Zero Trust Architecture for Secure IoT-Enabled Medical Device Networks
摘要
The rapid adoption of the Internet of Things (IoT) in healthcare has led to significant advancements in patient monitoring and medical data acquisition. However, the integration of resource-constrained medical devices into critical healthcare infrastructure has also exposed these systems to new security vulnerabilities. Traditional perimeter-based security models are insufficient to safeguard the confidentiality, integrity, and availability of sensitive medical data in such distributed environments. This paper presents a practical implementation of a Zero Trust Architecture (ZTA) tailored for IoT-enabled medical device networks to address these challenges. Leveraging OpenZiti as the core enabler of ZTA principles, the proposed system enforces strict identity-based access control, mutual TLS (mTLS) for secure communication, and robust data encryption using AES-256. The experimental setup includes a Raspberry Pi 5-based IoT gateway integrated with medical sensors such as the MAX30100 pulse oximeter, MPS20N0040D pressure sensor, and MCP3008 analog-to-digital converter. Role-Based and Identity-Based Access Control (RBAC and IBAC) mechanisms are applied to restrict access based on device identities and user roles. Sensor data is securely transmitted to the ThinkSpeak cloud platform for real-time monitoring and visualization. The proposed approach demonstrates a scalable, secure, and practical solution for protecting medical IoT networks against modern cyber threats, paving the way for secure healthcare IoT deployments.