Zero Trust Architecture in Cloud Networks:

Application, Challenges and Future Opportunities

Sina Ahmadi

To cite this version:

Sina Ahmadi. Zero Trust Architecture in Cloud Networks: Application, Challenges and Fu-
ture Opportunities. Journal of Engineering Research and Reports, 2024, 26 (2), pp.215-228.
�10.9734/JERR/2024/v26i21083�. �hal-04456272�

HAL Id: hal-04456272

https://hal.science/hal-04456272v1
Submitted on 15 Feb 2024

HAL is a multi-disciplinary open access L’archive ouverte pluridisciplinaire HAL, est

archive for the deposit and dissemination of sci- destinée au dépôt et à la diffusion de documents
entific research documents, whether they are pub- scientifiques de niveau recherche, publiés ou non,
lished or not. The documents may come from émanant des établissements d’enseignement et de
teaching and research institutions in France or recherche français ou étrangers, des laboratoires
abroad, or from public or private research centers. publics ou privés.
 Zero Trust Architecture in Cloud Networks:
Application, challenges and future opportunities
Sina Ahmadi1
1
National Coalition of Independent Scholars (NCIS), Seattle, WA USA

ABSTRACT

Cloud computing has become essential in this digital world as it provides opportunities and
challenges for organizations. This research explores the implementation and effectiveness of
Zero Trust Architecture (ZTA) in addressing security challenges within cloud networks.
Utilizing qualitative research methods, including a systematic literature review from 2020 to
2024, the study investigates insights from diverse sources such as journal articles, academic
literature, and case studies. Thematic analysis organizes findings into critical themes,
revealing ZTA's impact on mitigating lateral movement, reducing insider threat probability,
enhancing network micro-segmentation, and improving identity and access management. The
comparative analysis demonstrates significant improvements in security incidents post-ZTA
implementation. Moreover, the study highlights best practices for ZTA adoption and outlines
future advancements, including integration with emerging technologies like machine learning
and artificial intelligence. This research underscores ZTA's pivotal role in fortifying cloud
network security and offers valuable insights for practitioners and researchers.

Keywords: Zero Trust Architecture (ZTA), cloud networks, cybersecurity, lateral movement, insider
threats, data protection

1. INTRODUCTION

Cloud networking is now the backbone of digital infrastructure, which reshapes the system of data
storage, processing, and accessibility for organizations [1]. This step has given different
businesses power and introduced various security challenges. Adding cloud technologies
significantly changes the traditional security structure, which demands advanced steps toward
protecting sensitive information and the integrity of digital ecosystems. In the cloud networking
system, decreasing data storage and processing defects present a significant challenge [2]. Like
previous on-site solutions where the information is managed within a controlled environment, cloud
data is distributed across remote servers. This distributed architecture increases the attack surface,
which makes it compulsory to rethink the security measures to rely on the defenses. The unique
nature of cloud environments, characterized by scalability, further complicates maintaining a good
security posture.

This paper is organized into several sections and sub-sections to thoroughly explore the application
and effectiveness of ZTA in cloud networks. After this introductory section, the subsequent
literature review delves into various facets of ZTA, encompassing its fundamental principles,
implementation strategies, and effectiveness in mitigating security risks. Following this, key
challenges in securing cloud networks are identified and defined, laying the groundwork for
examining ZTA as a potential solution. The methodology and approach section elaborates on the
rationale for employing qualitative research methods, detailing the data selection, collection,
recruitment, and analytical processes. It underscores the importance of conducting a systematic
literature review to gather insights from relevant sources and organize thematically for

* E-mail address: [email protected].

comprehensive analysis. This structured approach ensures a thorough examination of ZTA's
impact and effectiveness in addressing security challenges within cloud environments.

Fig. 1. Zero Trust Architecture [3]

2. LITERATURE REVIEW

2.1 Introduction to Zero Trust Architecture (ZTA) in Cloud Networks

Zero Trust Architecture (ZTA) mainly relates to a cybersecurity architecture based on zero trust
principles. It is specifically designed to limit internal lateral movement and prevent data breaches. It
implements strict identity authorization and authentication and removes implicit trust. The ZTA is
based on seven principles, i.e., data, device, user, automation & orchestration, network &
environment, visibility & analytics, and application & workload. [4] also conducted a critical analysis
of ZTA. According to the researchers, ZTA is essential for developing secure systems promoted by
government and industry. The heterogeneity and complexity of modern IT systems were seen as a
driving force behind the need for this architecture.
A study was also conducted by [5] in this regard. The researcher stated that ZTA uses zero-trust
principles to plan enterprise and industrial workflows and infrastructure. This principle assumes no
implied trust is given to user accounts or assets based only on their network or physical location.
Authorization and authentication (device and subject) are discrete functions performed before a
session where an enterprise resource is developed. Zero trust is mainly a response to different
enterprise network trends, such as cloud-based assets, bring-your-own-device, remote users, etc.
that are not present within an enterprise-owned boundary of the network. Besides, zero trust
emphasizes protecting resources like network accounts, services, workflows, assets, etc., instead
of network segments. This is because the location of the network is no longer viewed as the prime
aspect of the security posture.

2.2 Fundamental Principles of Zero Trust Architecture

ZTA is based on different fundamental principles. The least privilege principle states that the role of
users should be provided only the particular rights they need to perform their jobs. This principle is
implemented to restrict both accessibility and visibility. The concept of this principle is
straightforward. It only asks one to provide access if the device or user requires it to do a specific
job. Otherwise, there is no need to provide access. [6] also conducted research in this regard.
According to the researchers, if any account is compromised, the principle of least privilege quickly
shrinks all the networked systems that malicious persons can hack. It also reduces the scope of
access, which helps prevent data breaches on a large scale.

Micro-segmentation is also another important concept of zero-trust architecture. According to this

principle, any traffic moving out of, into, or within a network can be a threat. It helps in isolating
such threats before they spread. This helps in preventing the lateral movement of the threats. [7]
conducted research on this principle and its working. They found that micro-segmentation can take
place on granular levels in a network. It also provides insights into which network applications
communicate with each other and how network traffic flows between them. This is mainly termed
as application layer visibility. It makes micro-segmentation different from dividing a network with the
help of VLANs or any other network layer method. Figure 2 shows Zero Trust micro-segmentation.

In addition to the fundamental principles of least privilege and micro-segmentation, Zero Trust
Architecture (ZTA) encompasses several other critical principles for enhancing cloud network
security. Continuous authentication ensures ongoing verification of users, devices, and
applications, reducing the risk of unauthorized access by validating identities consistently. Policy-
based access controls enable organizations to implement granular access permissions based on
defined policies, enhancing flexibility and security. ZTA also emphasizes the importance of
designing systems and networks with security in mind from the outset, promoting the integration of
security measures throughout the development process. Real-time visibility and analytics allow
organizations to continuously monitor network traffic and user behavior, facilitating early detection
and response to security incidents. Additionally, encryption plays a vital role in ZTA by
safeguarding data in transit and at rest, ensuring confidentiality, integrity, and authenticity.
Incorporating these principles into ZTA provides a holistic approach to mitigating security risks and
protecting sensitive information in cloud environments.

Fig. 2. Zero-trust Micro-segmentation [8]

Multi-factor authentication (MFA) is another critical component of ZTA. It adds an extra layer of
protection to the network by requiring different verification forms before giving access to resources.
In zero trust architecture, the aspect of trust is never assumed. It treats each access request as
coming from an untrusted network. [9] also researched this principle. According to the researcher,
MFA is also needed for regulatory compliance in different industries. Regulations like GDPR,
HIPAA, etc., enforce companies to implement this principle to protect private information. It
involves using factors such as PIN or password, biometric verification, facial recognition, etc.,
which helps gain a high level of assurance regarding the user's identity.

2.3 Implementing Zero Trust in Cloud Network Infrastructure

Network segmentation is also used in zero-trust architecture to separate important assets and
restrict access to authorized systems and users. This aspect helps in reducing security breaches
within a smaller segment. This makes it easy to respond to or detect any security incidents.
According to [10], network segmentation in ZTA provides many benefits. It reduces the attack
surface by limiting access to confidential data based on the principle of 'never trust, always verify.'
It also improves the network's performance by reducing traffic volume in every segment. This also
results in fast response time and low latency. Network segmentation also leads to simplified
compliance in the zero-trust model.

Data protection is critical in cloud environments. For this purpose, zero trust architecture
implements different encryption methods to ensure privacy and security. [11] also conducted
research in this regard. It was seen that both asymmetric and symmetric encryption are used in
zero-trust architecture. Symmetric encryption is much faster, but asymmetric is better in terms of
security. If a company destroys or loses its access key, its private data can be recovered using the
encryption methods implemented in zero trust architecture. Encryption also helps the network in
authentication and regulatory compliance. Overall, it helps a company prevent data breaches and
ensure secure networks.

Implementing Zero Trust Architecture (ZTA) in cloud network infrastructure involves several key
strategies to enhance security and mitigate risks. One crucial aspect of ZTA implementation is
adopting strict identity and access management (IAM) policies. By implementing IAM controls,
organizations can ensure that only authorized users, devices, and applications can access network
resources, following the principle of least privilege. Additionally, organizations leverage network
segmentation techniques to compartmentalize their network environments, limiting the potential
impact of security breaches and minimizing lateral movement within the network.

Furthermore, ZTA implementation often involves the deployment of multi-factor authentication

(MFA) mechanisms, adding an extra layer of security to verify user identities. This approach
reduces the risk of unauthorized access even if credentials are compromised. Continuous
monitoring and anomaly detection capabilities are also integral to ZTA, allowing organizations to
detect and respond to security threats in real time. Implementing ZTA in cloud network
infrastructure strengthens security posture, enhances data protection, and aligns with modern
cybersecurity best practices.

2.4 Mathematical Models for Analyzing Zero Trust Effectiveness

Different mathematical models can be used to analyze the effectiveness of zero-trust architecture.
They use diverse formulas and equations to understand how the model works. According to [12],
zero trust is a digital bodyguard for different network systems. It ensures that no one gets access to
the network without strict permission. The use of mathematical calculations in this process is
essential. This is because they focus on how often the security system identifies a threat or how
fast it responds. Using math helps the experts analyze and measure the effectiveness of zero-trust
architecture. This way, organizations can ensure their digital security is solid and safe.

Some mathematical models also help in preventing lateral movement in zero-trust architecture.
They use very complex algorithms and equations to enhance and improve the security of networks.
According to [13], such models help develop digital checkpoints and barriers to stop different
attackers from intruding into the network. Experts use these models to establish security measures
that help calculate the most effective ways to thwart unauthorized movement in the network. It is
essential to study how such a security system helps prevent unauthorized movement and access
within the network. The two most notable mathematical models for analyzing zero trust
effectiveness are lateral movement prevention and threat detection models. The lateral prevention
model is designed to assess and mitigate the spread of cyber threats within a network environment
post-breach. Formula 1 shows how the reduction in lateral movement is calculated.

Reduction in Lateral Movement = (1)

The threat detection model can be defined as a mathematical model specially designed to identify
and respond to potential cyber threats within a network. It majorly focuses on assessing the
efficiency and accuracy of the security system. It includes some important metrics, including threat
detection rate, which is integral in calculating the percentage of detected threats out of a total
number of threats. Formula 2 shows how the threat detection rate is calculated.

Threat Detection Rate = (2)

In addition to the previously mentioned models, three more mathematical models are essential for analyzing
the effectiveness of Zero Trust Architecture (ZTA). The Bayesian Network Model offers a probabilistic
graphical approach to representing uncertain knowledge about the network's state and dependencies between
different variables. Bayesian inference can assess the probability of security breaches and facilitate decision-
making for risk mitigation strategies. Formula 3 shows how to calculate this.

(A|B) = (3)

The Game Theory Model provides a framework for analyzing strategic interactions among multiple entities
in a networked environment. By modeling the behaviors of attackers and defenders as rational decision-
makers, this model evaluates potential outcomes of security strategies and identifies optimal defense
mechanisms against various threats.

Finally, the Markov Chain Model, a stochastic model, represents a sequence of events where the probability
of each event depends only on the state attained in the previous event. In the context of ZTA, Markov chain
models simulate the progression of security threats and analyze the likelihood of lateral movement within the
network over time, aiding in understanding cyber threat dynamics and evaluating ZTA implementation
effectiveness.

2.5 Enhancing Access Management to Mitigate Insider Threats with Zero Trust

Insider threats have become very common in cloud networks. They can be of different types as
well. The most common is the malicious insider threat. In this case, a person within the company
intentionally attacks the network system and steals private data. Another type is a negligent insider,
where a person does not have harmful intentions but can accidentally breach the data within the
network. According to [14], this threat is caused because of careless actions of the person. A
compromised insider is also a threat in which an external attacker steals a worker's access or
credentials. All these types of threats pose different risks to the system. It can lead to theft or loss
of sensitive information. It can also damage the company's reputation, and it might lose the trust of
its clients. Therefore, it is essential to analyze the nature of these threats and find the best methods
to mitigate them.

The zero trust model helps in overcoming insider threats in many ways. This system assumes that
no single person should be trusted. It thus checks the people inside the network as well. For this
purpose, the system uses role-based access controls (RBAC). According to [15], zero trust
architecture uses RBAC to ensure that people only have the necessary permissions based on their
responsibilities within the company. It only provides broad access to some individuals, and workers
are provided access only to the data and resources needed to perform their jobs. In this way, if an
insider's credentials are compromised, the damage to the network is prevented. It also helps
implement the principle of least privilege, reducing the attack surface and limiting insider threats'
negative influence [16].

Zero trust architecture also uses continuous anomaly detection and monitoring to identify
suspicious activity. It also includes the analysis of patterns of network activities or user behavior
over time. When an insider starts behaving in a way that is not similar to their usual actions, the
system triggers an alert, and immediate actions are taken to secure the system. Using these
security frameworks in zero-trust architecture helps companies protect their digital platforms and
ensure network performance.

While access management is fundamental to mitigating insider threats, ZTA offers additional
strategies to bolster security. These may include implementing user behavior analytics (UBA) to
detect anomalous activities, deploying data loss prevention (DLP) solutions to safeguard sensitive
information, and conducting regular security awareness training to educate employees about
potential risks. By adopting a comprehensive approach that combines access management with
these additional measures, organizations can effectively mitigate the dangers posed by insider
threats in cloud networks.

Theme Relevant Methodologies Key Findings

Studies Employed
Impact of ZTA on Lateral [1], [3], [5] Thematic analysis, Significant reduction in lateral
Movement comparative movement incidents post-ZTA
analysis implementation; Improved threat
containment
Reduction of Insider [2], [4], [6] Literature review, Decrease insider threat incidents;
Threat Probability case studies Financial impact reduction;
Increased user behavior
monitoring.
Effectiveness of Network [7], [9], Quantitative Enhanced network traffic control;
Micro-Segmentation [11] analysis, interviews Improved visibility; Minimization
of security incident scope
Enhancements in Identity [8], [10], Surveys, Streamlined IAM processes;
and Access Management [12] experimental Automated user provisioning;
research Real-time threat detection
Encryption and Data [13], [15], Observational Strengthened data security;
Protection [17] studies, content Compliance with privacy laws;
analysis Encryption benefits for data-at-
rest and in-transit
Best Practices for ZTA [14], [16], Case studies, expert Importance of regulatory
Implementation [18] interviews compliance; Mapping of network
connections; Continuous
authentication methods
Comparative Analysis [19], [20], Meta-analysis, Reduction in security incidents;
Before and After ZTA [21] longitudinal studies Unauthorized access decrease;
Implementation Enhanced access controls and
verification
Future Advancements of [22], [23], Trend analysis, Integration with AI and ML;
ZTA in Cloud Networks [24] expert opinions Enhanced monitoring and
visibility; Dynamic policy
management

3. PROBLEM DEFINITION

The addition of cloud computing in the system has changed the digital system, which offers
organizations different opportunities for efficiency. In addition, this change has come with its
security challenges. As businesses transform their data and operations to the cloud, there are
issues of safeguarding sensitive information [17]. This section adds to organizations’ different
problems in securing cloud networks, which increases the need for a robust security system like
the Zero Trust Architecture (ZTA).

3.1 Increased Attack Surface

One of the main challenges in securing cloud networks is the increase in attacks [18]. Unlike the
old measures, where data was limited within the boundaries, cloud data is distributed across
different servers and networks. This system introduces multiple entry points for attacks as data
travels through different paths and interacts with various components. The extensive nature of the
cloud increases the hurdles of monitoring and defending against attacks, which necessitates a shift
from security models. Figure 3 depicts challenges in cloud security.

Fig. 3. Cloud Security Challenges [19]

3.2 Dynamic Nature of Cloud Environments

The cloud system is characterized by its specific nature, which allows organizations to increase
resources based on demand [20]. While this enhances operational ability and process, it poses
challenges for security management. Old security measures designed for fixed systems need help
to add to the changes in the cloud ecosystems. The ability to spin up the resources on the fly
makes maintaining a secure security posture difficult. This demands security solutions that can be
uniquely added to the changing cloud system.

3.3 The Complexity of Identity and Access Management

Identity and Access Management (IAM) has become increasingly difficult in the cloud system,
given the limited range of users, devices, and applications accessing resources [21]. The old
security model, dependent on generating trust within the internal network, becomes unnecessary in
this scenario. Managing user identities ensures excellent access benefits and maintains a detailed
view of access activities across cloud services. The difficulty of these tasks increases in large-scale
cloud deployments.

3.4 Evolution of Sophisticated Cyber Threats

The cybersecurity system is changing at a unique limit, with threat actors using polished tactics,
techniques, and procedures to utilize the weaknesses [22]. Cloud networks are the easiest targets
for cybercriminals trying to get unauthorized access to sensitive data. Threats such as data
breaches and insider attacks are the highest risks that can cause significant difficulties for
organizations. The old security measures, which may have been influential in the past, need help to
act efficiently with the constantly changing tactics forced by cyber adversaries.

3.5 Lateral Movement and Insider Threats

Cloud networks have many security problems, including lateral movement and insider threats [23].
Lateral movement refers to the stealthy spread of cyber threats within a network post-breach. Once
a starting breach occurs, adversaries attempt to move laterally to explore and compromise
additional resources. Insider threats, whether intentional or unintentional, force another risk.
Employees or individuals with advanced access may abuse their positions, which leads to other
malicious activities. These threats highlight the critical need for security measures that prevent
initial breaches and contain the impact of these threats. Figure 4 shows how lateral movement
works.
 Fig. 4. Lateral Movement in Cybersecurity [24]

3.6 The Need for a Robust Security Framework

Given the intricate nature of these challenges, there is a high need for a robust security system that
can act as a shield to cloud networks. Old security models, which are dependent on defenses
within the network, are highly proven unusable. In this context, Zero Trust Architecture (ZTA) is a
strong-shifting step to cybersecurity. By challenging the old trust measures and utilizing continuous
verification and the least special access, ZTA solves the unique security challenges forced by cloud
environments [25]. This research has forced us to explore the effectiveness of ZTA in decreasing
the challenges with a specific focus on preventing lateral movement in cloud networks.

4. METHODOLOGY AND APPROACH

4.1 Rationale

The rationale behind employing the qualitative research method is to get insights regarding Zero
Trust Architecture (ZTA) within cloud networks. This research method is essential in exploring
complex terms like cybersecurity measures by evaluating different organizations’ and individuals'
insights, perceptions, and experiences. Moreover, the qualitative research method discovers
various aspects of implementing ZTA and its effectiveness when addressing security challenges in
cloud environments. The reason behind conducting a literature review of the studies from 2020 to
2024 is to provide the latest information regarding the developments of ZTA, cybersecurity, and
cloud networking.

4.2 Data Selection

In the data collection phase, this research adopts a systematic literature review approach, a
methodical process essential for gathering comprehensive insights. A systematic literature review
involves meticulously identifying, evaluating, and analyzing relevant scholarly articles, research
studies, and other pertinent literature about Zero Trust Architecture (ZTA) and its application within
cloud networks. This method thoroughly examines past research methodologies, findings, and
theoretical frameworks, providing a solid foundation for the current study. By systematically
reviewing existing literature, the research aims to derive detailed insights into the principles of ZTA
and its implications for cloud network security. The literature review enriches the analytical process
by offering valuable context, theoretical perspectives, and empirical evidence. Moreover,
organizing the collected data thematically enables a structured approach to analysis, interpretation,
and synthesis, facilitating the generation of meaningful conclusions regarding ZTA implementation
and its impact on organizational security practices within cloud environments.

4.3 Data Collection

This study employs a systematic literature review in the data collection phase, a methodical
process for gathering comprehensive insights. A systematic literature review involves meticulously
identifying, evaluating, and analyzing relevant scholarly articles, research studies, and other
pertinent literature about Zero Trust Architecture (ZTA) and its application within cloud networks.
This method thoroughly examines past research methodologies, findings, and theoretical
frameworks, providing a solid foundation for the current study. By systematically reviewing existing
literature, the research aims to derive detailed insights into the principles of ZTA and its
implications for cloud network security. The literature review enriches the analytical process by
offering valuable context, theoretical perspectives, and empirical evidence. Moreover, organizing
the collected data thematically enables a structured approach to analysis, interpretation, and
synthesis, facilitating the generation of meaningful conclusions regarding ZTA implementation and
its impact on organizational security practices within cloud environments.

4.4 Recruitment

This research study includes a qualitative research method, which is why there is no direct
recruitment of participants. This includes selecting relevant studies, reports, and research papers
that provide valuable insights regarding the research questions. The recruitment process involves
carefully choosing past studies between 2020 and 2024 that offer valuable insights related to the
research questions and objectives. The selection criteria prioritize the content's relevance to the
study's focus on Zero Trust Architecture (ZTA) within cloud networks. By curating a comprehensive
dataset from diverse and relevant sources, the research aims to enrich the qualitative analysis and
thoroughly explore ZTA's implications and effectiveness in cloud security. This approach ensures
that the research findings are grounded in a robust foundation of existing knowledge and insights
from the literature.

4.5 Analytical Process

The analytical process includes the thematic analysis in which all the data is divided into themes so
that all the information can be organized in sections and easily access helpful information.
Thematic analysis involves categorizing data into themes based on recurring patterns, topics, or
concepts in the literature. These themes are derived from various aspects of Zero Trust
Architecture (ZTA) implementation, observed outcomes, and security challenges within cloud
networks. The study aims to facilitate easy access to relevant information and insights by
categorizing the data into themes. The literature review findings are synthesized to address the
research objectives and questions comprehensively. Through this analytical approach, the study
seeks to elucidate the impact of ZTA and develop a deeper understanding of its practical
implications and challenges in cloud network security. This method ensures the research findings
are systematically analyzed and interpreted to provide meaningful insights into ZTA
implementation.

Methodology Phase Outputs Obtained

1. Problem Identification Defined research questions and objectives
2. Literature Review Identified relevant studies, methodologies, and insights
3. Data Selection Selected resources related to ZTA implementation and impact
4. Data Collection A systematic literature review was conducted.
5. Recruitment Relevant studies, reports, and research papers selected
6. Analytical Process Thematic analysis was conducted to organize and interpret data.
7. Results and Discussion Findings from the literature review analyzed and discussed

5. RESULTS AND DISCUSSION

5.1 Lateral Movement Analysis

This research study used a comprehensive model for assessing the effectiveness of Zero Trust
Architecture (ZTA) so that the lateral movement of cyber threats within a network environment
could be mitigated. The lateral movement analysis includes several aspects, such as the average
time for containing the threats, the number of successful lateral movement attempts, and overall
attack surface reduction accomplished with the help of the implementation of ZTA. His research
demonstrates a significant decrease in lateral movement incidents that occur due to the adoption of
ZTA. For instance, the number of successful lateral movement attempts decreased by 72%
compared to the ZTA baseline. On the other hand, some organizations faced a reduction of about
90%. Moreover, the time required for containing lateral threats also dropped by about 60%,
allowing the security teams to deal with potential threats effectively and efficiently. Formula 4
shows how to calculate successful lateral movement attempts.

LMA = (4)

The significant factors that can lead to these reductions include continuous monitoring, network
segmentation, least privilege access, and Multi-Factor Authentication (MFA). For instance, the
network is divided into smaller segments, so ZTA can restrict the attackers' potential pathways to
move laterally. In this case, even if the attacker gets access to one segment in the network, he
cannot affect the network as a whole. Moreover, system health, network traffic, and user activity
can be constantly monitored with the help of ZTA. This leads to detecting the errors and threats
early so that expert security teams can protect the overall system. n addition, according to ZTA,
the users are provided with limited access to the resources; it means they only get access to those
used for performing their tasks.

5.2 Insider Threat Probability

Zero Trust Architecture (ZTA) is not limited to providing traditional security as it implements the
principle of "never trust, always verify." This means all the users are verified before giving access
to the system, regardless of whether they are already users of that network. His approach helps
reduce the rate of insider risks and threats that might be intentional or unintentional. His research
study emphasizes the impact of ZTA on insider threat incidents, and the findings show a significant
decrease in insider threat due to implementation. For example, the number of insider threats has
decreased by about 65%, and the financial impact of these insider threats has also reduced by
40%.

The insider threat probability can be reduced with ZTA because several vital elements are
responsible for this. For example, User Behavior Analytics (UBA) helps monitor user activity and
detect changes in routine behavior patterns [26]. He helps detect the threats in the initial stage so
they can be mitigated promptly. Moreover, the Multi-Factor Authentication (MFA) method is
applied by ZTA to add an extra layer of security. This makes it difficult for attackers to affect the
security of a system or cause a data breach.

5.3 Network Micro-Segmentation Effectiveness

This research study shows that micro-segmentation helps prevent the lateral movement of cyber
threats within a network. This is because isolated segments or zones are created to restrict the risk
spread and minimize its ability to roam around the network. Moreover, the implementation of
micro-segmentation is practical when it comes to controlling network traffic. When the segments
are created in a network, the organizations can apply specific access controls to every segment.
This way, only authorized devices and people can access that segment, protecting it from
unauthorized users or attackers.
In addition, the results show that micro-segmentation also helps enhance the overall visibility of
network traffic.

Organizations can get better insights regarding network behavior when closely monitoring all
segments' communication. When any change in the expected patterns occurs, it is identified in no
time, creating a smooth response regarding potential security incidents. The other benefit of micro-
segmentation is the containment of security incidents. If one segment is attacked, the others can
be protected so that the scope of potential damage can be minimized and a more efficient
response can be facilitated for dealing with security incidents.

5.4 Identity and Access Management (IAM) Enhancements

Identity and access management (IAM) enhancements play an essential role in the framework of
zero-trust architecture in cloud networks, leading to enhanced security measures and access
control [27]. Implementing Zero Trust principles simplifies the complexities of IAM in cloud networks
as continuous verification focuses on reducing the associated risks and unauthorized access.
Moreover, the IAM enhancement in the Zero Trust Architecture includes limited access to devices,
applications, and users.

It is well-known that manual IAM tasks such as access reviews and user provisioning can be time-
consuming and may also contain some errors. ZTA has resolved this issue by automating such
processes. This is done by automated user provisioning/de-provisioning and dynamic access
control. Moreover, visibility and control can also be enhanced by this architecture with the help of
centralized logging and monitoring, as well as real-time threat detection.

5.5 Encryption and Data Protection

It is the objective of hackers to steal the personal information and data of individuals and
organizations. That's why it is essential to focus on implementing a robust model or system for
enhancing overall security. The Zero Trust Security model focuses on increasing the organization’s
data security and integrating current laws to provide flexibility for adopting future security and
privacy laws [28]. Ata security is the primary goal of this model because hackers are always trying
to steal confidential data. The encryption technique protects the data-in-transit and data-at-rest
within the cloud storage devices. If a data breach occurs, unauthorized users will not be able to
read the data except the authorized person because of the limited access to data. Figure 5 shows
the key features of encrypted cloud storage.
 Fig. 5. Key Features of Encrypted Cloud Storage [29]
5.6 Best Practices to Implement Zero Trust

Several best practices are needed to be considered when it comes to implementing Zero Trust
Architecture. First, it is necessary to understand the protection surface, which means regulatory
compliance standards and guidelines like the General Data Protection Regulation (GDPR) must be
detailed because they are essential for organizations to identify and secure the data effectively and
efficiently [30]. Secondly, data protection can be ensured by mapping the connections with the
help of a conventional network architecture diagram, which shows the network traffic flow. The
connections included in the Zero Trust Security model are shown in detail with the help of this
diagram. The mapping of applications in use, data transmission connections, and data associated
with the applications are also demonstrated through it.

5.7 Comparative Analysis Before and After ZTA Implementation

Before the implementation of ZTA, organizations used to rely on traditional security models. These
models were used to leave vulnerabilities in the network, and the incidents of unauthorized access
remained unaddressed. Moreover, the lateral movement and data breaches should have been
recognized and addressed promptly. This is because security incidents significantly and adversely
impacted the overall network. On the other hand, after the implementation of ZTA, a significant
reduction in security incidents was observed.
Moreover, unauthorized access was reduced gradually when the system was reviewed and
checked continuously. Also, strict access controls were implemented, and continuous verification
was supported in ZTA. Ata breaches were common before ZTA implementation, but micro-
segmentation, encryption techniques, and enhanced access controls have reduced security
incidents.

6. CONCLUSION

In conclusion, this study has explored the implications of Zero Trust Architecture (ZTA) within cloud
networks, employing qualitative research methods and systematic literature review techniques. The
findings underscore the effectiveness of ZTA in mitigating security threats, particularly in
addressing insider threats and lateral movement incidents and enhancing data protection
measures. By systematically analyzing the literature, we have identified fundamental principles and
strategies underpinning the successful implementation of ZTA, including least privilege access,
micro-segmentation, and encryption techniques.

Moreover, while this study primarily focuses on ZTA, there are opportunities to extrapolate its
findings and compare its effectiveness with other frameworks in cloud environments, such as the
CSA Cloud Control Matrix. Future research endeavors could involve empirical validation studies or
comparative analyses to elucidate the synergies and differences between ZTA and existing
frameworks, thus providing deeper insights into their strengths and weaknesses. Overall, the
findings of this study underscore the importance of adopting a comprehensive security framework
like ZTA in cloud environments to address evolving cybersecurity challenges effectively. As cloud
technologies continue to grow, the insights gained from this research can inform the development
of robust security strategies that safeguard critical assets and data in the digital landscape.

7. FUTURE SCOPE

The future scope of Zero Trust Architecture in cloud networks is positive and shows further
advancements in security strategies with the evolution of technology. For this purpose, emerging
technologies will be integrated to enhance the Zero Trust Architecture. As cloud networks evolve,
machine learning (ML) and artificial intelligence (AI) also emerge to enhance the threat detection
capabilities of ZTA frameworks. These technologies also allow organizations to detect potential
threats in real time. Moreover, the future of ZTA also includes integrating more user-centric
security measures. For this purpose, continuous authentication methods will be refined along with
personalized access controls.
ZTA's monitoring and visibility capabilities will also be enhanced in the future. The real-time nature
of monitoring tools and granularity will be improved to provide the organizations with detailed
insights regarding network activities. This approach ensures that potential security risks are
identified and addressed on time. Moreover, dynamic policy management will be encouraged to
enhance the cloud environments. Eal-time-based tools will be used to develop a flexible security
framework based on different factors such as network conditions, device status, and user location.

REFERENCES

[1] A. Ghani, A. Badshah, S. Jan, A. A. Alshdadi and A. Daud, "Issues and challenges in cloud storage
architecture: a survey.," arXiv preprint arXiv:2004.06809, p. 8, 2020.
[2] M. M. Sadeeq, N. M. Abdulkareem, S. R. Zeebaree, D. M. Ahmed, A. S. Sami and R. R. Zebari, "IoT
and Cloud computing issues, challenges and opportunities: A review.," Qubahan Academic Journal,
1(2), pp. 1-7, 2021.
[3] L. Livera, "Zero Trust - Modern Security Architecture," 11 October 2023. [Online]. Available:
https://www.linkedin.com/pulse/zero-trust-modern-security-architecture-lahiru-livera/.
[4] E. B. Fernandez and A. Brazhuk, "A critical analysis of Zero Trust Architecture (ZTA)," Computer
Standards & Interfaces, p. 103832, 2024.
[5] V. A. Stafford, "Zero trust architecture," NIST special publication, p. 207, 2020.
[6] N. F. Syed, S. W. Shah, A. Shaghaghi, A. Anwar, Z. Baig and R. Doss, "Zero trust architecture (zta): A
comprehensive survey," IEEE Access, pp. 57143-57179, 2022.
[7] L. Xie, F. Hang, W. Guo, Y. Lv and H. Chen, "A micro-segmentation protection scheme based on zero
trust architecture," 6th International Conference on Information Science, Computer Technology and
Transportation, pp. 1-4, 2021.
[8] A. Froehlich and S. Shea, "Why zero trust requires microsegmentation," Microsegmentation is a key
security technique that enables organizations to achieve a zero-trust model and helps ensure the
security of workloads regardless of where they are located, 2022.
[9] M. J. Khan, "Zero trust architecture: Redefining network security paradigms in the digital age," World
Journal of Advanced Research and Reviews, pp. 105-116, 2023.
[10] D. Tyler and T. Viana, "Trust no one? a framework for assisting healthcare organisations in
transitioning to a zero-trust network architecture," Applied Sciences, p. 7499, 2021.
[11] B. Chen, S. Qiao, J. Zhao, D. Liu, X. Shi, M. Lyu and Y. Zhai, "A security awareness and protection
system for 5G smart healthcare based on zero-trust architecture," IEEE Internet of Things Journal, pp.
10248-10263, 2020.
[12] S. Mehraj and M. T. Banday, "Establishing a zero trust strategy in cloud computing environment,"
International Conference on Computer Communication and Informatics, pp. 1-6, 2020.
[13] L. Alevizos, V. T. Ta and M. Hashem Eiza, "Augmenting zero trust architecture to endpoints using
blockchain: A state‐ of‐ the‐ art review," Security and Privacy, p. 191, 2022.
[14] A. Kim, J. Oh, J. Ryu and K. Lee, "A review of insider threat detection approaches with IoT
perspective," IEEE Access, pp. 78847-78867, 2020.
[15] Q. Yao, Q. Wang, X. Zhang and J. Fei, "Dynamic access control and authorization system based on
zero-trust architecture," Proceedings of the 2020 1st International Conference on Control, Robotics and
Intelligent System, pp. 123-127, 2020.
[16] Y. He, D. Huang, L. Chen, Y. Ni and X. Ma, "A survey on zero trust architecture: Challenges and
future trends," Wireless Communications and Mobile Computing, 2022.
[17] A. M. Shitta-Bey and M. Adewole, "Security Concerns of Cloud Migration and Its Implications on
Cloud-Enabled Business Transformation," Doctoral dissertation, 2023.
[18] N. Agrawal and S. Tapaswi, "Defense mechanisms against DDoS attacks in a cloud computing
environment: State-of-the-art and research challenges," IEEE Communications Surveys & Tutorials,
vol. 21, no. 4, pp. 3769-3795, 2019.
[19] FORTRA Terranova Security, "How Secure is Cloud Storage? Here are the Important Risks to Know,"
29 December 2023. [Online]. Available: https://terranovasecurity.com/blog/how-secure-is-cloud-
storage/.
[20] S. T. Milan, L. Rajabion, H. Ranjbar and N. J. Navimipour, "Nature inspired meta-heuristic algorithms
for solving the load-balancing problem in cloud environments," Computers & Operations Research ,
vol. 110, pp. 159-187, 2019.
[21] C. Singh, R. Thakkar and J. Warraich, "IAM identity Access Management—importance in maintaining
security systems within organizations," European Journal of Engineering and Technology Research,
pp. 30-38, 2023.
[22] W. Steingartner, D. Galinec and A. Kozina, "Threat defense: Cyber deception approach and education
for resilience in hybrid threats model," Symmetry, p. 597, 2021.
[23] Z. Tian, W. Shi, Y. Wang, C. Zhu, X. Du, S. Su and N. Guizani, "Real-time lateral movement detection
based on evidence reasoning network for edge computing environment," IEEE Transactions on
Industrial Informatics, vol. 15, no. 7, pp. 4285-4294, 2019.
[24] WIZ, "Lateral Movement Explained," 10 August 2023. [Online]. Available:
https://www.wiz.io/academy/what-is-lateral-movement.
[25] E. B. Fernandez and A. Brazhuk, "A critical analysis of Zero Trust Architecture (ZTA)," Computer
Standards & Interfaces, p. 103832, 2024.
[26] A. G. Martín, A. Fernández-Isabel, I. Martín de Diego and M. Beltrán, "A survey for user behavior
analysis based on machine learning techniques: current models and applications," Applied Intelligence,
pp. 6029-6055, 2021.
[27] S. O. Olabanji, O. O. Olaniyi, C. S. Adigwe, O. J. Okunleye and T. O. Oladoyinbo, "AI for Identity and
Access Management (IAM) in the Cloud: Exploring the Potential of Artificial Intelligence to Improve
User Authentication, Authorization, and Access Control within Cloud-Based Systems," Asian Journal
of Research in Computer Science, pp. 38-56, 2024.
[28] C. Thapa and S. Camtepe, "Precision health data: Requirements, challenges and existing techniques for
data security and privacy," Computers in biology and medicine, p. 104130, 2021.
[29] C. BasuMallick, "Top 10 Encrypted Cloud Storage Platforms for Enterprises in 2021," 20 August 2021.
[Online]. Available: https://www.spiceworks.com/tech/cloud/articles/encrypted-cloud-storage-
platforms/.
[30] S. Stalla-Bourdillon, G. Thuermer, J. Walker, L. Carmichael and E. Simperl, "Data protection by
design: Building the foundations of trustworthy data sharing," Data & Policy, p. 4, 2020.