ITU-T Recommendations

There are many substantial challenges for Internet of things (IoT) platforms in decentralized environments to making trust among IoT entities (such as IoT devices, IoT services, IoT gateways) when they interact with each other. The traditional access control solutions of IoT platforms (such as perimeter control, password authentication, virtual private network) cannot fully cope with those challenges, especially when IoT entities are deployed in decentralized environments.
Zero trust (ZT) is a type of cybersecurity principle that provides a collection of concepts and ideas designed to minimize uncertainty in enforcing accurate, least privilege per-request access decisions in information systems and services in the face of a network viewed as compromised (bNIST SP 800207). In ZT-based access control solutions, it is no longer required to determine access rights by location and security domain for IoT entities to discover and access other IoT entities in the same or different IoT platforms. It is required to be determined for any requests to discover and access any IoT entities in IoT platforms. Therefore, ZT-based access control solutions are suitable for IoT platforms in decentralized environments.
Recommendation ITU-T Y.4814 introduces an access control service of an IoT platform in decentralized environments as enabled by ZT, and specifies its technical characteristics, functional requirements and architecture.