A Federated Zero-Trust Security Framework for Multi-Cloud Environments Using Predictive Analytics and AI-Driven Access Control Models
DOI:
https://doi.org/10.63282/3050-922X.IJERET-V5I2P110Keywords:
Multi-Cloud Security, Federated Identity Management, Zero-Trust Architecture, AI-Driven Access Control, Predictive Analytics, Policy Orchestration, Continuous Verification, Cloud-Native IAM, Threat PredictionAbstract
Companies are moving to multi-cloud more and more to achieve cost-weight, resilience or flexibility of vendors, which leads to identity, policy, and monitoring fragmentation. Such environments cannot support identity sprawl, lateral movement and rapid changing threats with traditional perimeter-based and static controls, which are role-centric. The paper suggests a Federated Zero-Trust Security Framework which aligns security posture between heterogeneous clouds by decentralizing control, using federated identity and ensuring continuous verification. It is a federated identity and credential management layer, a multi-cloud policy orchestration plane, and an AI-driven access control engine which ingests secure telemetry of all providers. Dynamic risk scores are built using predictive analytics and behavior-based models and used to perform threat prediction, and to run adaptive access decisions, such as step-up authentication, just-in-time privilege elevation, or automatic session termination. An experimental implementation on AWS, Azure and GCP highlights small latency overhead, high throughput and better policy consistency whereas experimental analysis illustrates significant improvements on detection accuracy, false positives as well as cross-cloud attack surface reduction compared to RBAC and vendor-native IAM baselines. The findings show that a federated zero-trust predictive, AI-driven access control is a scalable and proactive model of defense in multi-cloud ecosystems of complexities
References
[1] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology.
[2] Anasuri, S. (2022). Zero-Trust Architectures for Multi-Cloud Environments. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 64-76.
[3] He, Y., Huang, D., Chen, L., Ni, Y., & Ma, X. (2022). A survey on zero trust architecture: Challenges and future trends. Wireless Communications and Mobile Computing, 2022(1), 6476274.
[4] Syed, N. F., Shah, S. W., Shaghaghi, A., & Doss, R. (2022). Zero Trust Architecture (ZTA): A comprehensive survey. IEEE Access, 10, 57143–57179.
[5] Fremantle, P., Aziz, B., Kopecký, J., & Scott, P. (2014, September). Federated identity and access management for the internet of things. In 2014 International Workshop on Secure Internet of Things (pp. 10-17). IEEE.
[6] Jonnakuti, S. (2021). Zero-Trust Architectures for Secure Multi-Cloud AI Workloads.
[7] Mondal, S., & Bours, P. (2015, January). Continuous authentication in a real world settings. In 2015 eighth international conference on advances in pattern recognition (ICAPR) (pp. 1-6). IEEE.
[8] Ayeswarya, S., & Norman, J. (2019). A survey on different continuous authentication systems. International Journal of Biometrics, 11(1), 67-99.
[9] Jayaraman, P. P., Perera, C., Georgakopoulos, D., Dustdar, S., Thakker, D., & Ranjan, R. (2017). Analytics‐as‐a‐service in a multi‐cloud environment through semantically‐enabled hierarchical data processing. Software: Practice and Experience, 47(8), 1139-1156.
[10] Fowdur, T. P., & Babooram, L. (2023). Performance analysis of a cloud-based network analytics system with multiple-source data aggregation. International Journal of Pervasive Computing and Communications, 19(5), 698-733.
[11] Yu, D., Zou, W., Yang, Y., Ma, H., Li, S. E., Yin, Y., ... & Duan, J. (2023). Safe model-based reinforcement learning with an uncertainty-aware reachability certificate. IEEE Transactions on Automation Science and Engineering, 21(3), 4129-4142.
[12] Fragkos, G., Johnson, J., & Tsiropoulou, E. E. (2022). Dynamic role-based access control policy for smart grid applications: an offline deep reinforcement learning approach. IEEE Transactions on Human-Machine Systems, 52(4), 761-773.
[13] Imteaj, A., Khan, I., Khazaei, J., & Amini, M. H. (2021). Fedresilience: A federated learning application to improve resilience of resource-constrained critical infrastructures. Electronics, 10(16), 1917.
[14] Dickinson, M., Debroy, S., Calyam, P., Valluripally, S., Zhang, Y., Antequera, R. B., ... & Xu, D. (2018). Multi-cloud performance and security driven federated workflow management. IEEE Transactions on Cloud Computing, 9(1), 240-257.
[15] García, Á. L., De Lucas, J. M., Antonacci, M., Zu Castell, W., David, M., Hardt, M., ... & Wolniewicz, P. (2020). A cloud-based framework for machine learning workloads and applications. IEEE access, 8, 18681-18692.
[16] Rodigari, S., O'Shea, D., McCarthy, P., McCarry, M., & McSweeney, S. (2021, September). Performance analysis of zero-trust multi-cloud. In 2021 IEEE 14th International Conference on Cloud Computing (CLOUD) (pp. 730-732). IEEE.
[17] Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207
[18] Bangui, H., Cioroaica, E., Ge, M., & Buhnova, B. (2023, March). Deep-learning based trust management with self-adaptation in the internet of behavior. In Proceedings of the 38th ACM/SIGAPP Symposium on Applied Computing (pp. 874-881).
[19] Nguyen, T. D., Marchal, S., Miettinen, M., Fereidooni, H., Asokan, N., & Sadeghi, A.-R. (2018). DÏoT: A federated self-learning anomaly detection system for IoT. arXiv. https://arxiv.org/abs/1804.07474
[20] Ramezanpour, K., & Jagannath, J. (2021). Intelligent zero trust architecture for 5G/6G networks: Principles, challenges, and the role of machine learning in the context of O-RAN. arXiv. https://arxiv.org/abs/2105.01478
[21] Datla, L. S., & Thodupunuri, R. K. (2021). Designing for Defense: How We Embedded Security Principles into Cloud-Native Web Application Architectures. International Journal of Emerging Research in Engineering and Technology, 2(4), 30-38.
[22] Xie, W., Wang, J., & Huang, Y. (2019). Privacy-Preserving Blockchain Based Federated Learning with Differential Data Sharing. arXiv. https://arxiv.org/abs/1912.04859.
[23] Jayaram, Y. (2023). Data Governance and Content Lifecycle Automation in the Cloud for Secure, Compliance-Oriented Data Operations. International Journal of AI, BigData, Computational and Management Studies, 4(3), 124–133. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V4I3P113
[24] Sundar, D., Jayaram, Y., & Bhat, J. (2022). A Comprehensive Cloud Data Lakehouse Adoption Strategy for Scalable Enterprise Analytics. International Journal of Emerging Research in Engineering and Technology, 3(4), 92–103. https://doi.org/10.63282/3050-922X.IJERET-V3I4P111
[25] Bhat, J. (2022). The Role of Intelligent Data Engineering in Enterprise Digital Transformation. International Journal of AI, BigData, Computational and Management Studies, 3(4), 106–114. https://doi.org/10.63282/3050-9416.IJAIBDCMS-V3I4P111
[26] Jayaram, Y., & Sundar, D. (2023). AI-Powered Student Success Ecosystems: Integrating ECM, DXP, and Predictive Analytics. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 4(1), 109–119. https://doi.org/10.63282/3050-9262.IJAIDSML-V4I1P113
[27] Sundar, D. (2022). Architectural Advancements for AI/ML-Driven TV Audience Analytics and Intelligent Viewership Characterization. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(1), 124–132. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I1P113
[28] Bhat, J., & Jayaram, Y. (2023). Predictive Analytics for Student Retention and Success Using AI/ML. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 4(4), 121–131. https://doi.org/10.63282/3050-9262.IJAIDSML-V4I4P114
[29] Jayaram, Y., & Bhat, J. (2022). Intelligent Forms Automation for Higher Ed: Streamlining Student Onboarding and Administrative Workflows. International Journal of Emerging Trends in Computer Science and Information Technology, 3(4), 100–111. https://doi.org/10.63282/3050-9246.IJETCSIT-V3I4P110
[30] Sundar, D. (2023). Serverless Cloud Engineering Methodologies for Scalable and Efficient Data Pipeline Architectures. International Journal of Emerging Trends in Computer Science and Information Technology, 4(2), 182–192. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I2P118
[31] Bhat, J. (2023). Automating Higher Education Administrative Processes with AI-Powered Workflows. International Journal of Emerging Trends in Computer Science and Information Technology, 4(4), 147–157. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I4P116
[32] Jayaram, Y., & Sundar, D. (2022). Enhanced Predictive Decision Models for Academia and Operations through Advanced Analytical Methodologies. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(4), 113–122. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I4P113
[33] Sundar, D., & Jayaram, Y. (2022). Composable Digital Experience: Unifying ECM, WCM, and DXP through Headless Architecture. International Journal of Emerging Research in Engineering and Technology, 3(1), 127–135. https://doi.org/10.63282/3050-922X.IJERET-V3I1P113
[34] Bhat, J. (2023). Strengthening ERP Security with AI-Driven Threat Detection and Zero-Trust Principles. International Journal of Emerging Trends in Computer Science and Information Technology, 4(3), 154–163. https://doi.org/10.63282/3050-9246.IJETCSIT-V4I3P116
[35] Jayaram, Y., Sundar, D., & Bhat, J. (2022). AI-Driven Content Intelligence in Higher Education: Transforming Institutional Knowledge Management. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 3(2), 132–142. https://doi.org/10.63282/3050-9262.IJAIDSML-V3I2P115
[36] Sundar, D. (2023). Machine Learning Frameworks for Media Consumption Intelligence across OTT and Television Ecosystems. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 4(2), 124–134. https://doi.org/10.63282/3050-9262.IJAIDSML-V4I2P114
[37] Bhat, J., Sundar, D., & Jayaram, Y. (2022). Modernizing Legacy ERP Systems with AI and Machine Learning in the Public Sector. International Journal of Emerging Research in Engineering and Technology, 3(4), 104–114. https://doi.org/10.63282/3050-922X.IJERET-V3I4P112
[38] Sundar, D., & Bhat, J. (2023). AI-Based Fraud Detection Employing Graph Structures and Advanced Anomaly Modeling Techniques. International Journal of Artificial Intelligence, Data Science, and Machine Learning, 4(3), 103–111. https://doi.org/10.63282/3050-9262.IJAIDSML-V4I3P112
[39] Bhat, J., & Sundar, D. (2022). Building a Secure API-Driven Enterprise: A Blueprint for Modern Integrations in Higher Education. International Journal of Emerging Research in Engineering and Technology, 3(2), 123–134. https://doi.org/10.63282/3050-922X.IJERET-V3I2P113
[40] Jayaram, Y. (2023). Cloud-First Content Modernization: Migrating Legacy ECM to Secure, Scalable Cloud Platforms. International Journal of Emerging Research in Engineering and Technology, 4(3), 130–139. https://doi.org/10.63282/3050-922X.IJERET-V4I3P114
