The changeability of the multi-cloud ecosystems is the main problem that 2 things cannot be enforced by the same static security policies; the dynamism of access patterns and a distributed nature of assets. Growth-able Zero-Trust security architecture providing assessment-based on con-text and adaptation to current risk is an essential element of maintaining confidentiality, integrity, and availability. The proposed system integrates a Trust Scoring Engine, Risk Profiling Module, and Adaptive Policy Decision Framework to de-liver resilient, context-aware access control across three virtual cloud environments. It has instrumentation that comprises Bayesian Trust Evaluator, Policy Up-date Scheduler and entropy measure-based anomaly monitor. This paper demonstrates why proposed system is better than the traditional Role-Based Access Control (RBAC) and Micro-Segmentation-based Zero-Trust models. Former experimental simulation utilized 5,000 users, 250,000 access events per access events, 60 policy updates per minute, and dynamic behavior reading with the dynamic behavior issue at different levels of threat. Quantitative results show a 42.5% reduction in unauthorized access attempts, a 35.8% improvement in policy update responsiveness, and a 61.3% increase in trust assessment accuracy. Access latency was minimized to an average of 1.7 s under peak load, outperforming benchmarks by at least 29%. The entropy-based risk detection mechanism reduced response delays by 24%, enabling real-time threat mitigation. Scalability was demonstrated on the architectural front, where consistency in the performance was measured to three cloud domains. Through continuous context evaluation and dynamic enforcement, the present paper presents a strong architecture that meets enterprise levels of Zero-Trust adoption of the multi-cloud context and, in so doing, brings a significant leap in adaptive cybersecurity mechanisms.

错误:搜索内容不能为空,请输入英文关键词
错误:关键词超出字数限制,请精简
高级检索

Design and Implementation of a Scalable Zero-Trust Security Architecture for Multi-cloud Environments with Dynamic Policy Enforcement and Continuous Risk Assessment

  • Chirag Mavani,
  • Hirenkumar Mistry

摘要

The changeability of the multi-cloud ecosystems is the main problem that 2 things cannot be enforced by the same static security policies; the dynamism of access patterns and a distributed nature of assets. Growth-able Zero-Trust security architecture providing assessment-based on con-text and adaptation to current risk is an essential element of maintaining confidentiality, integrity, and availability. The proposed system integrates a Trust Scoring Engine, Risk Profiling Module, and Adaptive Policy Decision Framework to de-liver resilient, context-aware access control across three virtual cloud environments. It has instrumentation that comprises Bayesian Trust Evaluator, Policy Up-date Scheduler and entropy measure-based anomaly monitor. This paper demonstrates why proposed system is better than the traditional Role-Based Access Control (RBAC) and Micro-Segmentation-based Zero-Trust models. Former experimental simulation utilized 5,000 users, 250,000 access events per access events, 60 policy updates per minute, and dynamic behavior reading with the dynamic behavior issue at different levels of threat. Quantitative results show a 42.5% reduction in unauthorized access attempts, a 35.8% improvement in policy update responsiveness, and a 61.3% increase in trust assessment accuracy. Access latency was minimized to an average of 1.7 s under peak load, outperforming benchmarks by at least 29%. The entropy-based risk detection mechanism reduced response delays by 24%, enabling real-time threat mitigation. Scalability was demonstrated on the architectural front, where consistency in the performance was measured to three cloud domains. Through continuous context evaluation and dynamic enforcement, the present paper presents a strong architecture that meets enterprise levels of Zero-Trust adoption of the multi-cloud context and, in so doing, brings a significant leap in adaptive cybersecurity mechanisms.