Zero Trust Security in Hybrid Cloud Environments: Implementing and Evaluating Zero Trust Architectures in AWS and On-Premise Data Centers
DOI:
https://doi.org/10.63282/3050-9246.IJETCSIT-V5I2P105Keywords:
Zero Trust, Hybrid Cloud, AWS Security, On-Premise Security, Identity & Access Management (IAM), Microsegmentation, Least Privilege, Continuous Authentication, Cloud SecurityAbstract
A modern cybersecurity model called Zero Trust Security holds that no entityinside or outside of the networkshould be automatically trusted. As companies quickly embrace hybrid cloud solutions combining AWS with on-site data centers, zero trust is becoming more important. Since they hugely rely on the perimeter-based defenses, traditional security methods are useless against developing the threats. To guard infrastructure, applications & data, Zero Trust calls for strong identity verification, limited access rights & the continuous monitoring. Zero Trust implemented in a hybrid environment creates challenges include managing identity & access across several platforms, merging outdated systems & offering a seamless user experience free from compromise of the security. Notwithstanding these challenges, the benefitsbetter security posture, less attack surface, more regulatory standard complianceclearly show themselves. The useful implementation of Zero Trust in on-site & AWS data centers is investigated in this work. We examine the foundational components such as network segmentation, encryption, actual time threat detection & identity and access management (IAM). By means of actual application & evaluation, we evaluate Zero Trust approaches in terms of the operational efficiency, situational adaptability & the security performance. The findings highlight ideal practices, probable difficulties & sensible guidance for companies trying a Zero Trust strategy. This paper provides insightful analysis on including on-site & cloud security to guard hybrid systems from the modern cyberattacks
Downloads
References
[1] Oladosu, Sunday Adeola, et al. "Advancing cloud networking security models: Conceptualizing a unified framework for hybrid cloud and on-premises integrations." Magna Scientia Advanced Research and Reviews (2021).
[2] Oladosu, Sunday Adeola, et al. "Revolutionizing data center security: Conceptualizing a unified security framework for hybrid and multi-cloud data centers." Open Access Research Journal of Science and Technology 5.2 (2022): 086-076.
[3] Chewe, Mutale. "Hybrid Cloud Infrastructure Security: Security Automation Approaches for Hybrid IT." (2021).
[4] Ike, Christian Chukwuemeka, et al. "Redefining zero trust architecture in cloud networks: A conceptual shift towards granular, dynamic access control and policy enforcement." Magna Scientia Advanced Research and Reviews 2.1 (2021): 074-086.
[5] Koskinen, Jonne. "Cloud Security Architecture." (2023).
[6] Scoppetta, Andrea. Zero-Trust Architectures. Diss. Politecnico di Torino, 2022.
[7] Haddon, David, and Philip Bennett. "The emergence of post covid-19 zero trust security architectures." Information Security Technologies for Controlling Pandemics (2021): 335-355.
[8] Mansouri, Yaser, Victor Prokhorenko, and M. Ali Babar. "An automated implementation of hybrid cloud for performance evaluation of distributed databases." Journal of Network and Computer Applications 167 (2020): 102740.
[9] N'Goran, Kouadio Rodrigue. Stratégie de sécurité Zero Trust dans un environnement de cloud communautaire. Diss. Ecole nationale supérieure Mines-Télécom Atlantique; Institut National Polytechnique Félix Houphouët-Boigny (Yamoussoukro, Côte d'Ivoire), 2023.
[10] Shreyas, Sakharkar. "Security model for cloud computing: case report of organizational vulnerability." Journal of Information Security 14.4 (2023): 250-263.
[11] Raje, Gaurav. Security and Microservice Architecture on AWS. " O'Reilly Media, Inc.", 2021.
[12] Peiris, Chris, Binil Pillai, and Abbas Kudrati. Threat Hunting in the Cloud: Defending AWS, Azure and Other Cloud Platforms Against Cyberattacks. John Wiley & Sons, 2021.
[13] Chari, Sanjay, et al. "Setting Up and Exploration of Security in a Hybrid Cloud." 2021 IEEE Mysore Sub Section International Conference (MysuruCon). IEEE, 2021.
[14] Balasubramanian, R., and M. Aramudhan. "Security issues: public vs private vs hybrid cloud computing." International Journal of Computer Applications 55.13 (2012).
[15] Subashini, Subashini, and Veeraruna Kavitha. "A survey on security issues in service delivery models of cloud computing." Journal of network and computer applications 34.1 (2011): 1-11.
