Zero-Trust Access Control for IoT in Critical Infrastructure Environments
Abstract
Static permissions in conventional access control systems for the Internet of Things (IoT) are often persistent even after a device has registered in a deployment. Therefore, a compromised device may retain long-lived privileges through a cloned identity, and this increases the likelihood of unauthorized activity and lateral movement in the context of critical infrastructure environments. This paper presents a user-centred access control model that combines zero-trust principles and short-lived capability tokens. Devices are not trusted by default; each service request explicitly carries verifiable authorization. The policy engine issues tokens that bind device identity, target service, permitted operation, validity window, and contextual constraints. Gateways and services validate tokens for each request and deny requests that are expired or out of scope. As a result, misuse is limited without requiring continuous connectivity to the policy engine. The proposed model is also protocol agnostic, and it transports tokens via application-layer message exchanges across heterogeneous IoT stacks. A simulation-based evaluation using a heterogeneous IoT model assesses credential cloning, unauthorized invocation, and compromised-node scenarios. At high compromise levels, unauthorized request success drops from 74% in the baseline to 6% under the proposed model. The operational cost remains moderate, with a mean end-to-end latency increase of about 20% and total communication overhead between 21.25% and 30.75% across the tested token lifetimes. Overhead is split into token carriage and issuance; issuance cost falls as token lifetime grows. The results show reduced unauthorized requests with bounded per-request verification cost and moderate overhead.
Keywords: Zero Trust, Access Control, Internet Of Things (iot), Authorization, Critical Infrastructure, Iot Security
DOI: 10.54941/ahfe1007786
Cite this paper
More from this volume
- Operationalizing Shipbuilding 4.0 Technologies for Material Management Sustainability
- Measurement and quantification of quality characteristics in quality-in-use
- Shaping Future Work Systems: A Framework for the Integration of Humanoid Robots
- Effects of Artificial Intelligence Decision Support Systems on Operator Trust and Workload
- Integrating Human-factors into Enterprise Architecture Leveraging Ontologies and Metamodels
- Quantum-safety enabling cybersecurity reference infrastructure model for edge and access services
- Artificial Intelligence in Industrial Production: A Survey of concepts, technologies & Practical Application in an Intelligent Production Environment
- Enhancing Design Flexibility in Electric Vehicles via Robotic extrusion-based Additive Manufacturing
- Employment initiatives for an ageing workforce: a case study
- Transformation from manual arc welding to collaborative robot welding: Comparison of ergonomic and process-related influencing factors and effects
- Human-Centered Decision Support for Data Analytics in Production Systems
- Designing Error-Resilient Human-in-the-Loop Interfaces for Battery Passport Compliance


AHFE Open Access