AI-Driven Continuous Governance for Machine Identities in Cloud-Native Zero Trust Environments

Paper ID: EIJTEM_2026_13_2_72-78

Author's Name: Kaushik Reddy Muppa

Volume: 13

Issue: 2

Year: 2026

Page No: 72-78

Abstract:

Cloud-native systems and Zero Trust architectures have fundamentally restructured enterprise security by elevating identity to the primary enforcement boundary. As distributed infrastructures scale, Non-Human Identities (NHIs), including workload credentials, service accounts, APIs, containers, serverless functions, and autonomous agents, now dominate authentication flows and execute most privileged interactions. However, identity governance mechanisms have not evolved at the same pace. Existing Identity Governance and Administration (IGA) models remain largely human-centric, review-driven, and static, resulting in a structural gap between the scale of identity and governance capability. This gap manifests as privilege drift, entitlement sprawl, prolonged credential exposure, and expanded lateral-movement surfaces across service communication graphs. We formalize this challenge as the Machine Identity Governance Problem (MIGP): the need to continuously assess, constrain, and adapt privileges for dynamically provisioned machine identities operating at automation scale. To address this problem, we propose an AI-driven Continuous Governance Framework (ACGF) that reconceptualizes identity governance as a closed-loop, risk-adaptive control system. ACGF integrates behavioral telemetry, privilege relationship modeling, credential lifecycle intelligence, and automated policy enforcement to minimize machine identity risk while preserving operational continuity continuously. We present a cloud-native reference architecture, describe its practical implementation, and evaluate its effectiveness in reducing privilege accumulation and containment latency in high-churn environments. Our findings indicate that continuous, telemetry-driven governance significantly improves privilege hygiene and limits lateral exposure without introducing instability. More broadly, this work establishes adaptive machine identity governance as a foundational security discipline for Zero Trust ecosystems, providing a conceptual and architectural framework for future research in machine-scale identity control.

Keywords: AI-Driven, Machine Identities, Cloud-Native Zero Trust Environments

References:

1. National Institute of Standards and Technology, "SP 800-207A: A Zero Trust Architecture Model for Access Control," 2023.
2. Cybersecurity and Infrastructure Security Agency, "Zero Trust Maturity Model v2.0," 2023.
3. U.S. Department of Defense CIO, "Zero Trust Reference Architecture v2.0," 2022.
4. R. Ward and B. Beyer, "BeyondCorp: A New Approach to Enterprise Security," USENIX ;login:, 2014.
5. Shevrin, et al., "Detecting Multi-Step IAM Attacks in AWS Environments via Model Checking," USENIX Security Symposium, 2023.
6. Y. Hu, et al., "Fixing Privilege Escalations in Cloud Access Control with MaxSAT and Graph Neural Networks," Proceedings of the 38th IEEE/ACM International Conference on Automated Software Engineering (ASE), 2023.
7. S. Yang, et al., "Attacking Kubernetes via Excessive Permissions of Third-Party Applications," Proceedings of the 30th ACM Conference on Computer and Communications Security (CCS), 2023.
8. Z. Gu, et al., "EPScan: Automated Detection of Excessive RBAC Permissions in Kubernetes Applications," IEEE Symposium on Security and Privacy, 2025.
9. W. Sanders and M. Yue, "Mining Least Privilege Attribute-Based Access Control Policies," Annual Computer Security Applications Conference (ACSAC), 2019.
10. National Institute of Standards and Technology, "Risk-Adaptive Access Control (RAdAC) Concept Paper," [Online]. Available: https://csrc.nist.gov/publications/detail/white-paper/2010/07/01/risk-adaptive-access-control-radac-concept-paper/final
11. R. Sommer and V. Paxson, "Outside the Closed World: On Using Machine Learning for Network Intrusion Detection," IEEE Symposium on Security and Privacy, 2010.
12. SPIFFE Project, "SPIFFE Identity Specifications," [Online]. Available: https://spiffe.io/docs/latest/spiffe-about/overview/
13. SPIRE Project, "SPIRE Runtime Identity Framework," [Online]. Available: https://spiffe.io/spire/
14. K. R. Muppa, "Study on cloud-based identity and access management in cyber security," International Journal of Data Analytics Research and Development (IJDARD), vol. 2, no. 1, pp. 40–49, 2024.
15. K. R. Muppa, "Analysis on the role of artificial intelligence and identity and access management (IAM) in cyber security," International Journal of Artificial Intelligence Research and Development (IJAIRD), vol. 2, no. 1, pp. 113–122, 2024.
16. K. R. Muppa, "Analysis on cyber risk exposures and an evaluation of the elements that go into being ready to deal with cyber threats," International Journal of Computer Engineering and Technology (IJCET), vol. 15, no. 3, pp. 12–20, 2024.
17. K. R. Muppa, "Enhanced identity and access management with artificial intelligence: A strategic overview," International Journal of Information Security and Cybercrime (IJISC), vol. 13, no. 2, pp. 9–17, 2024.
18. K. R. Muppa, "Optimizing security in the cloud: Strengthening protection through single sign-on implementation," International Research Journal of Engineering & Applied Sciences (IRJEAS), vol. 11, no. 2, 2023.
19. K. R. Muppa, "Advancing cloud security with AI-enhanced AWS identity and access management," International Research Journal of Engineering & Applied Sciences (IRJEAS), vol. 10, no. 1, p. 4, 2022.

View PDF