Zero Trust Architecture: A Systematic Literature Review

The increasing complexity of digital ecosystems and evolving cybersecurity threats have highlighted the limitations of traditional perimeter-based security models, leading to the growing adoption of Zero Trust Architecture (ZTA). ZTA operates on the principle of “never trust, always verify,” enforcing continuous authentication, conditional access, dynamic trust evaluation, and the principle of least privilege to enhance security across diverse domains. This study applies the PRISMA framework to analyze 10 years of research (2016–2025) on ZTA, presenting a systematic literature review that synthesizes its applications, enabling technologies, and associated challenges. It provides a detailed taxonomy that organizes application domains of ZTA, together with the emerging technologies that facilitate its implementation, and critically examines the barriers to ZTA adoption. Additionally, the study traces the historical evolution of ZTA alongside notable events and publications trends, while highlighting some potential factors for the surge over the past few years. It also shows how ZTA principles can be strategically utilized to enforce granular access controls, continuously monitor system behavior, and streamline security management across complex, distributed networks. This comprehensive analysis serves as a practical guide for researchers and practitioners seeking to leverage ZTA for stronger, more adaptive security frameworks in a rapidly shifting threat landscape.