Zero Trust Architecture in Law Enforcement Mobile Governance: A Systematic Literature Review

Iwan Juniar Simanjutak; Dana Indra Sensuse

doi:10.59141/jiss.v7i5.2355

Authors

Iwan Juniar Simanjutak Universitas Indonesia
Dana Indra Sensuse Universitas Indonesia

DOI:

https://doi.org/10.59141/jiss.v7i5.2355

Keywords:

Zero Trust Architecture, law enforcement, mobile governance, cybersecurity, systematic literature review

Abstract

The expansion of mobile government has changed the operational environment of law enforcement agencies. Officers increasingly access case records, location-based applications, biometric systems, cloud repositories, and digital evidence workflows through mobile and distributed endpoints. These conditions challenge perimeter-based security and raise questions about how Zero Trust Architecture can support secure, accountable, and rights-sensitive mobile governance. This study reviews recent literature to synthesize how Zero Trust Architecture can be positioned within law enforcement mobile governance. A systematic literature review was conducted using a PRISMA-based protocol. The search used Scopus as the primary database and applied English-language, open-access, article, and 2020–2026 filters. From 96 initial records, duplicate removal, title and abstract screening, and full-text eligibility assessment produced 40 included articles. The synthesis shows that the literature is dominated by Zero Trust Architecture migration, dynamic access control, authentication, Internet of Things, edge, and 6G security, while studies directly linking Zero Trust Architecture to police mobile governance remain scarce. Four cross-cutting themes were identified: continuous identity and device verification, context- and risk-aware policy enforcement, evidence and data governance, and organizational readiness. The article proposes a governance-oriented Zero Trust Architecture framework for law enforcement mobile systems that connects technical controls with legal accountability, auditability, and public trust. The review concludes that Zero Trust Architecture should be treated not only as a cybersecurity architecture but also as a policy instrument for strengthening secure mobile public service delivery.

References

Afzal, M., & Panagiotopoulos, P. (2025). Data in policing: An integrative review. International Journal of Public Administration, 48(7), 411–430. https://doi.org/10.1080/01900692.2024.2360586

Al-Ansi, A. M., Garad, A., Jaboob, M., & Al-Ansi, A. (2024). Elevating e-government: Unleashing the power of AI and IoT for enhanced public services. Heliyon, 10(23), e40591. https://doi.org/10.1016/j.heliyon.2024.e40591

Al-Kautsar Maktub, M., Handayani, P. W., & Sunarso, F. P. (2025). Citizen acceptance and use of the Jakarta Kini (JAKI) e-government: Extended unified model for electronic government adoption. Heliyon, 11(2), e42078. https://doi.org/10.1016/j.heliyon.2025.e42078

Alhanatleh, H., Khaddam, A., & Abousweilem, F. (2022). Mobile government public value model for assessing the public institution’s services: Evidence through the context of Jordan. International Journal of Data and Network Science, 6(4), 1295–1308. https://doi.org/10.5267/j.ijdns.2022.6.005

Ali, B., Hijjawi, S., Campbell, L. H., Gregory, M. A., & Li, S. (2022). A maturity framework for Zero Trust security in multiaccess edge computing. Security and Communication Networks, 2022, Article 3178760. https://doi.org/10.1155/2022/3178760

Alshomrani, S., & Li, S. (2022). PUFDCA: A Zero-Trust-based IoT device continuous authentication protocol. Wireless Communications and Mobile Computing, 2022, Article 6367579. https://doi.org/10.1155/2022/6367579

Ameer, S., Praharaj, L., Sandhu, R., Bhatt, S., & Gupta, M. (2024). ZTA-IoT: A novel architecture for Zero-Trust in IoT systems and an ensuing usage control model. ACM Transactions on Privacy and Security, 27(3), Article 22. https://doi.org/10.1145/3671147

Azad, M. A., Abdullah, S., Arshad, J., Lallie, H., & Ahmed, Y. H. (2024). Verify and trust: A multidimensional survey of Zero Trust security in the age of IoT. Internet of Things, 27, 101227. https://doi.org/10.1016/j.iot.2024.101227

Casino, F., Dasaklis, T. K., Spathoulas, G., Anagnostopoulos, M., Ghosal, A., Borocz, I., & Patsakis, C. (2022). SoK: Cross-border criminal investigations and digital evidence. Journal of Cybersecurity, 8(1), tyac014. https://doi.org/10.1093/cybsec/tyac014

Castilla, R., Pacheco, A., & Franco, J. (2023). Digital government: Mobile applications and their impact on access to public information. SoftwareX, 22, 101382.

Gupta, P., Hooda, A., Jeyaraj, A., Seddon, J. J. M., & Dwivedi, Y. K. (2025). Trust, risk, privacy and security in e-government use: Insights from a MASEM analysis. Information Systems Frontiers, 27, 1089–1105. https://doi.org/10.1007/s10796-024-10497-8

Gürler, S., Cavusoglu, B., Ozdamli, F., Mousa, K. M., & Baykan, H. (2024). Mobile government use and crisis management: The moderating role of techno-skepticism. Sustainability, 16(12), 4904. https://doi.org/10.3390/su16124904

Jeong, E., & Yang, D. (2025). A trust score-based access control model for Zero Trust Architecture: Design, sensitivity analysis, and real-world performance evaluation. Applied Sciences, 15(17), 9551. https://doi.org/10.3390/app15179551

Kang, H., Liu, G., Wang, Q., Meng, L., & Liu, J. (2023). Theory and application of Zero Trust security: A brief survey. Entropy, 25(12), 1595. https://doi.org/10.3390/e25121595

Ma, Y. W., & Chiu, P. H. (2025). A novel risk-based access control engine in Zero Trust Architecture for IoT network. International Journal of Information Security, 24, Article 124. https://doi.org/10.1007/s10207-025-01030-2

Mukta, R., Pal, S., Chowdhury, K., Hitchens, M., Paik, H. Y., & Kanhere, S. S. (2025). Zero Trust-driven access control delegation using blockchain. Blockchain: Research and Applications, Article 100319. https://doi.org/10.1016/j.bcra.2025.100319

Nie, S., Ren, J., Wu, R., Han, P., Han, Z., & Wan, W. (2025). Zero-Trust access control mechanism based on blockchain and inner-product encryption in the Internet of Things in a 6G environment. Sensors, 25(2), 550. https://doi.org/10.3390/s25020550

Nookhao, S., & Kiattisin, S. (2023). Achieving a successful e-government: Determinants of behavioral intention from Thai citizens’ perspective. Heliyon, 9(8), e18944. https://doi.org/10.1016/j.heliyon.2023.e18944

Page, M. J., McKenzie, J. E., Bossuyt, P. M., Boutron, I., Hoffmann, T. C., Mulrow, C. D., Shamseer, L., Tetzlaff, J. M., Akl, E. A., Brennan, S. E., Chou, R., Glanville, J., Grimshaw, J. M., Hróbjartsson, A., Lalu, M. M., Li, T., Loder, E. W., Mayo-Wilson, E., McDonald, S., McGuinness, L. A., Stewart, L. A., Thomas, J., Tricco, A. C., Welch, V. A., Whiting, P., & Moher, D. (2021). The PRISMA 2020 statement: An updated guideline for reporting systematic reviews. BMJ, 372, Article n71. https://doi.org/10.1136/bmj.n71

Phiayura, P., & Teerakanok, S. (2023). A comprehensive framework for migrating to Zero Trust Architecture. IEEE Access, 11, 19487–19511. https://doi.org/10.1109/ACCESS.2023.3248622

Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture. NIST Special Publication 800-207. National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207

Sasada, T., Taenaka, Y., Kadobayashi, Y., & Fall, D. (2024). Web-biometrics for user authenticity verification in Zero Trust access control. IEEE Access, 12, 129611–129622. https://doi.org/10.1109/ACCESS.2024.3413696

Sharma, A., Rani, S., & Boulila, W. (2025). Blockchain-based Zero Trust networks with federated transfer learning for IoT security in Industry 5.0. PLOS ONE, 20(6), e0323241. https://doi.org/10.1371/journal.pone.0323241

Son, S., Kwon, D., Lee, S., Kwon, H., & Park, Y. (2024). A Zero-Trust authentication scheme with access control for 6G-enabled IoT environments. IEEE Access, 12, 154066–154079. https://doi.org/10.1109/ACCESS.2024.3484522

Stoykova, R. A. (2024). A new right to procedural accuracy: A governance model for digital evidence in criminal proceedings. Computer Law & Security Review, 55, 106040. https://doi.org/10.1016/j.clsr.2024.106040

Stoykova, R., Porter, K., & Beka, T. (2024). The AI Act in a law enforcement context: The case of automatic speech recognition for transcribing investigative interviews. Forensic Science International: Synergy, 9, 100563. https://doi.org/10.1016/j.fsisyn.2024.100563

Syed, N. F., Shah, S. W., Shaghaghi, A., Anwar, A., Baig, Z., & Doss, R. (2022). Zero Trust Architecture (ZTA): A comprehensive survey. IEEE Access, 10, 57143–57179. https://doi.org/10.1109/ACCESS.2022.3174679

Teerakanok, S., Uehara, T., & Inomata, A. (2021). Migrating to Zero Trust Architecture: Reviews and challenges. Security and Communication Networks, 2021, Article 9947347. https://doi.org/10.1155/2021/9947347

Wang, J., Wang, Z., Song, J., & Cheng, H. (2023). Attribute and user trust score-based Zero Trust access control model in IoV. Electronics, 12(23), 4825. https://doi.org/10.3390/electronics12234825

Wang, R., Li, C., Zhang, K., & Tu, B. (2025). Zero-Trust based dynamic access control for cloud computing. Cybersecurity, 8, Article 12. https://doi.org/10.1186/s42400-024-00320-x

Xiao, S., Ye, Y., Kanwal, N., Newe, T., & Lee, B. (2022). SoK: Context and risk aware access control for Zero Trust systems. Security and Communication Networks, 2022, Article 7026779. https://doi.org/10.1155/2022/7026779

Zanasi, C., Russo, S., & Colajanni, M. (2024). Flexible Zero Trust Architecture for the cybersecurity of industrial IoT infrastructures. Ad Hoc Networks, 156, 103414. https://doi.org/10.1016/j.adhoc.2024.103414