Mitigating Security Threats and Vulnerabilities in Cloud-based Services Authentication Process through Intelligent Zero Trust Architecture

The widespread adoption of Cloud-Based Services (CBS) has significantly increased the surface area for cyber threats, particularly targeting authentication mechanisms, which remain among the most vulnerable components of cloud security. This study aimed to address these challenges by developing, simulating and evaluating an Intelligent Zero Trust Architecture (IZTA) model tailored to mitigate authentication-related threats in CBS environments. The research was guided by four key objectives: (i) to assess threats and vulnerabilities in existing authentication schemes employed in CBS, (ii) to evaluate the effectiveness of Zero Trust Architecture (ZTA) principles in mitigating threats and vulnerabilities within authentication schemes for CBS, (iii) to design a ZTA implementation scheme tailored to CBS authentication environments, intergrating selected trust signals derived from user behavior and contextual device data, and (iv) to develop an intelligent ZTA model for dynamic authentication and threat mitigation within CBS. The study adopted a positivist philosophy and quasi-experimental design, utilizing a structured six-step methodology. Data was sourced from public repositories, including Kaggle and the NIST MITRE ATT&CK framework. The study evaluated the impacts of CBS authentication threats and vulnerabilities using standard NIST procedures, selected the ZTA principle of policy enforcement as the most viable mitigation policy, and utilized two trust signals: Behavioral targeting system users and Contextual targeting system devices. Based on the trust signals, two machine learning models; Keystroke Dynamics and Device Location, were developed using Binary Logistic Regression, achieving a combined average accuracy of 80.63%, with a residual ineffectiveness rate of 19.37%. The IZTA Threat Mitigation Model was introduced to reclassify threat severity scores, resulting in the downgrading of all authentication threats to Low Severity, demonstrating a mitigation effectiveness exceeding 80%. Furthermore, the model underwent expert validation by five cybersecurity specialists. The IZTA model achieved an overall expert validation score of 86.4%, with particularly high ratings in innovation (92%) and overall effectiveness (90%), confirming its practical viability and technical relevance in securing CBS authentication systems. This research contributes to the field of cybersecurity by presenting a validated, intelligent, and context-aware ZTA model capable of enhancing identity and access management in dynamic cloud environments. The findings offer actionable insights for cloud architects, cybersecurity professionals, and policymakers aiming to strengthen trust, reduce attack surfaces, and improve threat resilience across digital infrastructures.