International Journal of Science, Engineering and TechnologyAuthors: Haritha Bhuvaneswari Illa
Abstract: The rapid migration of enterprise workloads to cloud environments has rendered traditional perimeter-based security models inadequate against evolving cyber threats. This review explores the design, implementation, and evaluation of Zero Trust Security Architecture (ZTSA) within Amazon Web Services (AWS) cloud environments. Built on the principle of “never trust, always verify,” Zero Trust enforces continuous authentication, least-privilege access, and micro-segmentation to safeguard distributed resources. The paper examines the theoretical foundations of Zero Trust as defined by NIST SP 800-207, maps its principles to AWS-native services such as Identity and Access Management (IAM), Security Hub, GuardDuty, and Verified Access, and evaluates their collective role in achieving identity-centric, policy-driven protection. Comparative analyses of academic and industrial frameworks reveal AWS’s architectural maturity in operationalizing Zero Trust through automation, encryption, and observability. The review also identifies critical challenges, including policy complexity, hybrid integration issues, and compliance alignment, which impede large-scale adoption. Furthermore, emerging trends such as AI-enhanced monitoring, policy-as-code automation, and quantum-resilient cryptography are discussed as future enablers of Zero Trust evolution in cloud ecosystems. Overall, this study concludes that AWS provides one of the most comprehensive platforms for realizing Zero Trust, though achieving full maturity requires consistent governance, automation, and cross-cloud standardization.
DOI: https://doi.org/10.5281/zenodo.17548986
