Logo
ScienceStack
Table of Contents
Fetching ...
Sign In

The Data Enclave Advantage: A New Paradigm for Least-Privileged Data Access in a Zero-Trust World

Nico Bistolfi, Andreea Georgescu, Dave Hodson

TL;DR

The paper addresses the vulnerability of standing permissions in cloud environments, arguing that true least-privilege data access is essential but hard to achieve with existing controls. It proposes Zero-Trust Data Enclaves as an on-demand, isolated mechanism to enforce ZSP and JIT through data contracts, enabling per-record access and real-time monitoring. By analyzing incidents like Darkbeam, Toyota, Microsoft, Snowflake, Retool, and FTX, it demonstrates how standing permissions inflate attack surfaces, enable privilege creep, and hinder auditing, while outlining a practical path to secure data environments without full rearchitecting. The work highlights a data-centric security shift that can reduce breach impact and improve auditable controls, offering a scalable approach for AI-driven, dynamic cloud workflows.

Abstract

As cloud infrastructure evolves to support dynamic and distributed workflows, accelerated now by AI-driven processes, the outdated model of standing permissions has become a critical vulnerability. Based on the Cloud Security Alliance (CSA) Top Threats to Cloud Computing Deep Dive 2025 Report, our analysis details how standing permissions cause catastrophic cloud breaches. While current security tools are addressing network and API security, the challenge of securing granular data access remains. Removing standing permissions at the data level is as critical as it is at the network level, especially for companies handling valuable data at scale. In this white paper, we introduce an innovative architecture based on on-demand data enclaves to address this gap directly. Our approach enables Zero Standing Privilege (ZSP) and Just-in-Time (JIT) principles at the data level. We replace static permissions with temporary data contracts that enforce proactive protection. This means separation is built around the data requested on-demand, providing precise access and real time monitoring for individual records instead of datasets. This solution drastically reduces the attack surface, prevents privilege creep, and simplifies auditing, offering a vital path for enterprises to transition to a more secure and resilient data environment.

The Data Enclave Advantage: A New Paradigm for Least-Privileged Data Access in a Zero-Trust World

TL;DR

The paper addresses the vulnerability of standing permissions in cloud environments, arguing that true least-privilege data access is essential but hard to achieve with existing controls. It proposes Zero-Trust Data Enclaves as an on-demand, isolated mechanism to enforce ZSP and JIT through data contracts, enabling per-record access and real-time monitoring. By analyzing incidents like Darkbeam, Toyota, Microsoft, Snowflake, Retool, and FTX, it demonstrates how standing permissions inflate attack surfaces, enable privilege creep, and hinder auditing, while outlining a practical path to secure data environments without full rearchitecting. The work highlights a data-centric security shift that can reduce breach impact and improve auditable controls, offering a scalable approach for AI-driven, dynamic cloud workflows.

Abstract

As cloud infrastructure evolves to support dynamic and distributed workflows, accelerated now by AI-driven processes, the outdated model of standing permissions has become a critical vulnerability. Based on the Cloud Security Alliance (CSA) Top Threats to Cloud Computing Deep Dive 2025 Report, our analysis details how standing permissions cause catastrophic cloud breaches. While current security tools are addressing network and API security, the challenge of securing granular data access remains. Removing standing permissions at the data level is as critical as it is at the network level, especially for companies handling valuable data at scale. In this white paper, we introduce an innovative architecture based on on-demand data enclaves to address this gap directly. Our approach enables Zero Standing Privilege (ZSP) and Just-in-Time (JIT) principles at the data level. We replace static permissions with temporary data contracts that enforce proactive protection. This means separation is built around the data requested on-demand, providing precise access and real time monitoring for individual records instead of datasets. This solution drastically reduces the attack surface, prevents privilege creep, and simplifies auditing, offering a vital path for enterprises to transition to a more secure and resilient data environment.

Paper Structure

This paper contains 14 sections, 2 figures.

Table of Contents

  1. Introduction
  2. The Problem with Standing Permissions
  3. The Challenge of Applying Least Privilege to Data
  4. Introducing the Data Enclave
  5. Standing permissions in recent incidents
  6. Expanded Attack Surface
  7. Privilege Creep
  8. Lateral Movement and Privilege Escalation
  9. Auditing Challenges
  10. The “Business Justification” for Breaking Glass
  11. Data vs. Network and other permissions
  12. A Solution: Zero-Trust Data Enclaves
  13. Data Enclaves work like a "man trap" for data
  14. Conclusion: Transitioning to a Least-Privilege Model

Figures (2)

  • Figure 1: The Data Enclave implements contracts at the resource and data segment level.
  • Figure 2: The Data Enclave disconnects from the resources, to achieve physical separation. Keep in mind that this is a simplified and conceptual version, a complete implementation diagram would have more elements and the complexity is out of scope for this white paper.

Theorems & Definitions (1)

  • Definition 4.1