Design and Implementation of a Zero Trust Security Framework for Cloud-Based SaaS Applications

Perimeter-based security solutions are becoming less and less effective due to the growing complexity of contemporary cyber threats and the collapse of old network boundaries. As a result, Zero Trust Architecture (ZTA) has become a revolutionary paradigm that redefines how cloud and hybrid IT infrastructures build, maintain, and revoke trust. This paper presents an intelligent Zero Trust Security Framework based on attention-based deep learning models to detect intrusions in real-time and dynamically enforce policies within SaaS applications. The framework combines the DNN + Attention and RNN + Attention models to continuously observe the network traffic and dynamically determine if the requests are legitimate or malicious and make ALLOW or DENY/QUARANTINE decisions. The CICIDS2017 dataset is used for experiment, followed by the preprocessing, feature analysis, data balancing using SMOTE and model training. Experimental results show that DNN + Attention model has the highest accuracy, F1 score and AUC-ROC of 97.00%, 92.75% and 99.63% respectively with less latency and faster prediction time compared to RNN + Attention model. The proposed framework is validated and demonstrated as effective in an intelligent intrusion detection, real-time threat containment, and secure SaaS application monitoring for current Zero Trust environments by comparing to existing approaches.