Design and Implementation of the Zero Trust Model in the Power Internet of Things

Abstract

As a novel network security scheme, the zero trust model can effectively improve the traditional role-based access control model in the public network by continuous trust evaluation and dynamic authorization. As a private network for collecting the health status data of the power equipment, the terminals in the power Internet of Things (IoT) have the characteristics of fixed and controllable hardware, software, and users, and the main network security threat of the power IoT comes from the risk of terminals being damaged or forged. Therefore, based on the analysis of the key connotation of the zero trust and the security characteristics of the power IoT, this paper proposes a novel zero trust model and framework to synthetically evaluate the security status of the power IoT based on the behaviour and characteristics of the terminals. The analysis based on the stochastic Petri net and simulation results show that the proposed model can effectively address network security problems and significantly improve the level of security protection of the power IoT.