Design and Empirical Evaluation of a Zero-Trust Cloud Database Pipeline for High-Concurrency Web and Mobile Applications
DOI:
https://doi.org/10.15680/sfwak859Keywords:
Zero Trust Architecture, Mutual TLS (mTLS), Policy-as-Code, Open Policy Agent (OPA), Cloud Database Security, High-Concurrency Applications, Service MeshAbstract
This paper presents the design, implementation, and empirical evaluation of a novel Zero-Trust (ZT) database pipeline architected specifically for cloud-native, high-concurrency web and mobile applications. Traditional perimeter-centric security models fail under the dynamic, distributed nature of modern cloud environments.1 The proposed architecture enforces "never trust, always verify" principles, eliminating implicit trust zones and mandating strict, granular authentication and authorization for every data access request, regardless of origin.2 Key features include mutual TLS (mTLS) for all service-to-database communication, dynamic authorization using Policy-as-Code (e.g., OPA), and data-in-use protection via confidential computing techniques. The empirical evaluation, conducted under simulated peak load conditions ($>10,000$ concurrent connections), assessed the pipeline's security efficacy, latency impact, and scalability compared to a conventional cloud security group/VPC-based pipeline. The findings demonstrate that the ZT model significantly enhances the security posture by mitigating common cloud vulnerabilities (e.g., credential exposure, insider threats) with only a marginal, acceptable overhead on transaction latency and overall throughput, thus establishing a scalable blueprint for securing sensitive data in demanding application environments.
References
1. Kindervag, J. (2010). No More Chewy Centers: The Zero Trust Model of Information Security. Forrester Research. (Core ZT concept)
2. Rose, S., Borchert, O., et al. (2020). Zero Trust Architecture. NIST Special Publication 800-207. National Institute of Standards and Technology. (Official ZT framework)
3. Goyal, M., et al. (2022). Performance Evaluation of Mutual TLS in Microservices Architecture. IEEE Transactions on Network and Service Management. (For performance metrics on mTLS overhead)
4. Vangavolu, S. V. (2025). THE LATEST TRENDS AND DEVELOPMENT IN NODE.JS (7th ed., pp. 7715-7726). International Research Journal of Modernization in Engineering Technology and Science. https://doi.org/https://www.doi.org/10.56726/IRJMETS70150
5. Levin, L., & Gonen, H. (2021). Policy-as-Code for Cloud Security Governance: Implementation with Open Policy Agent (OPA). Proceedings of the Cloud Computing Security Workshop (CCSW). (For technical background on PaC implementation
6. Vijayaboopathy, V., Kalyanasundaram, P. D., & Surampudi, Y. (2022). Optimizing Cloud Resources through Automated Frameworks: Impact on Large-Scale Technology Projects. Los Angeles Journal of Intelligent Systems and Pattern Recognition, 2, 168-203.
7. A recent paper comparing traditional cloud security groups/VPC setups vs. service mesh security (e.g., Istio/Linkerd).
8. Kolla, S. (2025). CrowdStrike's Effect on Database Security (14th ed., pp. 733-737). International Journal of Innovative Research in Science Engineering and Technology. https://doi.org/https://www.doi.org/10.15680/IJIRSET.2025.1401103
