Zero Trust at Sea: Security Gains and the Risk of Operational Disruption without Fallback Mechanisms

Abstract:
Zero-Trust Architecture (ZTA) has emerged as a foundational cybersecurity paradigm with wide adoption. However, assumptions made in shore-based enterprise networks pose challenges when applying zero-trust principles in maritime environments. In maritime systems, operations depend on intermittent, low-bandwidth, and often contested communications. Thus, strict zero trust enforcement can unintentionally disrupt mission-critical functions. This paper examines the benefits and limitations of applying ZTA in maritime contexts, with particular attention to safety-critical operations and military. This work outlines a maritime-adapted zero trust framework that integrates degraded-mode operation and fallback mechanisms to preserve operational continuity while maintaining security objectives and safe mission completion.
AUTHORS
Cyber Science Department United States Naval Academy
Annapolis, Maryland, United States of America
Brien Croteau received the B.S. degree in systems engineering from the United States Naval Academy, Annapolis, MD, U.S., in 1999, the M.S. degree in control systems engineering from the Rensselaer Polytechnic Institute, Troy, NY, U.S., in 2000, and the Ph.D. degree in electrical engineering from the University of Maryland at Baltimore County, Baltimore, MD, U.S., in 2020. From 2001 to 2016, he was a Naval Flight Officer at the U.S. Navy, flying EA-6B and EA-18G aircraft in carrier-based fleet and developmental test squadrons. In 2016, he transitioned to the Permanent Military Professor Community and is currently an Assistant Professor at the Cyber Science Department, United States Naval Academy. His research interests include cyber-physical system security, focusing on industrial and maritime control systems.
Cyber Science Department United States Naval Academy
Annapolis, Maryland, United States of America
Christopher B. Landis is an Assistant Professor in the Cyber Science Department at the U.S. Naval Academy. He earned his Ph.D. in Computer Science from the Naval Postgraduate School in Monterey, CA, U.S., in 2024, his Master of Information Technology Strategy from Carivnegie Mellon University in Pittsburgh, PA, U.S., in 2013, and his Bachelor of Science degree in Information Technology with a second discipline in Space Operations from the U.S. Naval Academy in Annapolis, MD, U.S., in 2007. His career has been in the U.S. Navy, serving in turn as a Surface Warfare Officer, Information Professional Officer, and Permanent Military Professor.
Avinash Srinivasan is an Associate Professor of Cyber Science at the United States Naval Academy, where his research spans cybersecurity and digital forensics—from network security and cyber-physical systems to steganography and information hiding, and the application of emerging security and communications frameworks, such as zero trust and software-defined networking to tactical environments. He has secured research funding from the DoD/Navy, NSF, DoJ, DHS, and DoEd, and has published 59 peer-reviewed papers in venues including IEEE INFOCOM, IEEE ICDCS, and ACM SAC. He holds a U.S. patent, serves as Associate Editor for IEEE Transactions on Cognitive Communications and Networking, and is certified as both an Ethical Hacker (CEH) and a Computer Hacking Forensics Investigator (CHFI). Dr. Srinivasan has also trained law enforcement personnel in Macintosh and Network Forensics.
Published In
Journal of Information Warfare
The definitive publication for the best and latest research and analysis on information warfare, information operations, and cyber crime. Available in traditional hard copy or online.
Quick Links
Archive

