Research On Access Control Technology For Industrial Internet Of Things Based On Zero Trust

With the continuous development of computer technology and communication technology,the Internet of Things(Io T)is playing an increasingly important role in the production and operation of various industries,especially in the field of intelligent manufacturing.Industrial Io T has become a major driving force for the current industrial revolution.By combining sensors,smart devices,and Internet technology,industrial Io T realizes the digitization and intelligence of industrial production,promotes the modernization process of industry,and brings broader prospects for future industrial development.Industrial Io T carries out important tasks such as real-time monitoring,remote control,production scheduling,and collaboration.Compared with other Io T scenarios,it has higher requirements for the security of data and control instructions access.Data leakage or malicious instruction execution will cause serious consequences.Therefore,ensuring the access control of industrial Io T is currently a research hotspot.Traditional network security models adopt boundary security strategies,which set up security devices at the system network boundary to defend against external attacks.However,this model lacks continuous legitimacy verification,making internal network entities vulnerable to internal threat attacks.At the same time,traditional access control models are usually predefined and cannot flexibly control the access permissions of different users,devices,and data,making it difficult to adapt to the constantly changing access control requirements of industrial Io T."Zero Trust" is the next-generation security architecture concept,which requires continuous authentication and authorization to access network resources,and performs fine-grained access control on access permissions based on trust evaluation.To solve the internal security issues of industrial Io T and achieve continuous protection of data and instructions,this paper proposes an access control scheme based on the concept of zero trust.In view of the current situation that the existing framework pays less attention to human factors,this paper incorporates human factors into the trust evaluation consideration index,and combines environmental risk factors to evaluate the trust of access subjects through the sliding window method and the time decay factor mechanism.Then,a dynamic access control model based on trust attributes is implemented,and the access control model is evaluated using the method of security entropy.The specific work and innovations of this paper are as follows: 1.This paper focuses on incorporating human risk factors into the consideration index of trust evaluation to compensate for the shortcomings of the existing zero trust framework that pays less attention to human factors.The work of this paper focuses on human emotions and access behaviors,and selects a risk quantification model that implements facial expression recognition and abnormal traffic detection through comparative experiments.2.This paper proposes a direct trust evaluation method based on the combination of static attribute positive trust and dynamic risk attribute negative trust.Based on historical evaluation data,time decay factors and sliding window mechanisms are introduced to correct the direct trust results,realizing better trust measurement.3.This paper proposes a zero trust access control model based on trust attributes,and describes policies using the XACML language to achieve dynamic and fine-grained access control.In addition,the concept of security entropy is introduced in this work to evaluate the access control effect of the access control model.