To address the scalability bottleneck of traditional Attribute-Based Access Control (ABAC)-based Privileged Access Management (PAM) in multi-cloud big data platforms—stemming from its O(n³) computational complexity—this paper proposes a novel access control framework grounded in hypergraph semantics. The method innovatively integrates the NIST Next-Generation Access Control (NGAC) model with labeled hyperedge hypergraphs to construct a formal three-dimensional privilege analysis model, characterizing privileges along the dimensions of attack surface, temporal window, and identity. This design reduces analytical complexity to sublinear time. Experimental evaluation across user scales of 200–4,000 demonstrates sub-second privilege detection, achieving a 10× speedup over ABAC and a 4× improvement over NGAC-DAG. The framework significantly enhances detection accuracy for privilege escalation and improves identification of lateral movement paths in complex multi-cloud environments.

The rapid adoption of multi-cloud environments has amplified risks associated with privileged access mismanagement. Traditional Privileged Access Management (PAM) solutions based on Attribute-Based Access Control (ABAC) exhibit cubic O(n^3) complexity, rendering real-time privilege analysis intractable at enterprise scale. We present a novel PAM framework integrating NIST's Next Generation Access Control (NGAC) with hypergraph semantics to address this scalability crisis. Our approach leverages hypergraphs with labeled hyperedges to model complex, multi-dimensional privilege relationships, achieving sub-linear O(sqrt n) traversal complexity and O(nlogn) detection time-rigorously proven through formal complexity analysis. We introduce a 3-Dimensional Privilege Analysis framework encompassing Attack Surface, Attack Window, and Attack Identity to systematically identify privilege vulnerabilities. Experimental validation on AWS-based systems with 200-4000 users demonstrates 10x improvement over ABAC and 4x improvement over standard NGAC-DAG, enabling sub-second privilege detection at scale. Real-world use cases validate detection of privilege escalation chains, over-privileged users, and lateral movement pathways in multi-cloud infrastructures.