Zero-Trust Data Fabrics: A Policy-Driven Model for Secure Cross-Cloud Healthcare and Financial Data Exchanges
DOI:
https://doi.org/10.15662/IJARCST.2021.0402002Keywords:
Zero-Trust Architecture (ZTA, Data Fabric, Attribute-Based Access Control (ABAC), Cross-Cloud Security, Healthcare Interoperability, Financial Data Protection, Policy-Driven Access, Data Lineage, FHIR, PCI-DSS, Multi-Cloud Governanc, Confidential Computing, Secure Data Exchange.Abstract
Cross-cloud data exchange has become a foundational requirement for modern healthcare and financial enterprises as they adopt multi-cloud and hybrid architectures. However, traditional perimeter-based security models fail to protect high-value datasets—such as EHR, claims, PHI, PII, and financial transactions—when they traverse heterogeneous cloud environments. This paper proposes a Zero-Trust Data Fabric (ZTDF) architecture that unifies identity, policy, encryption, and continuous monitoring across distributed data platforms. By integrating attribute-based access control (ABAC), fine-grained data governance, and real-time policy orchestration, the ZTDF model establishes a consistent security posture for high-risk sectors. The approach ensures secure, compliant, and context-aware data
movement across Azure, AWS, Google Cloud, and on-premises systems—enabling AI/ML workloads, interoperability, and regulatory alignment without compromising confidentiality or integrity.
References
[1] NIST, “Zero Trust Architecture,” NIST Special Publication 800-207, Aug. 2020.
[2] Health Level Seven International (HL7), “FHIR Release 5 Specification,” 2023.
[3] U.S. Department of Health & Human Services, “HIPAA Security Rule,” 2022.
[4] PCI Security Standards Council, “PCI-DSS: Payment Card Industry Data Security Standard v4.0,” 2022.
[5] Gartner, “Data Fabric Architecture Drives Data Management and Governance for Modern Enterprises,” 2021.
[6] Microsoft, “Confidential Computing Architecture Overview,” Microsoft Azure Documentation, 2024.
[7] Amazon Web Services, “Cross-Account and Cross-Cloud Data Security Best Practices,” AWS Security
Whitepaper, 2023.
[8] Google Cloud, “Zero Trust and BeyondCorp Enterprise Security Model,” Google Cloud Security, 2023.
[9] IBM, “Hybrid Cloud Security: Principles of Zero Trust in Multi-Cloud Data Architectures,” IBM Research Report,
2022.
[10] OWASP Foundation, “API Security Top 10,” OWASP, 2023.
