Policy-Driven Zero Trust Enforcement Using Context-Aware Access Control Models
Abstract
Complex enterprise networks, remote work, and cloud services compromise perimeter-based security. Static, role-centric access control cannot handle modern workplace risks. This study addresses these concerns using a context-aware access control model-based policy-driven Zero Trust enforcement system. Platform delivers real-time, adaptive access by assessing device posture, user behavior, and risk score. A contextual rule in an automated policy engine grants or denies access based on risk, not credentials or network location. Scalable policy assessment, dynamic risk quantification, and contextual signal integration into decision logic are crucial. The empirical data shows that context-aware enforcement minimizes illicit access and lateral movement while retaining operational efficiency. Cybersecurity in modern digital infrastructures must be policy-driven Zero Trust.