A Zero-Trust Security Framework for Granular Insight on Blind Spot and Comprehensive Device Protection in the Enterprise of Internet of Things (E-IOT) [post]

Anil G
2021 unpublished
The adoption of the Internet-of-Things (IoT) is swiftly rising in almost every aspect of human life, and its operational hardware is generating massive data. Also, cloud computing is an inherent operational technology of IoT for handling massive data because it has sufficient capabilities to store, process, and access control to the data. This brings several benefits, such as organizations increasingly depend on IoT to develop a smart approach to improve operational efficiency, automate complex
more » ... tasks and provide quality-aware experience to their customer and end-user. As the number of interlinked devices increases, cybercriminals continue to look for blind spots and vulnerable devices in the network. Therefore, this paper attempts to introduce a zero-trust security framework to bring granular insight into the network and design effective intrusion identification methods to provide comprehensive and sustainable protection against dynamic attacks. The proposed framework comprises two implementation design aspects. Firstly, network modeling is carried out for complete visibility based on the number of connected devices and their behavior with other network devices. In this phase, the entire network is segmented into regions based on the IoT device's location to minimize the attack surface. Also, a lightweight cryptography-based secure data transmission mechanism is carried out for reliable communication. Secondly, an efficient machine learning-based intrusion identification system is developed to perform real-time monitoring and attack detection. The simulation outcome indicates the effectiveness of the proposed system for secure communication, data transmission, and attack detection. The comparative analysis demonstrated that the proposed zero-trust security system achieves an average of 35% resource efficiency and a 99 % accuracy rate in attack detection.
doi:10.21203/rs.3.rs-476252/v1 fatcat:rz6c7uljsvgjnm5b2ixixxpa2u