Abstract
In recent years, the Internet of Things (IoT) for electricity has faced a series of new challenges. Attackers use a compromised terminal as a springboard to enter the network, steal data, issue malicious commands, and cause great harm. In order to combat the threat of compromised terminals, this article proposes a zero-trust based detection scheme for illegal terminals, based on the principle of "never trust, always verify" security mechanism. Firstly, the detection scheme uses the state secret SM9 secret system to authenticate the access device. Then, it proposes a continuous trust evaluation based on the centroid drift trust algorithm on the characteristics of the traffic of the input device. Finally, it generates a real-time access policy by the access control engine to achieve a dynamic access policy. Finally, the access control engine generates real-time access policies to achieve dynamic access control. Experimental results show that the designed system has a high security detection accuracy and can effectively deal with the threat of compromised terminals.