Impact of the Zero Trust Model on RESTful APIs for SMEs
Taju, Cristian; Pitti, Angelica; Rivera Castro, José de los Reyes
Impacto del modelo Zero Trust en APIs RESTful para PyMEs
Autores Pitti, Angelica
Autores Rivera Castro, José de los Reyes
Tema RESTful APIs
Tema cybersecurity
Tema SMEs
Tema performance
Tema Zero Trust
Tema APIs RESTful
Tema seguridad informática
Tema PyMEs
Tema rendimiento
Descripción This study analyzes the impact of implementing Zero Trust-based security policies on a functional RESTful API for SMEs. Using an empirical approach, a functional API was designed in Laravel 12 with traditional security controls and subsequently with Zero Trust policies (JWT authentication, RBAC, continuous monitoring). Automated tests with Postman showed an 85.7% reduction in critical vulnerabilities (OWASP ZAP) and 100% blocking of unauthorized access, with acceptable average latency (<500 ms). The results demonstrate that Zero Trust is viable for SMEs, balancing security and operability without requiring costly infrastructure. The study concludes that implementing the Zero Trust model in a RESTful service architecture has a positive impact on both system security and performance. The Zero Trust strategy is accessible not only to large organizations with high technological capabilities but also to medium-sized businesses, which can begin by protecting critical APIs or integrating them into CI/CD pipelines. Recommended for organizations seeking to strengthen their security posture without sacrificing operational efficiency or technological flexibility.
Tipo info:eu-repo/semantics/publishedVersion
Tipo Artículo revisado por pares
Identificador 10.61454/x42v5m50
Fuente Espectro Investigativo Latinoamericano; Vol. 8 No. 1 (2026): Espila; 121-138
Fuente 2710-7515
Fuente 10.61454/kg7dew66
Derechos https://creativecommons.org/licenses/by-nc-sa/4.0