control (ABAC) Definition and Considerations. 2014. [CrossRef]
74. Alohaly, M.; Balogun, O.; Takabi, D. Integrating Cyber Deception Into Attribute-Based Access Control (ABAC) for Insider Threat Detection. IEEE Access 2022, 10, 108965–108978. [Google Scholar] [CrossRef]
75. Zhang, Y.; Zhang, B. A new testing method for XACML 3.0 policy based on ABAC and data flow. 2017 13th IEEE International Conference on Control & Automation (ICCA) 2017, pp. 160–164. [CrossRef]
76. Bera, B.; Das, A.K.; Garg, S.; Piran, M.J.; Hossain, M.S. Access Control Protocol for Battlefield Surveillance in Drone-Assisted IoT Environment. IEEE Internet of Things Journal 2021, 9, 2708–2721. [Google Scholar] [CrossRef]
77. Patel, S.B.; Kheruwala, H.A.; Alazab, M.; Patel, N.S.; Damani, R.; Bhattacharya, P.; Tanwar, S.; Kumar, N. BioUAV: blockchain-envisioned framework for digital identification to secure access in next-generation UAVs. Proceedings of the 2nd ACM MobiCom Workshop on Drone Assisted Wireless Communications for 5G and Beyond 2020. [CrossRef]
78. Otta, S.P.; Panda, S.; Gupta, M.; Hota, C. A Systematic Survey of Multi-Factor Authentication for Cloud Infrastructure. Future Internet 2023, 15. [Google Scholar] [CrossRef]
79. Liu, S.; Song, Y.; Zhang, M.; Zhao, J.; Yang, S.; Hou, K. An Identity Authentication Method Combining Liveness Detection and Face Recognition. Sensors 2019, 19. [Google Scholar] [CrossRef]
80. Jaikla, T.; Pichetjamroen, S.; Vorakulpipat, C.; Pichetjamroen, A. A Secure Four-factor Attendance System for Smartphone Device. 2020, pp. 65–68. [CrossRef]
81. Adiraju, R.V.; Masanipalli, K.K.; Reddy, T.D.; Pedapalli, R.; Chundru, S.; Panigrahy, A.K. An extensive survey on finger and palm vein recognition system. Materials Today: Proceedings 2021, 45, 1804–1808. International Conference on Advances in Materials Research - 2019. [CrossRef]
82. Mujeye, S. An Experimental Study on the Role of Password Strength and Cognitive Load on Employee Productivity. 2016. [CrossRef]
83. Erdem, E.; Sandıkkaya, M.T. OTPaaS—One Time Password as a Service. IEEE Transactions on Information Forensics and Security 2019, 14, 743–756. [CrossRef]
84. Wang, C.; Wang, Y.; Chen, Y.; Liu, H.; Liu, J. User authentication on mobile devices: Approaches, threats and trends. Computer Networks 2020, 170, 107118. [Google Scholar] [CrossRef]
85. Gordin, I.; Graur, A.; Potorac, A. Two-factor authentication framework for private cloud. 2019, pp. 255–259. [CrossRef]
86. Das, A.K.; Bera, B.; Wazid, M.; Jamal, S.S.; Park, Y. iGCACS-IoD: An Improved Certificate-Enabled Generic Access Control Scheme for Internet of Drones Deployment. IEEE Access 2021, 9, 87024–87048. [Google Scholar] [CrossRef]
87. Semal, B.; Markantonakis, K.; Akram, R.N. A Certificateless Group Authenticated Key Agreement Protocol for Secure Communication in Untrusted UAV Networks. 2018 IEEE/AIAA 37th Digital Avionics Systems Conference (DASC) 2018, pp. 1–8. [CrossRef]
88. Bera, B.; Das, A.K.; Sutrala, A.K. Private blockchain-based access control mechanism for unauthorized UAV detection and mitigation in Internet of Drones environment. Comput. Commun. 2021, 166, 91–109. [Google Scholar] [CrossRef]
89. Wei, Z.; Liu, F.; Ng, D.W.K.; Schober, R. Safeguarding UAV Networks through Integrated Sensing, Jamming, and Communications. ICASSP 2022 - 2022 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP) 2021, pp. 8737–8741. [CrossRef]
90. Sharma, G.; Sharma, D.K.; Kumar, A. Role of cybersecurity and Blockchain in battlefield of things. Internet Technology Letters 2022, 6. [Google Scholar] [CrossRef]
91. Rodrigues, M.; Amaro, J.; Osorio, F.S.; Kalinka. R. L. J. C., B. Authentication methods for UAV communication. 2019 IEEE Symposium on Computers and Communications (ISCC) 2019. [CrossRef]
92. Kim, K.; Kang, Y. Drone security module for UAV data encryption. 2020 International Conference on Information and Communication Technology Convergence (ICTC) 2020, pp. 1672–1674. [CrossRef]
93. Birnbaum, Z.; Dolgikh, A.; Skormin, V.; O’Brien, E.; Muller, D.; Stracquodaine, C. Unmanned Aerial Vehicle Security using behavioral profiling. 2015 International Conference on Unmanned Aircraft Systems (ICUAS) 2015. [CrossRef]
94. Klein, D. Micro-segmentation: securing complex cloud environments. Netw. Secur. 2019, 2019, 6–10. [Google Scholar] [CrossRef]
95. Han, P.H.; Sui, A.; Wu, J. Identity Management and Authentication of a UAV Swarm Based on a Blockchain. Applied Sciences 2022. [Google Scholar] [CrossRef]
96. Khan, N.A.; Jhanjhi, N.Z.; Brohi, S.N.; Almazroi, A.A.; Almazroi, A.A. A Secure Communication Protocol for Unmanned Aerial Vehicles. Cmc-computers Materials & Continua 2022, 70, 601–618. [Google Scholar] [CrossRef]
97. Catuogno, L.; Galdi, C. Secure Firmware Update: Challenges and Solutions. Cryptogr. 2023, 7, 30. [Google Scholar] [CrossRef]
98. Zhang, K.; Zheng, J.; Fu, J.; Zhang, Y.; Ji, W. Research and application of zero trust based secure access to the power Internet of Things. 2023 IEEE 7th Information Technology and Mechatronics Engineering Conference (ITOEC) 2023, 7, 2356–2360.
99. Li, S.; Iqbal, M.; Saxena, N. Future Industry Internet of Things with Zero-trust Security. Information Systems Frontiers 2022. [Google Scholar] [CrossRef]
100. Feng, Y.; Li, M.L.; Zeng, C.; Liu, H. Robustness of Internet of Battlefield Things (IoBT): A Directed Network Perspective. Entropy 2020, 22. [Google Scholar] [CrossRef] [PubMed]
101. Banerjee, M.; Lee, J.; Choo, K.K.R. A blockchain future for internet of things security: a position paper. Digit. Commun. Networks 2017, 4, 149–160. [Google Scholar] [CrossRef]
102. Alkanjr, B.; Mahgoub, I. A Novel Deception-Based Scheme to Secure the Location Information for IoBT Entities. IEEE Access 2023, 11, 15540–15554. [Google Scholar] [CrossRef]
103. Federici, F.; Martintoni, D.; Senni, V. A Zero-Trust Architecture for Remote Access in Industrial IoT Infrastructures. Electronics 2023. [Google Scholar] [CrossRef]
104. Rutravigneshwaran, P.; Anitha, G. Security Model to Mitigate Black Hole Attack on Internet of Battlefield Things (IoBT) Using Trust and K-Means Clustering Algorithm. International Journal of Computer Networks and Applications 2023. [Google Scholar] [CrossRef]