Modern infrastructure teams have to impose least-privilege to multi-cloud environments and maintain privacy, all the while providing constant audit-readiness evidence. This paper introduces a portable governance architecture that (a) divide’s identity, decision, and enforcement; (b) integrates RBAC, ABAC, and ReBAC in a canonical schema; and (c) implements policy-as-code in terms of formal verification, static analysis, and safe roll-out patterns. Multi-source telemetry - cloud control-plane and cluster logs, identity provider events, and HRIS/ticketing data - are brought in as an entitlement graph to analyze reachability and problematic combinations. Policies are created in versioned repositories with unit/property testing, signed provenance, shadow evaluation, and progressive enforcement; recertifications of executed decisions also leave immutable evidence artifacts in auditable formats. Evaluation is provided with the use of KPIs, such as the least-privilege score, segregation-of-duties violation rate, policy coverage, review latency, and break-glass incidence. Experimental data show fewer emergency access points, infringement rates, faster reviews, and better policy coverage, as well as privacy-aware logging, tokenization, and differential-privacy budgets that limit exposure compared with heuristics and cloud-native analyzers. Operational guidance also involves a phased adoption playbook (pilot, guardrails), operational RACI of shared ownership, drift-reconciliation, and rollback runbooks. Limitations can be summarized as sporadic labels, imbalance of classes, semantic drift among providers, and telemetry gaps in legacy systems; mitigations can be characterized as time awareness validation, cost-sensitive thresholds, contract tests, and fallbacks. Future efforts will focus on sub-10-ms streaming PDPs, graph and unsupervised analytics with causal attribution, federated learning with privacy budgets, UX coupling assists drafting with verification gates, and synthetic datasets with simulated incidents.

Identity and Access Management (IAM), Policy-as-Code (OPA/Rego), Formal Verification, Entitlement Graphs

Ali, B., Gregory, M. A., & Li, S. (2021). Multi-access edge computing architecture, data security and privacy: A review. Ieee Access, 9, 18706-18721.

AlTawy, R., Galal, H. S., & Youssef, A. M. (2023). Mjolnir: Breaking the glass in a publicly verifiable yet private manner. IEEE Transactions on Network and Service Management, 20(3), 2942-2956.

Barr, J. L. (2020). Globalization and US Maritime Divergence; an Explanatory Case Study. University of Phoenix.

Baumer, T., Müller, M., & Pernul, G. (2023). System for cross-domain identity management (SCIM): Survey and enhancement with RBAC. IEEE Access, 11, 86872-86894.

Carrington, A. M., Manuel, D. G., Fieguth, P. W., Ramsay, T., Osmani, V., Wernly, B., ... & Holzinger, A. (2022). Deep ROC analysis and AUC as balanced average accuracy, for improved classifier selection, audit and explanation. IEEE Transactions on Pattern Analysis and Machine Intelligence, 45(1), 329-341.

Chavan, A. (2021). Exploring event-driven architecture in microservices: Patterns, pitfalls, and best practices. International Journal of Software and Research Analysis. https://ijsra.net/content/exploring-event-driven-architecture-microservices-patterns-pitfalls-and-best-practices

Chavan, A. (2022). Importance of identifying and establishing context boundaries while migrating from monolith to microservices. Journal of Engineering and Applied Sciences Technology, 4, E168. http://doi.org/10.47363/JEAST/2022(4)E168

Cohen, J. R., Joe, J. R., Thibodeau, J. C., & Trompeter, G. M. (2020). Audit partners' judgments and challenges in the audits of internal control over financial reporting. Auditing: A Journal of Practice & Theory, 39(4), 57-85.

Daoudagh, S., Lonetti, F., & Marchetti, E. (2020). XACMET: XACML Testing & Modeling: An automated model-based testing solution for access control systems. Software Quality Journal, 28(1), 249-282.

Gartzke, E., & Lindsay, J. R. (Eds.). (2019). Cross-domain deterrence: Strategy in an era of complexity. Oxford University Press.

Gulotta, D. P. (2023). Real time, dynamic cloud offloading for self-driving vehicles with secure and reliable automatic switching between local and edge computing (Doctoral dissertation, Politecnico di Torino).

Hong, S., Xu, L., Huang, J., Li, H., Hu, H., & Gu, G. (2023). SysFlow: Toward a programmable zero trust framework for system security. IEEE Transactions on Information Forensics and Security, 18, 2794-2809.

Ji, J., Wang, H., Huang, Y., Wu, J., Xu, X., Ding, S., ... & Ji, R. (2022, October). Privacy-preserving face recognition with learnable privacy budgets in frequency domain. In European Conference on Computer Vision (pp. 475-491). Cham: Springer Nature Switzerland.

Joosen, W. (2023). Security and Assessment of Biometric Authentication: Attacks, Defenses, and Metrics.

Karwa, K. (2023). AI-powered career coaching: Evaluating feedback tools for design students. Indian Journal of Economics & Business. https://www.ashwinanokha.com/ijeb-v22-4-2023.php

Kelly, M. R. (2019). Aggregating Private and Public Web Archives Using the Mementity Framework (Doctoral dissertation, Old Dominion University).

Konneru, N. M. K. (2021). Integrating security into CI/CD pipelines: A DevSecOps approach with SAST, DAST, and SCA tools. International Journal of Science and Research Archive. Retrieved from https://ijsra.net/content/role-notification-scheduling-improving-patient

Kumar, A. (2019). The convergence of predictive analytics in driving business intelligence and enhancing DevOps efficiency. International Journal of Computational Engineering and Management, 6(6), 118-142. Retrieved from https://ijcem.in/wp-content/uploads/THE-CONVERGENCE-OF-PREDICTIVE-ANALYTICS-IN-DRIVING-BUSINESS-INTELLIGENCE-AND-ENHANCING-DEVOPS-EFFICIENCY.pdf

Lécuyer, M., Spahn, R., Vodrahalli, K., Geambasu, R., & Hsu, D. (2019, October). Privacy accounting and quality control in the sage differentially private ML platform. In Proceedings of the 27th ACM Symposium on Operating Systems Principles (pp. 181-195).

Liu, B., Szalachowski, P., & Sun, S. (2020, October). Fail-safe watchtowers and short-lived assertions for payment channels. In Proceedings of the 15th ACM Asia Conference on Computer and Communications Security (pp. 506-518).

Meedeniya, D. A., Rubasinghe, I. D., & Perera, I. (2019). Traceability establishment and visualization of software artefacts in devops practice: a survey. International Journal of Advanced Computer Science and Applications, 10(7).

Meli, M., McNiece, M. R., & Reaves, B. (2019, February). How bad can it git? characterizing secret leakage in public github repositories. In NDSS.

Nyati, S. (2018). Transforming telematics in fleet management: Innovations in asset tracking, efficiency, and communication. International Journal of Science and Research (IJSR), 7(10), 1804-1810. Retrieved from https://www.ijsr.net/getabstract.php?paperid=SR24203184230

Opalek, A. (2019). Metadata for the International Health Workforce: Professional Regulation, Credentialing, and Health Policy Planning. Drexel University.

Ozor, N., & Nyambane, A. (2020). The state of open contracting in selected african countries. Humanist Institute for Co-operation with Developing Countries (HIVOS). https://bit. ly/3S78CTz.

Raju, R. K. (2017). Dynamic memory inference network for natural language inference. International Journal of Science and Research (IJSR), 6(2). https://www.ijsr.net/archive/v6i2/SR24926091431.pdf

Sardana, J. (2022). The role of notification scheduling in improving patient outcomes. International Journal of Science and Research Archive. Retrieved from https://ijsra.net/content/role-notification-scheduling-improving-patient

Schiller, N., Chlosta, M., Schloegel, M., Bars, N., Eisenhofer, T., Scharnowski, T., ... & Holz, T. (2023, March). Drone Security and the Mysterious Case of DJI's DroneID. In NDSS.

Singh, V., Unadkat, V., & Kanani, P. (2019). Intelligent traffic management system. International Journal of Recent Technology and Engineering (IJRTE), 8(3), 7592-7597. https://www.researchgate.net/profile/Pratik-Kanani/publication/341323324_Intelligent_Traffic_Management_System/links/5ebac410299bf1c09ab59e87/Intelligent-Traffic-Management-System.pdf

Singu, S. K. (2021). Designing scalable data engineering pipelines using Azure and Databricks. ESP Journal of Engineering & Technology Advancements, 1(2), 176-187.

Stevens, K. N. (2020). Rural elementary science teaching: Exploring the preparation and practices of early career educators. University of South Dakota.

Sukhadiya, J., Pandya, H., & Singh, V. (2018). Comparison of Image Captioning Methods. INTERNATIONAL JOURNAL OF ENGINEERING DEVELOPMENT AND RESEARCH, 6(4), 43-48. https://rjwave.org/ijedr/papers/IJEDR1804011.pdf

Swathi, Y., & Challa, M. (2023, November). From deployment to drift: A comprehensive approach to ml model monitoring with evidently ai. In International Conference on VLSI, Signal Processing, Power Electronics, IoT, Communication and Embedded Systems (pp. 307-320). Singapore: Springer Nature Singapore.

Zamanov, N. (2019). Applying Computer Vision Methods on Mobile Devices for BallSpeed Measurements (Doctoral dissertation, Hochschule für angewandte Wissenschaften Hamburg).

Zhang, Y., & Chen, X. (2020). Explainable recommendation: A survey and new perspectives. Foundations and Trends® in Information Retrieval, 14(1), 1-101.

Zhang, Z. (2022). Synthetic data simulation for privacy-preserving medical data sharing (Doctoral dissertation, Vanderbilt University).