Zero Trust Security Architecture for Cloud Native Applications
DOI:
https://doi.org/10.15662/IJEETR.2024.0601001Keywords:
Zero Trust, Cloud-Native Security, Microservices, Service Mesh, SP 800-207A, AI-Driven Monitoring, Continuous Access ControlAbstract
Zero Trust Security Architecture (ZTA) has emerged as a foundational paradigm for securing cloud-native applications, embracing dynamic, highly distributed systems such as microservices, containers, and multi-cloud deployments. In 2023, NIST released SP 800-207A, a definitive guide for access control in cloud-native, multi-location environments, which emphasizes identity-first policies, service mesh adoption, sidecar proxies, and telemetry-driven continuous assurance. Simultaneously, practitioners and researchers explored how Zero Trust integrates with Kubernetes, service mesh, and CI/CD pipelines. From a literature review, key trends include AI-enhanced monitoring, adaptive policy enforcement, and real-time behavioral analytics Methodologically, works combined systematic reviews, case studies, and experimental simulations to assess effectiveness—as seen in approaches analyzing unauthorized access reduction, performance impacts, and deployment. These assessments confirm that Zero Trust architectures decrease attack surfaces, minimize lateral threat movement, and enhance detection—but also introduce operational complexity and performance overhead in resource-constrained or legacy-integrated systems This paper synthesizes these findings, presenting a comprehensive Zero Trust model for cloud-native deployments that balances security, performance, and scalability, and concludes with forward-looking recommendations for intelligent, self-healing, AI-driven policy and observability enhancements.
References
1. Chandramouli R., Butcher Z. (2023). A Zero Trust Architecture Model for Access Control in Cloud-Native Applications in Multi-Location Environments; NIST SP 800-207A NIST.
2. NIST (2023). A Zero Trust Architecture Model for Access Control... (NIST announcement) NIST.
3. Singh G. (2023). Cloud-Native Security using Zero Trust Architecture; International Journal on Recent and Innovation Trends in Computing and Communication ijritcc.org.
4. Ghasemshirazi S., Shirvani G., Alipour M. A. (2023). Zero Trust: Applications, Challenges, and Opportunities arXiv.
5. Vivian M. (2025, upload date reflects new direction). Zero Trust Security Framework in Cloud-Native Environments: Trends and Future Directions (2023 conceptual timeline and methodology) ResearchGate.
6. ResearchGate study (2023). Zero-Trust Architectures for Securing Cloud-Native Infrastructure – includes experimental findings ResearchGate.
7. ResearchGate study (2023). Zero Trust Architecture for Cloud-Based Enterprises: A Comprehensive Analysis – framework and simulation phase ResearchGate.
