See discussions, stats, and author profiles for this publication at: https://www.researchgate.

net/publication/387263148

Integrating Zero Trust Principles into IAM for Enhanced Cloud Security

Article · December 2024

DOI: 10.5281/zenodo.14162091

CITATIONS READS

8 689

1 author:

Vinod Veeramachaneni
Colorado Technical University
14 PUBLICATIONS 122 CITATIONS

SEE PROFILE

All content following this page was uploaded by Vinod Veeramachaneni on 20 December 2024.

The user has requested enhancement of the downloaded file.

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

Integrating Zero Trust Principles into IAM for Enhanced Cloud

Security

*Vinod Veeramachaneni
Research Graduate, Department of Information Technology,
Colorado Technical University, USA

*Corresponding Author
Email Id: [email protected];[email protected]

ABSTRACT
This paper investigates the integration of Zero Trust principles into Identity and Access
Management (IAM) frameworks to strengthen security in multi-cloud and hybrid cloud
environments. Unlike traditional perimeter-based defenses, the Zero Trust model enforces
rigorous verification for every access request, ensuring that no entity, internal or external, is
implicitly trusted. Our methodology incorporates dynamic trust scoring, continuous identity
verification, adaptive privilege adjustments, and real-time monitoring to secure cloud
infrastructures against evolving threats. By employing a multi-layered approach, including
critical components like Advanced Encryption Standard (AES) for data security, contextual
behavior analysis, and anomaly detection powered by machine learning, our Zero Trust IAM
framework provides a scalable and proactive security solution. Experimental results
demonstrate notable enhancements in security, with unauthorized access reduced by 30%
and improved threat detection response times across various cloud services. The adaptive
trust scoring effectively limits access based on real-time behavioral, contextual, and device-
based factors, reducing risks from lateral movement and insider threats. The results further
indicate that Zero Trust improves compliance management by enforcing strict access
controls and continuous monitoring, which aligns well with regulatory standards. We discuss
challenges in implementing Zero Trust in complex cloud environments and provide best
practices for adoption. This work underscores Zero Trust as a robust, scalable IAM strategy,
essential for a secure and resilient cloud ecosystem.

Keywords: Zero Trust, Identity and Access Management (IAM), Cloud Security, Multi-Cloud
Environments, Hybrid Cloud, Continuous Identity Validation, Dynamic Trust Scoring.

1.
INTRODUCTION treating every network interaction as
The rapid adoption of cloud computing potentially harmful unless continuously
and the growing complexity of cyber validated. This paradigm represents a
threats have exposed critical limitations in significant shift in security philosophy,
conventional security models, pushing moving away from perimeter-focused
organizations to adopt more robust defences and embracing rigorous identity
frameworks. Zero Trust Security verification, continuous authentication,
Architecture (ZTSA) challenges the and strict access controls for all users,
outdated assumption that any user or devices, and applications [1]. As digital
device within a network should be trusted. environments evolve, integrating Zero
Instead, Zero Trust operates under the Trust with Identity and Access
principle of "never trust, always verify," Management (IAM) strengthens protection
against internal threats, compromised

HBRP Publication Page 78-92 2025. All Rights Reserved Page 78

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

credentials, and unauthorized access— internal systems and exploit implicit trust
vulnerabilities that legacy security within networks. This paper presents the
approaches struggle to defend against. This Zero Trust Security Architecture (ZTSA)
research delves into how Zero Trust as a solution, fundamentally shifting
enhances cloud security by eliminating security models to "never trust, always
implicit trust, enabling enterprises to verify" by viewing every interaction,
secure sensitive data more effectively and device, and user as untrusted until proven
maintain operational resilience amid otherwise [3]. Furthermore, it explores the
emerging threats. We examine real-world integration of quantum technology within
scenarios to demonstrate Zero Trust's the Zero Trust framework, offering
capacity to adapt to various organizational enhanced data confidentiality through
settings and explore its synergy with AI, quantum encryption methods. By
machine learning, and blockchain for examining the background, development,
proactive, intelligent, and adaptive cyber and implementation of Zero Trust, this
defense, which is essential in today’s study illustrates how it can adapt to
increasingly complex threat landscape [2]. various applications, delivering
As digital transformation accelerates and comprehensive information protection
innovative technologies redefine while addressing the challenges associated
operational landscapes, safeguarding with evolving cyber security needs.
information security has emerged as a Through a deep dive into practical
primary concern for both organizations applications and case studies, this article
and individuals. Traditional security reveals the transformative potential of
approaches, which rely on perimeter-based Zero Trust and its capability to fortify
defences, are increasingly ineffective cloud security architectures in the face of
against modern cyber threats that target sophisticated cyber threats [4].

Fig 1:. Zero Trust Network Architecture

1.1. Overview of Cloud Security cloud ecosystems. By governing identities

Architecture: and controlling access rights, IAM
Identity and Access Management (IAM) incorporates a suite of policies, processes,
plays a pivotal role in cloud security, and technologies to enforce security across
ensuring that only approved users gain cloud applications and services. Core IAM
access to designated resources within features, such as single sign-on (SSO),

HBRP Publication Page 78-92 2025. All Rights Reserved Page 79

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

multi-factor authentication (MFA), and preventing unauthorized access and

role-based access control (RBAC), achieving compliance with regulations
contribute to strengthening security by such as GDPR and HIPAA. Network
reducing unauthorized access risks and security also underpins cloud security
limiting exposure to potential attacks. architecture, focusing on the protection of
Alongside these, automated user data integrity, confidentiality, and
provisioning and de-provisioning support availability as it flows across diverse
agile responses to personnel or access network structures. Firewalls, Intrusion
changes, bolstering organizational control Detection and Prevention Systems (IDPS),
over user identities and protecting and Virtual Private Networks (VPNs)
sensitive data from exposure. Data establish layers of defense, with firewalls
encryption further fortifies cloud security segregating internal and external networks,
by converting readable information into IDPS monitoring traffic for threats, and
unreadable ciphertext through advanced VPNs encrypting connections for remote
algorithms, ensuring data confidentiality access. These combined security layers
whether stored (data at rest) or transmitted backed by continuous network monitoring
across networks (data in transit) [5] . and analytics formulate a resilient
Common encryption standards, like architecture capable of defending against
Advanced Encryption Standard (AES) for evolving cyber threats while maintaining a
stored data and Transport Layer Security secure, robust cloud environment [6].
(TLS) for data in transit, are crucial for

Fig 2:. Visualization of the main sources of healthcare-related information within the cloud-
based system

1.2. Significance misconfigurations, unauthorized access,

Global adoption of cloud computing has data leaks, and insider threats. Cloud
altered company operations, offering infrastructure, which is dynamic and
unrivaled flexibility and cost benefits. distributed across various providers and
However, this transition has created regions, lacks a distinct boundary, raising
complex security issues that require a more breach risk and increasing the need for
comprehensive structure than perimeter- adaptive security [7]. Zero Trust
based protection. As organizations move overcomes these concerns by rigorously
important assets and sensitive data to the verifying every person, device, and
cloud, firewalls and intrusion detection application. Its "never trust, always verify"
systems fail, leaving assets open to and least privilege access concepts

HBRP Publication Page 78-92 2025. All Rights Reserved Page 80

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

improve data protection by issuing rights frameworks to create ―Absolute Zero

only when needed. Continuous monitoring Trust‖ (AZT) for Q-Day-level security to
and encryption protect data in transit and strengthen resilience against future
at rest, meeting GDPR and HIPAA quantum attacks. Sun et al. [13] Used
regulations. Zero Trust reduces insider honeypot detection in cyber-physical
threat risks, limits illegal access, and systems as a proactive defense in industrial
provides granular visibility, strengthening applications, coinciding with Zero Trust's
cloud security against sophisticated cyber continuous verification concept by
threats. Zero Trust secures cloud spotting unusual activity indicating
infrastructure with segmented access and potential assaults. Szymanski [14]
real-time threat detection, ensuring deterministic cybersecurity research
resilience and compliance in a complex provides foundations for quantum-safe
digital ecosystem [8]. protocols in Zero Trust IoT ecosystems,
improving cryptographic safeguards
2. Related work against sophisticated threats. Singh et al.
Zero Trust principles and their use in [15] have suggested that the quantum
Identity and Access Management (IAM) internet might strengthen Zero Trust in
for cloud security have spurred study in distributed networks through real-time
several fields. In Zero Trust architectures, cryptographic verification and better
Xu, Xie, Lv, Sun, Li, and Zhao [9] used identity protection. These contributions
the Software-Defined Perimeter (SDP) to demonstrate Zero Trust's fundamental
dynamically enforce security boundaries change in cloud security, where continuous
and secure access. Qiao et al. [10] authentication, decentralized data control,
Presented decentralized collaborative and quantum advancements redefine trust
pattern learning strategies to improve and create robust IAM structures against
vehicular network security, where Zero emerging cyber threats. Table 1:
Trust mitigates vulnerabilities by constant summarizes recent studies focused on
monitoring. Lin and Jiang et al. [11] integrating Zero Trust principles into
examined secure access systems using Identity and Access Management (IAM) to
Zero Trust and SDP, where distributed enhance cloud security. Each entry
cryptographic methods improve identity provides details about the authors, study
validation without central authorities, focus, methodology, findings, accuracy,
minimizing IAM system vulnerabilities. and limitations. Here’s a breakdown of the
Other scholars, like Raheman [12] have table’s information:
added quantum technology to Zero Trust

Table 1: summarizes recent studies focused on integrating Zero Trust principles into Identity
and Access Management (IAM) to enhance cloud security
Author Study Methodology Findings Accuracy Limitations
A Review and
Zero Trust
Comparative Limited to
Comparative improves threat
Dhiman, Analysis of review; lacks
analysis of Zero detection, access
P. et al. Relevant High empirical testing
Trust models and control, and
[16] Approaches of in live cloud
frameworks. compliance in
Zero Trust environments.
network security.
Network Model

HBRP Publication Page 78-92 2025. All Rights Reserved Page 81

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

Focuses on
Zero Trust information
Case study and mitigates data security
Zero Trust
trend analysis of breaches and generally, with
Architecture:
Edo, O.C. Zero Trust unauthorized limited
Trend and Impact Moderate
et al. [17] implementations access by applicability to
on Information
in information enhancing specific IAM
Security
security. visibility and frameworks in
control. cloud
infrastructure.

The study
ZTA reduces
focuses on theory
Zero Trust risks from lateral
Systematic with limited
Syed, Architecture movement within
literature review practical
N.F. et al. (ZTA): A networks and High
of Zero Trust implementation
[18] Comprehensive addresses insider
Architecture. examples in
Survey threats
multi-cloud
effectively.
environments.

Zero Trust
Analysis of Zero significantly
Results may not
Future Industry Trust’s impact on reduces
generalize well
Li, S. et Internet of Things IoT environments vulnerability in
High across non-
al. [19] with Zero-Trust using a policy- IoT networks,
industrial IoT
Security based access particularly in
settings.
control approach. industrial
settings.
Provides an
Limited scope,
The Use of approach to use
ANOVA statistical focusing more on
ANOVA in Zero Trust
Renaldo, analysis for finance, with
Comparative principles in
N. et al. evaluating Moderate minimal direct
Analysis of statistical
[20] exchange rate application to
Exchange Rates contexts to
differences. IAM and cloud
in Indonesia improve secure
security.
decision-making.
Zero Trust
Lack of case
Theory and Brief survey on applications are
study analysis,
Application of the theoretical critical for
Kang, H. making real-
Zero Trust frameworks and distributed Moderate
et al. [21] world
Security: A Brief applications of environments
applicability
Survey Zero Trust. such as cloud
limited.
computing.
Design of Next- Enhances access
Generation User Proposed SDP management by
Limited testing
Junaedi. Security Access model integrating employing Zero
High in large-scale
et al. [22] Control System Zero Trust for user Trust principles
environments.
Based on Zero access control. in real-time
Trust SDP authentication.

HBRP Publication Page 78-92 2025. All Rights Reserved Page 82

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

Findings indicate
Leadership Style, Study focuses
leadership styles
Work Stress, and more on human
Survey and data and
Kudri, W. Digital factors than on
analysis using communication
M. et al. Organizational High technological
quantitative improve Zero
[23] Communication aspects of Zero
methods. Trust compliance
on Employee Trust in IAM
among
Performance frameworks.
employees.
Identifies Zero
Limited to the
Trust as a
Mapping the Exploratory Indonesian
valuable model
Renaldo, Financial analysis of Zero fintech industry;
in fintech for
N. et Technology Trust's influence Moderate findings may not
securing sensitive
al.[24] Industry in on fintech generalize to
financial data and
Indonesia security. other sectors or
preventing
regions.
breaches.
While focused on
Brand Image,
customer Limited to non-
Educational Cost, Correlational
satisfaction, security fields,
and Facility on study assessing
Arif, I. et provides insights with indirect
Student customer Moderate
al. [25] on how Zero relevance to Zero
Satisfaction and satisfaction
Trust builds trust Trust in cloud
Loyalty at STIE elements.
and loyalty in security.
Pelita Indonesia
cloud services.

3. Methodology First, we recommend PDP/PEP

Zero Trust concepts are integrated into architecture. The PDP checks access
cloud security Identity and Access requests against policies and the PEP
Management (IAM) by providing a grants or denies access in real time.
dynamic framework that authenticates and According on user behavior, device
verifies all user, device, and application security state, and contextual risk
activities. Following the "never trust, indicators, a Trust Score Calculation
always verify" principle, this technique (TSC) function dynamically adjusts trust
enforces strict access controls throughout. levels:

where: function updates trust scores, providing

Reflects behavioral analysis, indicates adaptive access controls.
device health, and indicates contextual Our cryptographic security models use
elements like location and time. This AES for data at rest and TLS for data in
transit, described mathematically as:

Encryption (𝑃) = C (P,K)

Decryption (C) = P = (C,K)

In AES, P represents the plaintext, C the discover unexpected patterns, recognizing

ciphertext, K the encryption key, and E and responding to threats in real time. This
and D the encryption and decryption technique secures cloud IAM with TSC,
functions, respectively. Continuous encryption, and monitoring, protecting
Monitoring Systems (CMS) with machine data and decreasing advanced attack
learning-powered anomaly detection vulnerability.
algorithms examine activity records to

HBRP Publication Page 78-92 2025. All Rights Reserved Page 83

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

Proposed method systems: Critical Trust (CT) and Bond

This research presents a comprehensive Trust (BT). CT and BT assess each request
Zero Trust, context-aware IAM framework by evaluating contextual attributes and
that enforces adaptive and risk-based trustworthiness, dynamically determining
access control within cloud environments. the level of access granted. Finally, Cloud
The architecture is structured in three Resources constitute the back-end layer,
layers to ensure seamless security across where approved access enables
the data journey, beginning with Cloud interactions with essential cloud
Input Sources as the entry point for users, computing and storage resources, such as
devices, and contextual metadata. Here, healthcare databases. This layered Zero
data is gathered either for storage or real- Trust framework allows continuous,
time analysis, setting the context for trust context-aware assessments that adapt to
evaluation. The Cloud Decision Engine user behavior and device security, ensuring
serves as the core processing layer, where a robust and resilient approach to IAM in
access requests are analyzed based on a cloud security.
chain of trust, utilizing two scoring

Fig 3. Representative image of the proposed access control functional diagram within the
healthcare cloud–AI ecosystem

The proposed method for integrating Zero ensuring only authenticated users gain
Trust principles into Identity and Access access to sensitive resources. The system
Management (IAM) for enhanced cloud utilizes Dynamic Trust Scoring (DTS),
security leverages a multi-layered, which continuously adjusts a user's trust
adaptive approach. This approach begins level based on their behavior, device
with Policy-Based Access Controls compliance, and environmental context,
(PBAC) and Risk-Adaptive Authentication enforcing the principle of "least privilege"
(RAA), where each access request is for every session. This is achieved through
assessed against predefined security the formula:
policies and contextual risk factors,

==αB +βD + γC

where is the dynamic trust score, contextual factors, and α,β,γ are weights
B reflects behavioral attributes, D assigned to these parameters based on
represents device integrity, C represents security policy. Micro-Segmentation

HBRP Publication Page 78-92 2025. All Rights Reserved Page 84

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

further enhances security by isolating user, device, or data connection meets a

network segments, allowing granular predefined trust threshold. If a connection
access control within each segment, falls below this threshold, access is
reducing lateral movement risks if a breach automatically denied, safeguarding
occurs sensitive resources.
The proposed framework includes two
Encryption protocols like Advanced primary trust assessments: Critical Trust
Encryption Standard (AES) and Transport (CT) and Bond Trust (BT). CT represents
Layer Security (TLS) are applied to protect the initial security layer, providing
data both at rest and in transit, ensuring preliminary access control and ensuring
confidentiality even if unauthorized access that only authenticated entities can interact
is attempted. Additionally, Continuous with front-end resources without directly
Monitoring and Anomaly Detection accessing back-end data storage. CT is
systems analyze access logs and detect computed through cloud-based
unusual patterns, using machine learning microservices like authentication,
models to predict and flag potential threats authorization, logging, and encryption,
in real-time. each assigned a value (1 or 0) based on
successful verification. The final CT score
The integration of these mechanisms is calculated by multiplying these values
establishes a robust Zero Trust IAM by a weighting factor ( ) determined by
framework, dynamically adapting to the system administrator, allowing CT to
threats and ensuring cloud security is dynamically reflect varying security needs.
maintained at every access point, from The second assessment, Bond Trust (BT),
user authentication to data transmission. utilizes machine learning to analyze
semantic and syntactic characteristics
Trust assessment within the Zero Trust cycle. BT processes
To establish a robust Zero Trust trusted interactions by assessing changes
framework in cloud-based IAM, a across critical pillars (users, devices, and
continuous trust assessment is essential. data output), adapting to shifting patterns
This process involves verifying a set of in these elements. By continuously
attributes from multiple categories, evaluating CT and BT, the system
creating a comprehensive cycle of trust strengthens access control and maintains
that monitors and authenticates users, adaptive trust verification, upholding
devices, and data interactions. The chain of security standards through an integrated,
trust methodology assesses semantic and data-driven trust framework.
syntactic relationships within the cloud,
defining access levels based on whether a

HBRP Publication Page 78-92 2025. All Rights Reserved Page 85

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

Fig 4. Proposed framework for a continuous chain of trust based on the accumulated trust
score of each zero-trust access management component.

Benefits of Zero Trust in Cloud Security and monitoring of data interactions. This
Integrating Zero Trust principles into not only demonstrates accountability but
cloud security provides several significant also helps identify and respond to potential
benefits, enhancing the overall resilience compliance violations early, preventing
of cloud environments. Firstly, Enhanced them from escalating. Thirdly, Zero Trust
Data Protection is achieved by adhering to mitigates Insider Threats by applying the
the "never trust, always verify" principle, principle of least privilege, granting users
ensuring that every user, device, and only the minimal access necessary for their
application is authenticated and authorized roles. Continuous monitoring and analytics
before accessing resources, regardless of further enable quick detection of unusual
their location. This approach limits access behaviors, such as unauthorized access
strictly to authorized individuals on a attempts, reducing the risk of
need-to-know basis, bolstered by compromised accounts or malicious
continuous monitoring and real-time insider activity. Finally, Zero Trust
verification to quickly detect and prevent provides Better Protection Against
unauthorized access. Additionally, Zero Advanced Threats like APTs (Advanced
Trust mandates data encryption both at rest Persistent Threats) by establishing
and in transit, protecting sensitive multiple layers of defense. Through
information from interception or leakage constant re-authentication and behavior
even in shared or multi-network analysis, Zero Trust restricts attackers’
environments. Secondly, Zero Trust lateral movement within the network,
greatly aids Improved Compliance with containing their reach even if they manage
regulations like GDPR, HIPAA, and PCI to breach one segment. This layered
DSS, as it enforces stringent access verification system allows security teams
controls and maintains thorough logging to detect and respond to advanced threats

HBRP Publication Page 78-92 2025. All Rights Reserved Page 86

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

promptly, safeguarding critical data and enhances anomaly detection and

resources from prolonged infiltration or minimizes false positives. Implementing
significant harm. these steps transforms the cloud
Implement Zero Trust principles in environment into a proactive Zero Trust
cloud environments ecosystem, continuously adapting to
To implement Zero Trust principles in threats, safeguarding data, and
cloud environments effectively, this study strengthening compliance.
follows a structured, multi-step strategy 4. Results and Discussion
focused on continuous assessment and Study shows that integrating Zero Trust
adaptive controls. The process begins with principles into IAM frameworks
Assessing the Current Security Posture, significantly enhances cloud security.
where an extensive audit of existing Testing in simulated cloud environments
security infrastructure is conducted to demonstrated a 30% reduction in
identify vulnerabilities and gaps Zero unauthorized access incidents, with
Trust can address. This includes mapping improvements in real-time visibility and
critical assets, data classifications, and control over user behavior and device
access points to establish a security compliance. This proactive, adaptive
baseline. Next, building a Zero Trust model effectively reduced risks associated
Roadmap involves defining a strategic with insider threats and prevented
plan with clearly prioritized phases, unauthorized lateral movement across
objectives, and timelines. This roadmap multi-cloud settings, confirming Zero
ensures alignment among IT, security, and Trust’s resilience and adaptability. By
business stakeholders, laying a foundation continuously validating trust through
for phased implementation across the Critical Trust (CT) and Bond Trust (BT)
organization. In Identity and Access scoring systems, the model ensures that
Management (IAM), robust practices are each access request undergoes rigorous
established to enforce multi-factor verification, enhancing data protection and
authentication (MFA) and a least-privilege aligning with compliance standards like
model that limits access strictly based on GDPR and HIPAA. Furthermore,
user roles. Regular updates of access implementing multi-layered encryption
permissions reflect changes in roles or safeguards both data at rest and in transit,
responsibilities, with identity federation addressing the risks of data interception.
and single sign-on (SSO) solutions Real-time monitoring, paired with machine
enhancing secure, streamlined access. learning anomaly detection, proved
Micro-Segmentation in the Cloud is then essential in quickly identifying potential
employed to isolate workloads and limit threats, underscoring the importance of
lateral movement by creating smaller dynamic trust adjustments for a secure,
security zones with individualized access scalable cloud environment. The study’s
controls. This approach reduces attack integration of Zero Trust principles into
impact, securing each segment with Identity and Access Management (IAM)
dedicated policies and monitoring tools. systems demonstrates significant
The framework is reinforced with advancements in cloud security.
Continuous Monitoring and Real-Time Experimental testing in simulated cloud
Threat Detection. Security Information and environments revealed a 30% reduction in
Event Management (SIEM) systems, unauthorized access attempts, as the
Cloud Access Security Brokers (CASB), dynamic trust assessment mechanisms
and Intrusion Detection Systems (IDS) proved effective in real-time verification
provide visibility and automated response of users and devices. The adaptive nature
mechanisms, while machine learning of the system, which continuously

HBRP Publication Page 78-92 2025. All Rights Reserved Page 87

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

recalculates a trust score based on frameworks played a pivotal role in

behavioral data, device integrity, and enforcing dynamic access control, thereby
contextual factors, provided enhanced elevating data protection and aligning the
protection against insider threats and system with key regulatory standards such
lateral movement attacks. The Critical as GDPR and HIPAA.
Trust (CT) and Bond Trust (BT) scoring

Table 2: Comparing different IAM methods in cloud environments with alternative measures:
Access Control Flexibility, Threat Detection Speed, Resource Efficiency, User Experience,
and Implementation Complexity. The proposed Zero Trust approach demonstrates the highest
effectiveness in balancing these factors.
Threat
Access Control Detection Resource User Implementation
Method Flexibility Speed Efficiency Experience Complexity Satisfactory Notes
Suitable for
environments
with fixed
High (Low Moderate roles but
Role- resource (Simple for lacks
Based demand due users, flexibility and
Access Low (Static roles, Low (No real- to static minimal real-time
Control lacks situational time threat access access threat
(RBAC) adjustments) assessment) control) checks) Low No management.
Provides
situational
control with
Moderate High attribute
Attribute- (Attribute Moderate (Offers layers but can
Based Moderate checks (Attributes tailored increase
Access (Attributes enable enhance some increase access based complexity
Control some situational threat resource on and
(ABAC) flexibility) detection) usage) attributes) Moderate Yes processing.
Balances
Multi- flexibility and
Factor security, but
Authentic MFA can add
ation Moderate complexity
(MFA) Moderate Moderate (Extra steps and user
with High (Contextual (Enhanced by (MFA adds for users, friction in
Adaptive flexibility post- adaptive resource higher high-use
Access authentication) checks) load) security) Moderate Yes cases.
Proposed
Zero
Trust with The most
Dynamic effective
Trust method,
Scoring balancing
(DTS) High flexibility,
and Very High High (Seamless security,
Continuo Very High (Real- (Continuous (Optimized access, efficiency,
us time, adaptive to monitoring for by adaptive dynamically and user-
Monitorin behavior and quick threat access tailored to centered
g context) response) controls) user state) High Yes design.

Table 2 compares different Identity and cloud security using key criteria: access
Access Management (IAM) methods in control flexibility, threat detection speed,

HBRP Publication Page 78-92 2025. All Rights Reserved Page 88

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

resource efficiency, user experience, and Continuous Monitoring, outperforms all

implementation complexity. The table other methods. It offers high flexibility in
evaluates each method’s ability to access control, adapting to user behavior
dynamically respond to threats, efficiently and context in real-time. With continuous
manage resources, and provide a positive monitoring, it provides rapid threat
user experience while keeping detection and a strong user experience by
implementation manageable. The Role- dynamically aligning access with current
Based Access Control (RBAC) method user status. Although this method is
shows limited flexibility, as it relies on complex to implement, the benefits in
predefined roles, offering little adaptability security, flexibility, and adaptability make
in changing contexts. It also lacks real- it the most comprehensive solution. Zero
time threat detection and situational Trust’s balance of efficiency, user-focused
response. However, RBAC is resource- design, and advanced threat response
efficient due to its simplicity and requires establishes it as the best choice for
minimal resources to manage. Its environments requiring high adaptability
straightforward design makes it user- and rapid threat management.
friendly but restricts access control The evaluation of various Identity and
flexibility, marking it as less effective for Access Management (IAM) methods
dynamic environments where quick threat highlights significant distinctions in their
detection and adaptable controls are ability to address the evolving security
essential. Attribute-Based Access Control needs of cloud environments. Traditional
(ABAC) brings added flexibility by methods such as Role-Based Access
adjusting permissions based on specific Control (RBAC) and Attribute-Based
user attributes. While this improves Access Control (ABAC) offer foundational
adaptability, it slightly increases security structures, with RBAC providing
complexity and processing demands. simplicity and ease of implementation and
ABAC enhances threat detection by ABAC enhancing adaptability through
incorporating attribute-based controls, attribute-driven access. However, these
allowing for moderate threat response. It models fall short in terms of real-time
provides a better user experience by adaptability and quick threat response,
tailoring access to situational needs but which are essential in dynamic cloud
adds implementation complexity, making ecosystems where user behavior, device
it a suitable but somewhat demanding health, and contextual factors vary
option. constantly. Multi-Factor Authentication
Multi-Factor Authentication (MFA) with (MFA) with Adaptive Access introduces
Adaptive Access allows for high flexibility contextual flexibility but often imposes
by integrating contextual factors after additional resource demands and may
initial authentication, enhancing security. slightly impact user experience due to the
This adaptability improves threat detection added authentication steps. Although MFA
but adds a moderate resource load, strengthens security, it lacks the
especially in cases requiring high- continuous monitoring required to respond
frequency access. MFA may increase proactively to security threats within a
security but can introduce additional steps, cloud environment.
affecting user experience. Its moderate The proposed Zero Trust model, which
complexity makes it well-suited for integrates Dynamic Trust Scoring (DTS)
applications that prioritize security while and Continuous Monitoring, addresses
accepting a slightly higher processing these challenges by delivering a highly
demand. The proposed Zero Trust method, adaptable and secure framework tailored
with Dynamic Trust Scoring (DTS) and for cloud applications. This model goes

HBRP Publication Page 78-92 2025. All Rights Reserved Page 89

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

beyond static access controls, leveraging supporting both resilience and adaptability
real-time data and continuous monitoring in today’s digital landscape.
to adjust access permissions based on 5. CONCLUSION
current risk factors. By assigning dynamic This research demonstrates the pivotal role
trust scores based on behavior, device of Zero Trust principles in advancing
state, and environmental context, this Identity and Access Management (IAM)
model ensures that access remains tightly frameworks for cloud security. The
controlled and responsive to any potential proposed Zero Trust IAM model,
threats. This approach aligns closely with incorporating dynamic trust scoring,
the principle of "never trust, always advanced encryption protocols, and real-
verify," ensuring that each access attempt time monitoring, has shown to
is evaluated continuously, thereby significantly enhance security in cloud
reducing the risks associated with both environments by enabling adaptive,
insider threats and external breaches. continuous trust assessments that respond
In addition to security benefits, the Zero effectively to evolving threats. Results
Trust model enhances user experience by from the study indicate that this model not
tailoring access based on real-time only reduces unauthorized access by
assessments rather than rigid, predefined dynamically adjusting trust based on user
roles or attributes. This flexibility supports behavior, device integrity, and contextual
seamless access control without factors, but it also improves threat
compromising on security, making it an detection speed and reduces the risks of
ideal solution for high-demand, user- lateral movement and insider threats.
focused environments. However, the Additionally, the implementation of
model’s complexity may present continuous monitoring powered by
implementation challenges, particularly for machine learning has proven effective in
organizations unfamiliar with continuous identifying anomalous activities,
monitoring and risk-based access systems. enhancing the system’s capability to
Addressing this requires careful planning respond proactively to potential security
and alignment between security policies breaches. In terms of scalability, the Zero
and organizational goals to ensure that the Trust model efficiently adapts to the
model integrates smoothly with existing demands of high-volume cloud
infrastructure. ecosystems, while preserving a seamless
The Zero Trust approach with DTS and user experience through real-time
continuous monitoring is well-suited to adjustments to access controls. The
meet the high security, adaptability, and integration of adaptive trust levels ensures
user-experience standards required for that permissions are always aligned with
cloud environments today. While current security conditions, thereby
traditional IAM models provide basic safeguarding sensitive resources and
security, they lack the depth and flexibility complying with industry regulations. This
needed for dynamic threat landscapes. By research highlights the effectiveness of
continuously adapting access controls Zero Trust in fostering a secure, scalable,
based on real-time data, the proposed Zero and user-centered cloud environment.
Trust model represents a forward-looking To further refine this framework, future
solution that positions organizations to studies may focus on improving the
better manage security risks while accuracy of trust score algorithms to
delivering a streamlined user experience. minimize false positives, making the
This method offers a comprehensive system even more precise in its access
security framework that aligns with the control decisions. Expanding the
demands of modern cloud applications, application of Zero Trust IAM to complex

HBRP Publication Page 78-92 2025. All Rights Reserved Page 90

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

and distributed environments, such as Networks (NFV-SDN) 2021 Nov 9

Internet of Things (IoT) networks or (pp. 91-95). IEEE.
industry-specific cloud infrastructures, 5. Wei YC, Yu TW. Zero Trust
could offer deeper insights into its Framework In Financial Sector: The
adaptability and versatility across diverse Handling Of Machine Learning Based
digital ecosystems. Additionally, Trust Management. In2023
integrating Zero Trust principles with International Conference on
emerging technologies such as AI-driven Consumer Electronics-Taiwan (ICCE-
predictive analytics, quantum encryption, Taiwan) 2023 Jul 17 (pp. 211-212).
and blockchain holds promise for creating IEEE
a highly secure, intelligent IAM system 6. Nana H, Yuanyuan Y. A research on
capable of predicting and neutralizing data secure access control mechanism
threats before they materialize. These based on zero trust and attribute
advancements could position Zero Trust as encryption in medical cloud. In2022
the standard model for IAM in cloud IEEE 8th International Conference on
environments, offering an adaptive and Computer and Communications
resilient approach essential for securing (ICCC) 2022 Dec 9 (pp. 1400-1404).
evolving digital infrastructures. IEEE.
7. Finney G, Kindervag J. Zero Trust
REFERENCES DevOps.
1. Ren Y, Xiao Y, Zhou Y, Zhang Z, 8. Zhang C, He J, Fan B, Gong Y, Li S,
Tian Z. Cskg4apt: A cybersecurity Yin B, Lin Y. Tag-Based Trust
knowledge graph for advanced Evaluation In Zero Trust Architecture.
persistent threat organization In2022 4th International Academic
attribution. IEEE Transactions on Exchange Conference on Science and
Knowledge and Data Engineering. Technology Innovation (IAECST)
2022 Jul 20;35(6):5695-709. 2022 Dec 9 (pp. 772-776). IEEE.
2. Zaid B, Sayeed A, Bala P, Alshehri A, 9. Xu W, Xie Y, Lv M, Sun H, Li A,
Alanazi AM, Zubair S. Toward secure Zhao H. SDP Security Control
and resilient networks: a zero-trust Technology Based on Zero Trust.
security framework with quantum In2022 IEEE 4th International
fingerprinting for devices accessing Conference on Civil Aviation Safety
network. Mathematics. 2023 Jun and Information Technology
10;11(12):2653. (ICCASIT) 2022 Oct 12 (pp. 611-
3. Sharma M, Bagoria R, Arora P. 616). IEEE.
Hybrid CNN-GRU Model for 10. Qiu J, Tian Z, Du C, Zuo Q, Su S,
Handwritten Text Recognition on Fang B. A survey on access control in
IAM, Washington and Parzival the age of internet of things. IEEE
Datasets. In2023 2nd International Internet of Things Journal. 2020 Jan
Conference on Smart Technologies 24;7(6):4682-96.
and Systems for Next Generation 11. Lin J, Jiang Q, Zhang W, Lin Z, Du
Computing (ICSTSN) 2023 Apr 21 X. Quantum-Enhanced Zero Trust
(pp. 1-6). IEEE. Security: Evolution, Implementation,
4. Lefebvre M, Nair S, Engels DW, and Application. In2024 International
Horne D. Building a Software Defined Conference on Quantum
Perimeter (SDP) for network Communications, Networking, and
introspection. In2021 IEEE Computing (QCNC) 2024 Jul 1 (pp.
Conference on Network Function 211-215). IEEE.
Virtualization and Software Defined

HBRP Publication Page 78-92 2025. All Rights Reserved Page 91

 Recent Trends in Cloud Computing and Web Engineering
Volume 7 Issue 1
e-ISSN: 3048-6068
DOI: https://doi.org/10.5281/zenodo.14162091

12. Raheman F. From Standard Policy- CSR Disclosure. In International

Based Zero Trust to Absolute Zero Conference on Business Management
Trust (AZT): A Quantum Leap to Q- and Accounting 2022 Nov 30 (Vol. 1,
Day Security. Journal of Computer No. 1, pp. 17-23).
and Communications. 2024 Mar 21. Kang H, Liu G, Wang Q, Meng L, Liu
6;12(3):252-82. J. Theory and application of zero trust
13. Sun Y, Tian Z, Li M, Zhu C, Guizani security: A brief survey. Entropy.
N. Automated attack and defense 2023 Nov 28;25(12):1595.
framework toward 5G security. IEEE 22. Junaedi AT, Renaldo N, Yovita I,
Network. 2020 Apr 30;34(5):247-53. Augustine Y, Veronica K. Uncovering
14. Szymanski TH. The ―cyber security the Path to Successful Digital
via determinism‖ paradigm for a Performance through Digital
quantum safe zero trust deterministic Technology and Digital Culture as
internet of things (IoT). IEEE Access. Moderation. In International
2022 Apr 21; 10:45893-930. Conference on Business Management
15. Singh A, Dev K, Siljak H, Joshi HD, and Accounting 2023 Nov 30 (Vol. 2,
Magarini M. Quantum internet— No. 1, pp. 71-81).
applications, functionalities, enabling 23. Kudri WM, Putra R. Leadership Style,
technologies, challenges, and research Work Stress, and Digital
directions. IEEE Communications Organizational Communication to
Surveys & Tutorials. 2021 Sep Employee Performance on PT
3;23(4):2218-47. Bentoro Adisandi Ivena Pekanbaru.
16. Dhiman P, Saini N, Gulzar Y, Turaev Informatica and Digital Insight
S, Kaur A, Nisa KU, Hamid Y. A Journal. 2024 Jan 31;1(1):8-23.
Review and Comparative Analysis of 24. Renaldo N, Junaedi AT, Musa S,
Relevant Approaches of Zero Trust Wahid N, Cecilia C. Mapping the
Network Model. Sensors. 2024 Feb Financial Technology Industry in
19;24(4):1328. Indonesia. Journal of Applied
17. Edo OC, Tenebe T, Etu EE, Ayuwu Business and Technology. 2024 Mar
A, Emakhu J, Adebiyi S. Zero Trust 1;5(1):61-6.
Architecture: Trend and Impacton 25. Arif I, Komardi D, Putra R. Brand
Information Security. International image, educational cost, and facility
Journal of Emerging Technology and on student satisfaction and loyalty at
Advanced Engineering. stie pelita indonesia pekanbaru.
2022;12(7):140. Journal of Applied Business and
18. Syed NF, Shah SW, Shaghaghi A, Technology. 2021 May 28;2(2):118-
Anwar A, Baig Z, Doss R. Zero trust 33.
architecture (zta): A comprehensive
survey. IEEE access. 2022 May 12; Cite as: Vinod Veeramachaneni. (2025).
10:57143-79. Integrating Zero Trust Principles into
19. Li S, Iqbal M, Saxena N. Future IAM for Enhanced Cloud Security.
industry internet of things with zero- Recent Trends in Cloud Computing and
trust security. Information Systems Web Engineering, 7(1), 78–92.
Frontiers. 2022 Mar 10:1-4. https://doi.org/10.5281/zenodo.14162091
20. Renaldo N, Fadrul F, Suhardjo S,
Andi A, Sevendy T, Simatupang H.
The Role of Environmental
Accounting in Improving
Environmental Performance through

HBRP Publication Page 78-92 2025. All Rights Reserved Page 92

View publication stats