Keywords:-
Article Content:-
Abstract
The rapid expansion of Internet of Things (IoT) environments has introduced significant security challenges, particularly in ensuring that access control decisions are both secure and user-friendly. Traditional security models often rely on implicit trust within the network, which exposes systems to unauthorized access and potential breaches. This study presents the development of a Zero Trust usability model, integrating a usability engine and interactive dashboard to enhance decision-making for user and device access in IoT systems. The model collects and processes real-time telemetry data from users and devices, including authentication attempts, response latency, interaction counts, device health, firmware status, and anomaly indexes. These metrics are transformed into usability scores, which are then evaluated by a trained feedforward neural network to classify users and devices as trusted or requiring additional verification. The usability engine continuously computes these scores, while the dashboard provides administrators with intuitive visualizations for monitoring and policy enforcement. The Object-Oriented Analysis and Design Method (OOADM) was applied in this study. Python was used for the programming of model. Evaluation of the system demonstrated high performance, with training accuracy reaching 0.95, test accuracy 0.96, and minimal standard deviation across precision, recall, and loss metrics, confirming reliability and robustness. The User Satisfaction Score (USS) averaged 4.6/5, reflecting positive user perception of interface design, clarity, and real-time responsiveness. Operational testing indicated an average response time of 2.95 seconds, demonstrating efficiency under diverse workloads. The findings confirm that the integration of usability metrics into the Zero Trust framework provides a dynamic, data-driven approach to access control, enhancing both security and user experience. This model offers a practical and scalable solution for IoT environments, ensuring that the principle of “never trust, always verify” is consistently applied in real-time access management.
References:-
References
Ali, M., & Khan, R. (2022). Enhancing IoT Device Authentication Using Federated Learning. Journal of Network and Computer Applications, 210, 103472. https://doi.org/10.1016/j.jnca.2022.103472
Furnell, S., & Shah, J. (2019). Securing the Internet of Things: The Need for a User-Centred Perspective. Computer Fraud & Security, 2019(7), 8–13.
https://doi.org/10.1016/S1361-3723(19)30073-4
Furnell, S., & Shah, J. N. (2019). Securing the Internet of Things: The need for a user-centred perspective. Computers & Security, 87, 101601. https://doi.org/10.1016/j.cose.2019.101601
Jabar, A., & Singh, R. (2024). Usability-aware zero trust security framework for Internet of Things environments. Journal of Cybersecurity Research, 12(2), 45–58.
https://doi.org/10.1109/JCR.2024.012345
Jabar, M., & Singh, R. (2024). Usability-Aware Zero Trust Security Framework for IoT Environments. International Journal of Information Security Science, 13(2), 45–57.
Mehta, P., & Das, A. (2023). A Human-Centric Security Model for IoT Ecosystems. Computers & Security, 128, 103109.
https://doi.org/10.1016/j.cose.2023.103109
Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology.
https://doi.org/10.6028/NIST.SP.800-207
Rose, S., Borchert, O., Mitchell, S., & Connelly, S. (2020). Zero Trust Architecture (NIST Special Publication 800-207). National Institute of Standards and Technology.
https://doi.org/10.6028/NIST.SP.800-207
Sivasankarareddy, A., Gopalakrishnan, R., & Li, X. (2021). Security challenges and solutions for Internet of Things: A comprehensive survey. IEEE Access, 9, 102766–102792.
https://doi.org/10.1109/ACCESS.2021.3098597
Sivasankarareddy, V., Gopalakrishnan, S., & Li, Y. (2021). Security Challenges and Solutions for Internet of Things: A Comprehensive Survey. IEEE Internet of Things Journal, 8(5), 3456–3471. https://doi.org/10.1109/JIOT.2020.3032146
Wang, J., & Li, K. (2022). Integrating Zero Trust and Edge Computing for Secure IoT Frameworks. Journal of Cloud Computing, 11(1), 57–70. https://doi.org/10.1186/s13677-022-00348-5
Zhou, T., Zhang, H., & Liu, X. (2023). Adaptive Access Control for IoT Devices Using Machine Learning. IEEE Access, 11, 23245–23258.