{"id":"https://openalex.org/W7134941678","doi":"https://doi.org/10.48550/arxiv.2603.09025","title":"Lockbox -- A Zero Trust Architecture for Secure Processing of Sensitive Cloud Workloads","display_name":"Lockbox -- A Zero Trust Architecture for Secure Processing of Sensitive Cloud Workloads","publication_year":2026,"publication_date":"2026-03-09","ids":{"openalex":"https://openalex.org/W7134941678","doi":"https://doi.org/10.48550/arxiv.2603.09025"},"language":null,"primary_location":{"id":"doi:10.48550/arxiv.2603.09025","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.09025","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"type":"preprint","indexed_in":["datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://doi.org/10.48550/arxiv.2603.09025","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5039100464","display_name":"Vamshi Krishna Thotempudi","orcid":null},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Thotempudi, Vamshi Krishna","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5128723217","display_name":"Mahima Agarwal","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Agarwal, Mahima","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"middle","author":{"id":"https://openalex.org/A5055032130","display_name":"Raghav Batta","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Batta, Raghav","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5128768892","display_name":"Anjali Mangal","orcid":null},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Mangal, Anjali","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":4,"corresponding_author_ids":["https://openalex.org/A5039100464"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":false,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.4887999892234802,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11614","display_name":"Cloud Data Security Solutions","score":0.4887999892234802,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11424","display_name":"Security and Verification in Computing","score":0.2809999883174896,"subfield":{"id":"https://openalex.org/subfields/1702","display_name":"Artificial Intelligence"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T10927","display_name":"Access Control and Trust","score":0.04899999871850014,"subfield":{"id":"https://openalex.org/subfields/3312","display_name":"Sociology and Political Science"},"field":{"id":"https://openalex.org/fields/33","display_name":"Social Sciences"},"domain":{"id":"https://openalex.org/domains/2","display_name":"Social Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/credential","display_name":"Credential","score":0.805899977684021},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.6800000071525574},{"id":"https://openalex.org/keywords/access-control","display_name":"Access control","score":0.5027999877929688},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.4569000005722046},{"id":"https://openalex.org/keywords/key","display_name":"Key (lock)","score":0.4318999946117401},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.42739999294281006},{"id":"https://openalex.org/keywords/encryption","display_name":"Encryption","score":0.414900004863739},{"id":"https://openalex.org/keywords/process","display_name":"Process (computing)","score":0.3986999988555908},{"id":"https://openalex.org/keywords/enterprise-information-security-architecture","display_name":"Enterprise information security architecture","score":0.3869999945163727}],"concepts":[{"id":"https://openalex.org/C2777810591","wikidata":"https://www.wikidata.org/wiki/Q16861606","display_name":"Credential","level":2,"score":0.805899977684021},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7754999995231628},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7139000296592712},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.6800000071525574},{"id":"https://openalex.org/C527821871","wikidata":"https://www.wikidata.org/wiki/Q228502","display_name":"Access control","level":2,"score":0.5027999877929688},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.4569000005722046},{"id":"https://openalex.org/C26517878","wikidata":"https://www.wikidata.org/wiki/Q228039","display_name":"Key (lock)","level":2,"score":0.4318999946117401},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.42739999294281006},{"id":"https://openalex.org/C148730421","wikidata":"https://www.wikidata.org/wiki/Q141090","display_name":"Encryption","level":2,"score":0.414900004863739},{"id":"https://openalex.org/C98045186","wikidata":"https://www.wikidata.org/wiki/Q205663","display_name":"Process (computing)","level":2,"score":0.3986999988555908},{"id":"https://openalex.org/C31139447","wikidata":"https://www.wikidata.org/wiki/Q5380386","display_name":"Enterprise information security architecture","level":2,"score":0.3869999945163727},{"id":"https://openalex.org/C2780513914","wikidata":"https://www.wikidata.org/wiki/Q18210350","display_name":"Bottleneck","level":2,"score":0.3637999892234802},{"id":"https://openalex.org/C2779777834","wikidata":"https://www.wikidata.org/wiki/Q4202277","display_name":"Enforcement","level":2,"score":0.36079999804496765},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.35989999771118164},{"id":"https://openalex.org/C123657996","wikidata":"https://www.wikidata.org/wiki/Q12271","display_name":"Architecture","level":2,"score":0.34790000319480896},{"id":"https://openalex.org/C33762810","wikidata":"https://www.wikidata.org/wiki/Q461671","display_name":"Data integrity","level":2,"score":0.3301999866962433},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.3292999863624573},{"id":"https://openalex.org/C2777407602","wikidata":"https://www.wikidata.org/wiki/Q1888932","display_name":"Mandatory access control","level":4,"score":0.2946000099182129},{"id":"https://openalex.org/C109297577","wikidata":"https://www.wikidata.org/wiki/Q161157","display_name":"Password","level":2,"score":0.29350000619888306},{"id":"https://openalex.org/C2776831232","wikidata":"https://www.wikidata.org/wiki/Q966812","display_name":"Trusted Computing","level":2,"score":0.2896000146865845},{"id":"https://openalex.org/C203062551","wikidata":"https://www.wikidata.org/wiki/Q201339","display_name":"Public-key cryptography","level":3,"score":0.28130000829696655},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.2766999900341034},{"id":"https://openalex.org/C47487241","wikidata":"https://www.wikidata.org/wiki/Q5227230","display_name":"Data access","level":2,"score":0.27649998664855957},{"id":"https://openalex.org/C138827492","wikidata":"https://www.wikidata.org/wiki/Q6661985","display_name":"Data processing","level":2,"score":0.2759000062942505},{"id":"https://openalex.org/C178489894","wikidata":"https://www.wikidata.org/wiki/Q8789","display_name":"Cryptography","level":2,"score":0.2606000006198883},{"id":"https://openalex.org/C172191483","wikidata":"https://www.wikidata.org/wiki/Q1071806","display_name":"Provisioning","level":2,"score":0.25920000672340393},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.2563000023365021}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.48550/arxiv.2603.09025","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.09025","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"doi:10.48550/arxiv.2603.09025","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2603.09025","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":null,"is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"article"},"sustainable_development_goals":[{"score":0.43937912583351135,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"Enterprises":[0],"increasingly":[1],"rely":[2],"on":[3],"cloud-based":[4,150],"applications":[5,55],"to":[6,120,163,185],"process":[7],"highly":[8,174],"sensitive":[9,87,156,175],"data":[10,59,151],"artifacts.":[11],"Although":[12],"cloud":[13,88,130],"adoption":[14],"improves":[15],"agility":[16],"and":[17,38,47,60,68,94,106,117,123,143,146,160,178],"scalability,":[18],"it":[19],"also":[20],"introduces":[21],"new":[22],"security":[23,93,131,196],"challenges":[24,39,50],"such":[25],"as":[26],"expanded":[27],"attack":[28,34],"surfaces,":[29],"a":[30,78],"wider":[31],"radius":[32],"of":[33,86,170],"from":[35,114],"credential":[36],"compromise,":[37],"maintaining":[40],"strict":[41,91],"access":[42,135],"controls":[43],"across":[44],"users,":[45],"services,":[46,153],"workflows.":[48],"These":[49],"are":[51,72],"especially":[52],"acute":[53],"for":[54,83],"that":[56,155],"handle":[57],"privileged":[58],"execute":[61],"security-critical":[62],"analysis,":[63],"where":[64],"traditional":[65],"trust":[66,100],"boundaries":[67],"ad":[69],"hoc":[70],"safeguards":[71],"insufficient.":[73],"This":[74],"paper":[75],"presents":[76],"Lockbox;":[77],"Zero":[79],"Trust":[80],"architecture":[81,182],"designed":[82],"secure":[84],"processing":[85,152,173],"workloads":[89],"under":[90],"enterprise":[92],"governance":[95],"requirements.":[96],"Lockbox":[97,171],"applies":[98],"explicit":[99],"verification,":[101],"strong":[102],"isolation,":[103],"least-privilege":[104],"access,":[105],"policy-driven":[107],"enforcement":[108],"throughout":[109],"the":[110,168],"entire":[111],"application":[112],"lifecycle,":[113],"user":[115],"authentication":[116],"document":[118],"ingestion":[119],"analysis":[121],"execution":[122],"result":[124],"storage.":[125],"The":[126],"system":[127],"incorporates":[128],"modern":[129],"primitives":[132],"including;":[133],"role-based":[134],"control,":[136],"centralized":[137],"key":[138],"management,":[139],"encryption":[140],"in":[141,172],"transit":[142],"at":[144],"rest,":[145],"controlled":[147],"integration":[148],"with":[149],"ensuring":[154],"artifacts":[157],"remain":[158],"protected":[159],"accessible":[161],"only":[162],"authorized":[164],"users.":[165],"We":[166],"discuss":[167],"usage":[169],"cybersecurity":[176],"reports":[177],"demonstrate":[179],"how":[180],"this":[181],"enables":[183],"organizations":[184],"safely":[186],"adopt":[187],"advanced":[188],"capabilities,":[189],"including":[190],"AI-assisted":[191],"processing,":[192],"without":[193],"weakening":[194],"their":[195],"posture.":[197]},"counts_by_year":[],"updated_date":"2026-03-12T06:18:43.230356","created_date":"2026-03-12T00:00:00"}