ESP International Journal of Advancements in Science & Technology [ESP-IJAST]
Zero Trust Security in Cloud-Based Big Data Architectures
© 2025 by IJAST
Volume 3 Issue 4
Year of Publication : 2025
Author : Ujjawal Nayak
: 10.56472/25839233/IJAST-V3I4P101
Citation :
Ujjawal Nayak, 2025. "Zero Trust Security in Cloud-Based Big Data Architectures" ESP International Journal of Advancements in Science & Technology (ESP-IJAST) Volume 3, Issue 4: 1-4.
Abstract :
Cloud computing and big data analytics have transformed enterprise operations, yet traditional perimeter-based security models fail in distributed, multi-cloud environments. Zero Trust Architecture (ZTA) addresses these limitations by enforcing continuous verification and identity-centric controls. This study examines Zero Trust principles applied to cloud-based big data systems, focusing on micro-segmentation, policy-as-code enforcement, and continuous authentication mechanisms. We propose a reference architecture integrating identity governance, least-privilege access, and adaptive trust scoring across ingestion, processing, storage, and orchestration planes. The framework demonstrates how policy-driven controls, combined with AI-based anomaly detection, can mitigate insider threats, lateral movement, and data exfiltration in dynamic analytics workloads. Implementation challenges—including verification latency, multi-cloud heterogeneity, and dynamic data classification—are analyzed alongside deployment best practices. Results indicate that Zero Trust provides scalable, auditable protection for petabyte-scale data pipelines while maintaining compliance and operational resilience in hybrid cloud environments.
References :
[1] L. Ferretti, F. Magnanini, M. Andreolini, and M. Colajanni, "Survivable zero trust for cloud computing environments," Computers & Security, vol. 110, Art. no. 102419, Nov. 2021.
[2] S. Rose, O. Borchert, S. Mitchell, and S. Connelly, Zero Trust Architecture, NIST Special Publication 800-207, Aug. 2020. [https://doi.org/10.6028/NIST.SP.800-207]
[3] E. Gilman and D. Barth, Zero Trust Networks: Building Secure Systems in Untrusted Networks. Sebastopol, CA, USA: O'Reilly Media, 2017.
[4] Microsoft, "Security best practices for identity and access," Microsoft Azure Architecture Center. Accessed: Nov. 24, 2025. [https://learn.microsoft.com/azure/architecture/framework/security/design-identity]
[5] Google Cloud, "BeyondCorp Zero Trust Enterprise Security," Google Cloud. Accessed: Nov. 24, 2025. [https://cloud.google.com/beyondcorp]
[6] Google Workspace Admin Help, "Protect your business with Context-Aware Access," Google Workspace Admin Help. Accessed: Nov. 24, 2025. [https://support.google.com/a/answer/9275380]
[7] C. DeCusatis, P. Liengtiraphan, A. Sager, and M. Pinelli, "Implementing zero trust cloud networks with transport access control and first packet authentication," in Proc. IEEE Int. Conf. Smart Cloud (SmartCloud), 2016, pp. 208-213.
[8] Open Policy Agent, "Open Policy Agent Documentation," CNCF Project. Accessed: Nov. 24, 2025. [https://www.openpolicyagent.org]
[9] A. Gupta, "What Is The Right Security Posture? A Perspective on Cloud Computing Security Threats and Risk Assessment", IJERET, vol. 4, no. 4, pp. 120-127, Dec. 2023, doi: 10.63282/3050-922X.IJERET-V414P112.
[10] Cybersecurity and Infrastructure Security Agency (CISA), Insider Threat Mitigation Guide. Washington, DC, USA: CISA, 2020.
[11] F. T. Liu, K. M. Ting, and Z.-H. Zhou, "Isolation forest," in Proc. 8th IEEE Int. Conf. Data Mining (ICDM), 2008, pp. 413-422.
Keywords :
Big Data, Cloud Security, Identity Governance, Multi-Cloud Security, Policy-as-Code, Zero Trust.