Tokenized Zero Trust Architecture for Social Internet of Things (SIoT): A Comprehensive Review

The Social Internet of Things (SIoT) has emerged as a powerful paradigm that enables smart devices not only to connect and communicate but also to build social relationships autonomously. While SIoT enhances usability, personalization, and intelligent services, it simultaneously introduces serious security and privacy concerns. This review explores the application of Tokenized Zero Trust Architecture (ZTA) as a comprehensive security model for SIoT ecosystems. By combining token-based identity management with the Zero Trust principle of “never trust, always verify,” Tokenized ZTA provides an innovative framework for minimizing unauthorized access and insider threats in socially connected IoT environments. The paper critically analyzes current SIoT security frameworks, explores tokenization technologies (OAuth2, JWT, blockchain tokens), and examines Zero Trust implementation strategies tailored for decentralized, heterogeneous networks. Challenges such as scalability, interoperability, and computational overhead are discussed, alongside future directions for achieving dynamic, self-adaptive trust management in SIoT. The review also investigates cross-layer security implications, collaborative authentication frameworks, and the socio-technical impact of trust decentralization. This review aims to provide a foundational reference for researchers and developers seeking to build secure, scalable, and privacy-preserving SIoT systems.