Skip to main navigation menu Skip to main content Skip to site footer
Logo

Articles

Vol. 2 No. 2 (2022): Cybersecurity and Network Defense Research (CNDR)

Zero-Trust Architecture for Securing Multi-Cloud Environments

Published
15-09-2022

Abstract

The proliferation of multi-cloud environments has rendered traditional perimeter-based security models obsolete, necessitating the adoption of a Zero-Trust Architecture (ZTA) to mitigate evolving cyber threats. This paper explores the implementation of ZTA in multi-cloud infrastructures, emphasizing the principles of strict identity verification, granular access control, and continuous monitoring. It examines security challenges such as lateral movement, unauthorized access, and cloud-native attack vectors, demonstrating how ZTA enforces least-privilege access and micro-segmentation to fortify cloud workloads. Furthermore, it evaluates policy enforcement mechanisms, identity and access management (IAM), and the role of artificial intelligence in adaptive threat detection. Case studies illustrate successful ZTA deployments in securing multi-cloud ecosystems, highlighting their effectiveness in reducing attack surfaces. The study concludes with an analysis of performance trade-offs and best practices for enterprises transitioning to a zero-trust security paradigm.

References

  1. J. Kindervag, "No More Chewy Centers: Introducing the Zero Trust Model of Information Security," Forrester Research, 2010.
  2. S. Mehraj and M. T. Banday, "Establishing a Zero Trust Strategy in Cloud Computing Environment," in Proceedings of the 2020 International Conference on Computer Communication and Informatics (ICCCI), Coimbatore, India, Jan. 2020, pp. 1-6.
  3. S. Rodigari, D. O'Shea, P. McCarthy, M. McCarry, and S. McSweeney, "Performance Analysis of Zero-Trust Multi-Cloud," in Proceedings of the 2021 IEEE 14th International Conference on Cloud Computing (CLOUD), Chicago, IL, USA, Sep. 2021, pp. 730-732.
  4. S. Ahmadi, "Zero Trust Architecture in Cloud Networks: Application, Challenges, and Future Opportunities," Journal of Engineering Research and Reports, vol. 26, no. 2, pp. 215-228, 2024.
  5. L. Ferretti, F. Magnanini, M. Andreolini, and M. Colajanni, "Survivable Zero Trust for Cloud Computing Environments," Computers & Security, vol. 110, p. 102419, 2021.
  6. Z. Adahman, A. W. Malik, and Z. Anwar, "An Analysis of Zero-Trust Architecture and Its Cost-Effectiveness for Organizational Security," Computers & Security, vol. 122, p. 102911, 2022.
  7. T. M. S. do Amaral and J. J. C. Gondim, "Integrating Zero Trust in the Cyber Supply Chain Security," in Proceedings of the 2021 Workshop on Communication Networks and Power Systems (WCNPS), Brasília, Brazil, Nov. 2021, pp. 1-6.
  8. S. Davis, J. Coffey, B. Beshaj, and C. Bastian, "Emerging Technologies for Data Security in Zero Trust Environments," The Cyber Defense Review, vol. 9, no. 2, pp. 45-60, 2024.
  9. A. Brazaola-Vicario, O. Lage, J. Bernabé-Rodríguez, E. Jacob, and J. Astorga, "Privacy Enhanced QKD Networks: Zero Trust Relay Architecture Based on Homomorphic Encryption," arXiv preprint arXiv:2503.17011, Mar. 2025.
  10. S. Arora and J. Hastings, "Microsegmented Cloud Network Architecture Using Open-Source Tools for a Zero Trust Foundation," arXiv preprint arXiv:2411.12162, Nov. 2024.
  11. Y. Yan, G. Shao, D. Song, M. Song, and Y. Jin, "HE-DKSAP: Privacy-Preserving Stealth Address Protocol via Additively Homomorphic Encryption," arXiv preprint arXiv:2312.10698, Dec. 2023.
  12. A. Lopez-Alt, E. Tromer, and V. Vaikuntanathan, "On-the-Fly Multiparty Computation on the Cloud via Multikey Fully Homomorphic Encryption," in Proceedings of the 44th Annual ACM Symposium on Theory of Computing (STOC), New York, NY, USA, May 2012, pp. 1219-1234.
  13. J. Bos, K. Lauter, J. Loftus, and M. Naehrig, "Improved Security for a Ring-Based Fully Homomorphic Encryption Scheme," in Proceedings of the 2013 International Conference on Cryptography and Coding (IMACC), Oxford, UK, Dec. 2013, pp. 45-64.
  14. M. Albrecht, S. Bai, and L. Ducas, "A Subfield Lattice Attack on Overstretched NTRU Assumptions," in Proceedings of the 36th Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Paris, France, Apr. 2016, pp. 153-178.
  15. C. Gentry, S. Halevi, and N. P. Smart, "Fully Homomorphic Encryption with Polylog Overhead," in Proceedings of the 31st Annual International Conference on the Theory and Applications of Cryptographic Techniques (EUROCRYPT), Cambridge, UK, Apr. 2012, pp. 465-482.
  16. N. P. Smart and F. Vercauteren, "Fully Homomorphic SIMD Operations," Designs, Codes and Cryptography, vol. 71, no. 1, pp. 57-81, 2014.
  17. S. Wang, J. Liu, Y. Zhang, and J. Chen, "Security in the Multi-Cloud: Opportunities and Challenges," IEEE Cloud Computing, vol. 5, no. 1, pp. 29-37, 2018.
  18. J. S. Gallagher, "Planning for Zero Trust in a Hybrid Cloud Environment," Journal of Cybersecurity Planning, vol. 2, no. 1, pp. 55-65, 2020.
  19. F. Li, "Risk Assessment in Hybrid Cloud Environments," IEEE Security & Privacy, vol. 14, no. 6, pp. 30-37, 2016.
  20. Z. Brakerski and V. Vaikuntanathan, "Efficient Fully Homomorphic Encryption from (Standard) LWE," in Proceedings of the 52nd Annual IEEE Symposium on Foundations of Computer Science (FOCS), Palm Springs, CA, USA, Oct. 2011, pp. 97-106.