Redefining zero trust architecture in cloud networks: A conceptual shift towards granular, dynamic access control and policy enforcement
1 Globacom Nigeria Limited, Nigeria.
2 Independent Researcher, Canada.
3 Independent Researcher, Texas, USA.
4 Independent Researcher, Lagos, Nigeria.
5 Amstek Nigeria Limited.
6 CISCO, Nigeria.
Magna Scientia Advanced Research and Reviews, 2021, 02(01), 074–086
Article DOI: 10.30574/msarr.2021.2.1.0032
Publication history:
Received on 04 March 2021; revised on 10 May 2021; accepted on 15 May 2021
Abstract:
The growing complexity and scale of cloud networks require more adaptive and flexible security models. Zero Trust Architecture (ZTA), which operates on the principle of "never trust, always verify," has emerged as a foundational security model for cloud environments. However, traditional Zero Trust models, characterized by static policies and rigid access control mechanisms, struggle to keep up with the dynamic nature of modern cloud networks. This review proposes a conceptual shift towards a more granular and dynamic approach to Zero Trust in cloud environments, focusing on the integration of real-time, context-aware access control and adaptive policy enforcement. The new model emphasizes the need for access decisions based on a continuous evaluation of risk, considering factors such as user behavior, device compliance, application context, and environmental conditions. This approach enables more precise, least-privilege access control, ensuring that users and devices only access the resources they need under the right circumstances. By leveraging machine learning, artificial intelligence, and real-time analytics, the model introduces dynamic policy enforcement that evolves based on ongoing monitoring, rather than relying on static, predefined rules. Furthermore, the review explores the role of identity and access management (IAM), multi-factor authentication (MFA), and other advanced security technologies in supporting this granular approach. The integration of service mesh architectures and microservices is also examined as a means to enforce security at the application level. Through the implementation of these principles, organizations can enhance their security posture, reduce the risk of breaches, and ensure compliance with evolving regulatory standards. Ultimately, this conceptual shift towards dynamic, granular Zero Trust aims to provide more robust, scalable, and flexible security models that align with the needs of modern cloud environments, offering greater protection against sophisticated cyber threats while improving operational efficiency.
Keywords:
Zero trust architecture; Cloud networks; Policy enforcement; Conceptual shift
Full text article in PDF:
Copyright information:
Copyright © 2021 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0