Zero Trust Access Control with Context-Aware and Behavior-Based Continuous Authentication for Smart Homes
Generally, approaches to build the security of Smart Home Systems (SHS) require big amount of data to implement Access Control and Intrusion Detection Systems, with storage in cloud, for instance, being a vulnerability to inhabitants privacy. Besides, most works rely on cloud computing or resources in the cloud to perform security tasks, what can be exploited by attackers. This work presents the ZASH (Zero-Aware Smart Home System), an Access Control for SHS. ZASH uses Continuous Authentication with Zero Trust, supported by real-time context and activity information, enabled by Edge Computing and Markov Chain, to prevent and mitigate impersonation attacks that aim to invade inhabitants privacy. An experimental evaluation demonstrated the system capability to dynamically adapt to new inhabitants behaviors withal blocking impersonation attacks.