ZT-Access: A combining zero trust access control with attribute-based encryption scheme against compromised devices in power IoT environments

Abstract

With the rapid development of information technologies in the power industry, a large number of power devices are connected to the Internet, and thus expand the exposure. Attackers could control some devices with weak security capabilities as compromised devices to penetrate the power Internet of Things (IoT). Traditional access control schemes assume that internal devices are trusted in power IoT environments, thus giving the chance of compromised devices to steal sensitive data. In this paper, we propose a combining zero trust access control and attribute-based encryption scheme against compromised devices in Power IoT environments. In order to protect the privacy information, we hide part of the access policy to ensure that the data owner verifies the attribute set of access entities without knowing the complete access policy structure. Meanwhile, we continuously monitor the network behavior of the access entities, and calculate their trust value in real-time, which can avoid access entities with unauthorised attribute sets and abnormal network behavior to gain access permissions. The security analysis shows that our scheme is resistant to malicious access entities including dishonest users and compromised devices. The simulation results show that our scheme can reduce the time cost and increase the interception rate of malicious access entities.