Skip to main navigation menu Skip to main content Skip to site footer

Articles

Vol. 1 No. 2 (2022): August Edition 2022

Zero Trust Security Models in Cloud Infrastructure - Adoption of zero-trust principles for enhanced security

Submitted
October 17, 2024
Published
2022-05-13

Abstract

The adoption of zero trust security models in cloud infrastructure has become increasingly vital as organizations face sophisticated cyber threats and complex IT environments. Traditional security approaches, which rely on perimeter defenses, are no longer sufficient in the cloud era where resources and users are distributed across various networks. Zero trust principles, which operate on the premise that no entity—inside or outside the network—should be trusted by default, offer a more robust and adaptive security framework. This model emphasizes continuous verification of user identities, strict access controls, and monitoring of all activities, regardless of location or device. In cloud infrastructure, zero trust can provide enhanced security by minimizing the attack surface and preventing unauthorized access to critical resources. It also aligns well with the dynamic nature of cloud environments, where workloads frequently shift, and users access resources from diverse locations. The implementation of zero trust requires careful planning, including integrating identity and access management (IAM) systems, multi-factor authentication (MFA), and network segmentation. By embracing these principles, organizations can better protect their data, reduce the risk of breaches, and comply with increasingly stringent regulations. As cloud adoption continues to grow, zero trust is emerging as a key strategy for securing cloud infrastructures, making it an essential consideration for businesses looking to safeguard their operations in today’s digital landscape.

References

  1. Mehraj, S., & Banday, M. T. (2020, January). Establishing a zero trust strategy in cloud computing environment. In 2020 International Conference on Computer Communication and Informatics (ICCCI) (pp. 1-6). IEEE.
  2. Stafford, V. (2020). Zero trust architecture. NIST special publication, 800, 207.
  3. Horne, D., & Nair, S. (2021). Introducing zero trust by design: Principles and practice beyond the zero trust hype. Advances in security, networks, and internet of things, 512-525.
  4. DelBene, K., Medin, M., & Murray, R. (2019). The Road to Zero Trust (Security). DIB Zero Trust White Paper, 9.
  5. Cunningham, C. (2018). Zero Trust: what, why and how.
  6. Kindervag, J. (2010). Build security into your network’s dna: The zero trust network architecture. Forrester Research Inc, 27, 1-16.
  7. Modderkolk, M. G. (2018). Zero Trust maturity matters: Modeling cyber security focus areas and maturity levels in the Zero Trust principle (Master's thesis).
  8. Kindervag, J. (2011). Applying zero trust to the extended enterprise. Forrester Research, Cambridge, MA, Rep. E-RES60253, 1-8.
  9. Mohammed, I. A. (2019). Cloud identity and access management–a model proposal. International Journal of Innovations in Engineering Research and Technology, 6(10), 1-8.
  10. Zaheer, Z., Chang, H., Mukherjee, S., & Van der Merwe, J. (2019, April). eztrust: Network-independent zero-trust perimeterization for microservices. In Proceedings of the 2019 ACM Symposium on SDN Research (pp. 49-61).
  11. Di Salvo, C. (2018). How Blockchain Will Change Cybersecurity Practices. Cybersecurity Best Practices: Lösungen zur Erhöhung der Cyberresilienz für Unternehmen und Behörden, 493-510.
  12. Zheng, E., Gates-Idem, P., & Lavin, M. (2018, April). Building a virtually air-gapped secure environment in AWS: with principles of devops security program and secure software delivery. In Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security (pp. 1-8).
  13. Wang, H. (2016). Research on network information security model and system construction. In SHS Web of Conferences (Vol. 25, p. 02010). EDP Sciences.
  14. Elumalai, A., Kaplan, J., Newborn, M., & Roberts, R. (2016). Making a secure transition to the public cloud.
  15. Parikh, A. (2019). Cloud security and platform thinking: an analysis of Cisco Umbrella, a cloud-delivered enterprise security (Doctoral dissertation, Massachusetts Institute of Technology).