Zero trust framework for protecting federal networks and cloud services
DOI:
https://doi.org/10.58524/app.sci.def.v3i1.669Keywords:
Cloud computing, FedRAMP, Network Security, Zero Trust ArchitectureAbstract
There has been a rapid uptake of cloud technologies in public sectors due to increased efficiency across operations while increasing the complexity of cyber threats. This paper analyses the original Zero Trust Architecture (ZTA) concept as a security concept applicable to federal networks and cloud services protection. It mainly involves linking ZTA principles with FedRAMP regulations and insists on constant validation, minimisation of rights, and breach presumption. The study outlines guidelines for ZTA implementations for compliance and readiness in the cloud environments.
References
CISA. (2021). Cybersecurity and Infrastructure Security Agency - Zero Trust Maturity Model. Cybersecurity and Infrastructure Security Agency, U.S. Department of Homeland Security division.
Stafford, V. (2020). Zero trust architecture. NIST special publication, 800, p.207.
Kopparthi, V. J. R. (2024). Federal cloud security: A strategic approacj to FedRAMP compliance and governance. International Journal of Research in Computer Applications and Information Technology (IJRCAIT), 7(2), 2288–2296. https://doi.org/10.5281/zenodo.14500455
Sarkar, S., Choudhary, G., Shandilya, S. K., Hussain, A., & Kim, H. (2022). Security of Zero Trust Networks in Cloud Computing: A Comparative Review. Sustainability, 14(18), 11213. https://doi.org/10.3390/su141811213
NSA. (2021). Zero trust: A guide for implementation. National Security Agency, U.S.
Taylor, L. (2014). FedRAMP: History and future direction. IEEE Cloud Computing, 1(3), 10-14. https://doi.org/10.1109/MCC.2014.54
Kolawole, I. (2025). Leveraging Cloud-based ai and zero trust architecture to enhance U. S. cybersecurity and counteract foreign threats. World Journal of Advanced Research and Reviews, 2025, 25(03), 006-025. https://doi.org/10.30574/wjarr.2025.25.3.0635
Veeramachaneni, V. (2024). Integrating Zero Trust Principles into IAM for Enhanced Cloud Security. Recent Trends in Cloud Computing and Web Engineering, 7(1), 78–92. https://doi.org/10.5281/zenodo.14162091
Ahmadi, S. (2024). Zero Trust Architecture in Cloud Networks: Application, Challenges and Future Opportunities. Journal of Engineering Research and Reports, 26(2), 215–228. https://doi.org/10.9734/jerr/2024/v26i21083
Chandramouli, R., & Butcher, Z. (2023). A zero-trust architecture model for access control in cloud-native applications in multi-location environments. US Department of Commerce, National Institute of Standards and Technology. https://doi.org/10.6028/NIST.SP.800-207A
Paul, B., & Rao, M. (2023). Zero-trust model for smart manufacturing industry. Applied Sciences, 13(1), 221. https://doi.org/10.3390/app13010221
Shepherd, C. (2022). Zero trust architecture: Framework and case study (Graduate Student Project). Boise State University.
Akinsanya, A. (2024). Securing the Future: Implementing a Zero-Trust Framework in U.S. Critical Infrastructure Cybersecurity. International Journal of Advance Research, Ideas and Innovations in Technology, 10(3) V1013-1221.www.IJARIIT.com
Phiayura, P., & Teerakanok, S. (2023). A comprehensive framework for migrating to zero trust architecture. IEEE Access, 11, 19487-19511. https://doi.org/10.1109/ACCESS.2023.3248622
Azad, M. A., Abdullah, S., Arshad, J., Lallie, H., & Ahmed, Y. H. (2024). Verify and trust: A multidimensional survey of zero-trust security in the age of IoT. Internet of Things, 27, 101227. https://doi.org/10.1016/j.iot.2024.101227
Kim, H., Kim, Y., & Kim, S. (2024). A study on the security requirements analysis to build a zero trust-based remote work environment. Retreived from arXiv preprint arXiv:2401.03675.
Ajish, D. The significance of artificial intelligence in zero trust technologies: a comprehensive review. Journal of Electrical Systems and Information Technology, 11(30), 1-23. https://doi.org/10.1186/s43067-024-00155-z
Syrotynskyi, R., Tyshyk, I., Kochan, O., Sokolov, V., & Skladannyi, P. (2024). Methodology of network infrastructure analysis as part of migration to zero-trust architecture. CSDP 2024, (3800), 97-105.
Tanque, M., & Foxwell, H. J. (2023). Cyber risks on IoT platforms and zero trust solutions. In Advances in Computers, 131(2023), 79-148. https://doi.org/10.1016/bs.adcom.2023.04.003
Kim, Y., Sohn, S. G., Jeon, H. S., Lee, S. M., Lee, Y., & Kim, J. (2024). Exploring Effective Zero Trust Architecture for Defense Cybersecurity: A Study. KSII Transactions on Internet and Information Systems (TIIS), 18(9), 2665-2691.
Sweeney, C. (2021). A Zero-Knowledge Multi-Factor Authentication Framework for Actualizing the Federal Zero-Trust Enterprise (Master's thesis), Utica College.
Bobbert, Y., & Timmermans, T. (2024). Zero Trust and Compliance with Industry Frameworks and Regulations. In: Arai, K. (eds) Advances in Information and Communication. FICC 2024. Lecture Notes in Networks and Systems, vol 921. Springer, Cham. https://doi.org/10.1007/978-3-031-54053-0_43
Colomb, Y., White, P., Islam, R., & Alsadoon, A. (2023). Applying Zero Trust Architecture and Probability-Based Authentication to Preserve Security and Privacy of Data in the Cloud. In: Daimi, K., Alsadoon, A., Peoples, C., El Madhoun, N. (eds) Emerging Trends in Cybersecurity Applications. Springer, Cham. https://doi.org/10.1007/978-3-031-09640-2_7
Vang, T., & Lind, M. L. (2023). Factors Influencing Cloud Computing Adoption in a Zero-Trust Environment. https://doi.org/10.21203/rs.3.rs-3152878/v1
Ren, Y., Wang, Z., Sharma, P. K., Alqahtani, F., Tolba, A., & Wang, J. (2025). Zero Trust Networks: Evolution and Application from Concept to Practice. Computers, Materials & Continua, 82(2), 1593-1613. https://doi.org/10.32604/cmc.2025.059170
Downloads
Published
Issue
Section
License
Copyright (c) 2025 Sudheer Kotilingala
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
