Published Paper Details:

The swift proliferation of hybrid and multi-cloud infrastructures has dramatically expanded the enterprise attack surface, rendering traditional perimeter-based security models obsolete in the face of distributed, dynamic systems. Organizations now routinely deploy workloads across disparate platforms--including Amazon Web Services (AWS), Microsoft Azure, Google Cloud Platform (GCP), and on-premises private data centers--introducing multifaceted security challenges such as fragmented identity management, inconsistent access controls, and heightened risks of lateral movement by adversaries exploiting trust relationships between environments. This paper introduces a comprehensive Zero Trust Architecture (ZTA) framework tailored for hybrid and multi-cloud ecosystems, which dismantles implicit trust assumptions and mandates continuous, contextual verification of all users, devices, workloads, and network flows irrespective of location or network perimeter. The proposed architecture synergistically integrates three core pillars: (1) identity-centric access control leveraging federated identity providers (e.g., OAuth 2.0, OpenID Connect) with just-in-time (JIT) privilege elevation; (2) continuous authentication mechanisms that fuse multi-factor signals--including device posture assessments (e.g., compliance with endpoint detection and response tools), user behavioral analytics (UBA) via machine learning models detecting anomalies in access patterns, geolocation, and session risks--and real-time risk scoring to dynamically revoke or adapt privileges; and (3) granular micro-segmentation enforced through software-defined networking (SDN) and intent-based policies, creating ephemeral security zones that isolate workloads at the application, container, or workload level to preempt lateral movement. Cross-cloud enforcement is achieved via a centralized policy decision point (PDP) with distributed policy enforcement points (PEPs) that synchronize dynamic policies across providers using standardized APIs (e.g., AWS IAM, Azure AD, and Kubernetes NetworkPolicies). The framework also incorporates telemetry aggregation from cloud-native security tools (e.g., AWS GuardDuty, Azure Sentinel) for holistic threat visibility and automated response orchestration. To evaluate efficacy, we conducted rigorous experimental evaluations in a simulated hybrid cloud testbed comprising AWS, Azure, and a Kubernetes-orchestrated private cluster, emulating real-world attack scenarios such as privilege escalation, container escapes, and lateral traversal using tools like Atomic Red Team and MITRE ATT&CK frameworks. Quantitative metrics-- including mean time to detect (MTTD) intrusions (reduced by 68%), successful lateral movement attempts blocked (92% efficacy), and policy evaluation latency (<50ms)--demonstrate superior performance over baseline models like VPN-centric perimeters and static firewalls. Qualitative analysis highlights enhanced security visibility through unified dashboards and adaptive resilience against evolving threats, with scalability tested up to 10,000 concurrent workloads. This framework offers enterprises a robust, vendor-agnostic blueprint for securing hybrid/multi-cloud deployments, paving the way for resilient operations in an era of pervasive cloud adoption while minimizing operational overhead.