Cookie Preferences

We use cookies to enhance your browsing experience, analyze site traffic, and personalize content. By clicking "Accept All", you consent to our use of cookies. See our Privacy Policy for more information.

Nsoh Research

Research Notes

Research at Nsoh Research is conducted using Agile-Infused Design Science Research Methodology (A-DSRM), with contributions expressed as artifacts rather than abstractions alone. Each research effort begins with a real-world problem observed in industry or critical infrastructure, followed by the design, build, and evaluation of security artifacts—such as identity architectures, AI-driven detection pipelines, and Zero Trust control models—under operational and adversarial constraints.

A-DSRM Methodology

Research at Nsoh Research is conducted using Agile-Infused Design Science Research Methodology (A-DSRM), where contributions are expressed as artifacts rather than abstractions alone. Each research effort begins with a real-world problem observed in industry or critical infrastructure, followed by the design, build, and evaluation of security artifacts—such as identity architectures, AI-driven detection pipelines, and Zero Trust control models—under operational and adversarial constraints. A-DSRM treats problem evolution as a first-class variable, preserving validity through continuous iteration, collaborative feedback, and evidence-driven refinement.

What Makes A-DSRM Different

Iteration is required, not optional: every cycle refines both the artifact and the problem framing.

φ

Adversarial drift (φ) is expected: threat adaptation and operational change actively shape objectives and design.

IAM is the enforceable control plane: agentic and system actions are bound to authenticated, authorized, and revocable policy.

Collaboration is structural: practitioners, researchers, and students co-produce artifacts, evidence, and deployment guidance.

Classical DSRM vs A-DSRM comparison diagram

Classical DSRM (linear with optional iteration) versus A-DSRM (cyclical with integrated problem evolution φ).

A-DSRM Phases

Phase 1

Problem Identification

Define the operational challenge

Click to flip
Phase 1

Problem Identification

Identify real operational problems in adversarial, adaptive, or institutionally constrained environments. Problem definitions must capture threat dynamics, not just static requirements.

Phase Outputs

  • Problem statement with adversarial context
  • Stakeholder impact analysis
  • Threat model scope definition

Iteration Trigger

"Evaluation reveals structural misalignment with operational reality"

Click to flip back
NavigateSpaceFlip
1 / 6

Agile Infusion (A-DSRM is not waterfall DSRM)

A-DSRM incorporates agile principles adapted for research contexts: iterative delivery of working artifacts, responsiveness to change without treating evolution as scope creep, tight collaboration between researchers and practitioners, and cycle durations calibrated to the rate of threat evolution and research capacity. Agile infusion represents a shift from research as linear knowledge production to research as continuous adaptive response.

Iterative delivery: each cycle produces a working artifact increment.
Responsive to change: problem evolution is embraced and operationalized.
Collaboration: researchers, practitioners, and domain experts work continuously.
Sustainable pace: cycle duration is calibrated to threat evolution rate.

Research Series

Showing 6 research notes

A-DSRMOT Security

Zero Trust Architecture for Industrial Control Systems

A comprehensive framework for implementing identity-first security in OT environments, addressing the unique challenges of legacy systems and real-time constraints.

Zero TrustOT/ICSIAM
Jan 15, 20251,250 views
A-DSRMIdentity Control Plane

Identity Control Planes in Multi-Cloud Environments

Examining federated identity architectures that maintain security posture across hybrid cloud deployments while enabling seamless workload mobility.

Cloud SecurityFederationIAM
Jan 10, 2025980 views
A-DSRMInsiderAI Defense

AI Agent Security: Governance and Guardrails

Establishing identity-scoped boundaries for autonomous AI agents, including authentication, authorization, and audit requirements for agentic systems.

AI SecurityGovernance
Jan 5, 20251,450 views
A-DSRMOT Security

SCADA Security: Identity-First Approaches

Implementing modern IAM principles in legacy SCADA environments without disrupting operational continuity or safety requirements.

OT/ICSIAMCritical Infrastructure
Dec 20, 2024890 views
A-DSRMZero Trust Implementation

Zero Trust Network Access for Healthcare

Balancing patient safety, data privacy, and operational efficiency through identity-centric network segmentation in healthcare environments.

Zero TrustIAMCritical Infrastructure
Dec 15, 2024720 views
A-DSRMInsiderIdentity Control Plane

Machine Identity in DevSecOps Pipelines

Managing non-human identities across CI/CD pipelines, including secrets management, workload identity, and service mesh authentication.

IAMCloud Security
Dec 10, 20241,100 views