Enabling Trustworthy Smart Energy Solutions with a Consumer Facing Zero Trust Framework

Project overview

In today's landscape, consumer Internet-of-Things (IoT) ecosystems within sustainable smart buildings and communities are marked by intricate and widespread use of IoT devices, necessitating robust cybersecurity measures. This project will bridge these gaps by introducing a framework which offers a holistic approach to security while aligning with contextual consumer priorities such as convenience, safety, privacy and functionality. This framework is called consumer zero trust (CZT) and is based on a state-of-the-art (SoTA) security framework used by enterprises called zero trust (ZT).

Key project details

Principal investigator	Atefeh (Atty) Mashatan, Canada Research Chair (Tier II) in Quality of Security Framework for the Internet of Things, Toronto Metropolitan University
Co-principal investigators	Reyhaneh (Rei) Safavi-Naeini, professor, Computer Science, University of Calgary; Ali Miri, professor, Computer Science, Toronto Metropolitan University.
Research collaborators	Alan Fung, professor, Mechanical, Industrial, and Mechatronics Engineering, Toronto Metropolitan University
Non-academic collaborators	Cisco Canada
Research Keywords	Internet of Things, information security, usability, privacy, zero trust, smart buildings, smart communities, smart cities, cryptography, access control
Budget	Cash: $235,000 In-Kind: $120,000

Research focus

A detailed 3D model visualization of an urban area with various layers indicating different aspects of the built environment. The image shows a software interface with main layers and services listed on the left side, including options for 'Built Environment', 'Transport', 'Energy', 'Waste' and 'Ecosystem'.

Bridging the security gap

This project aims to address the disparity between the enterprise Zero Trust (ZT) security framework and the distinct needs of consumer-centric IoT environments. This involves developing a Consumer Zero Trust (CZT) framework that is adaptable to the unique challenges of energy management within smart homes, buildings, communities, and cities.

A detailed 3D model visualization of an urban area with various layers indicating different aspects of the built environment. It features a services menu with options such as 'Building Info', 'Energy Demand' and 'Network Solution'.

Addressing consumer IoT challenges

This project identifies and seeks to overcome several challenges inherent to consumer IoT, such as end-user interaction with ZT security controls, the distribution of security responsibilities among end-users, data overload, vendor roles, usability, privacy, user data risk, safety, device end-of-life management, and unsupported devices.

Adapting zero trust for consumer IoT

The goal is to adapt the Zero Trust framework for consumer IoT to ensure it is user-friendly, accommodates multi-user interactions, and addresses key issues such as privacy, security, safety, and functionality.

Developing a comprehensive security framework

This project seeks to develop a comprehensive and adaptable security framework tailored specifically for consumer IoT, ensuring resilience, privacy, and functionality. This includes defining and quantifying system requirements, both technical and functional.

Engaging with experts and end-users

Proposing and validating the CZT framework's definition and requirements through engagement with industry and academia experts, and comparing these to the needs of real consumer IoT end-users through user studies and surveys.

Performing gap analysis

Conducting a gap analysis of both enterprise and consumer-focused literature to find solutions that bridge the identified gaps, ensuring the CZT framework is comprehensive and effective.

Volt-Age