Abstract

Hybrid cloud environments combine private and public cloud infrastructures to optimize security, scalability, and cost-effectiveness. However, ensuring secure access control in such environments remains a critical challenge due to dynamic workloads, multi-tenancy, and cross-cloud authentication complexities. This paper explores access control models tailored for secure hybrid cloud deployment, focusing on Role-Based Access Control (RBAC), Attribute-Based Access Control (ABAC), and emerging Zero Trust principles. We analyze their effectiveness in mitigating unauthorized access, privilege escalation, and insider threats. Additionally, a novel hybrid model integrating RBAC and ABAC is proposed to enhance security and flexibility while ensuring compliance with regulatory frameworks. The study also highlights the role of federated identity management and blockchain-based access control mechanisms in strengthening authentication and authorization in hybrid cloud environments. The results indicate that adaptive access control strategies can significantly enhance security without compromising performance. Future research should focus on AI-driven access control mechanisms and self-learning security models to further improve dynamic access control in hybrid cloud settings.