Dynamic Access Control Model For Smart Home Based On Zero Trust Architecture

With the gradual expansion of the scale of smart home,the network attacks on smart home gradually tend to be diversified and complicated。Problems such as outdated security protection architecture,incomplete authorization strategy and incomplete dynamic access control are revealed in smart home scenarios.Since smart home devices are closely related to users’ daily life,attacks on smart home devices will have a great impact on users’ daily life and even threaten their life and property security.Therefore,there is an urgent need for a complete access control method suitable for smart home scenarios to improve the security of smart home systems.In view of the shortcomings of access control technology in the current smart home scenario,this dissertation proposes a smart home dynamic access control model based on zero trust security protection architecture to realize three stages of dynamic access control:real-time trust evaluation,fine-grained distribution of permissions,and dynamic adjustment of traffic monitoring frequency.The main contents are as follows:Firstly,this dissertation proposes a dynamic access control approach based on minimal authorization and trust evaluation.Divide device permissions in a fine-grained manner based on the principle of minimum permissions.In view of the attack mode threatening the smart home,the corresponding trust evaluation index is selected,and the danger value of the equipment is calculated by Earth Mover’s Distance.Finally,adjust the access permissions of the device based on the danger value of the device to minimize authorization and implement dynamic access control.Secondly,an elastic trust evaluation method based on context and fuzzy theory is proposed.Establish trust evaluation index system for relative trust evaluation.According to the difference of the importance of the evaluation index,the weight of the evaluation index is determined by using the analytic hierarchy process,and the weight vector meeting the requirement of consistency is obtained.Based on fuzzy theory,the relative trust degree of the equipment is obtained by fuzzy synthesis.Finally,according to the relative trust degree of the equipment,the flow monitoring frequency is adjusted in time to realize the dynamic and real-time control of the equipment flow monitoring frequency.Experimental results show that the proposed method provides fewer permissions for suspicious devices than the comparison model.When the device is attacked,the model can adjust the number of permissions obtained by the device in real time,and adjust its traffic monitoring frequency according to the change of the device state.Therefore,the work of this dissertation has guiding significance and practical value to improve the security of smart home system.