Skip to main content

Volt-Age

Enabling Trustworthy Smart Energy Solutions with a Consumer Facing Zero Trust Framework

Project overview

In today's landscape, consumer Internet-of-Things (IoT) ecosystems within sustainable smart buildings and communities are marked by intricate and widespread use of IoT devices, necessitating robust cybersecurity measures. This project will bridge these gaps by introducing a framework which offers a holistic approach to security while aligning with contextual consumer priorities such as convenience, safety, privacy and functionality. This framework is called consumer zero trust (CZT) and is based on a state-of-the-art (SoTA) security framework used by enterprises called zero trust (ZT).

Key project details

Principal investigator Atefeh (Atty) Mashatan, Canada Research Chair (Tier II) in Quality of Security Framework for the Internet of Things, Toronto Metropolitan University

Co-principal investigators

 Reyhaneh (Rei) Safavi-Naeini, professor, Computer Science, University of Calgary; Ali Miri, professor, Computer Science, Toronto Metropolitan University.

Research collaborators

 Alan Fung, professor, Mechanical, Industrial, and Mechatronics Engineering, Toronto Metropolitan University
Non-academic collaborators Cisco Canada
Research Keywords Internet of Things, information security, usability, privacy, zero trust, smart buildings, smart communities, smart cities, cryptography, access control 
Budget Cash: $235,000 In-Kind: $120,000

Publications:

M. S. Sangari, K. W. So, and A. Mashatan, “Breaking the mold: the pursuit of decentralized trade and supply chain finance,” IMDS, vol. 125, no. 1, pp. 279–305, Jan. 2025, doi: 10.1108/IMDS-03-2023-0197.

Accepted publications in national and international conferences:

A. Mashatan, “Consumer Zero Trust: Towards a Principled Adaptation of Zero Trust for Consumer Networks,” presented at the Proc. 18th International Symposium on Foundations & Practice of Security (FPS 2025), Nov. 2025. [Online]. Available: https://hub.imt-atlantique.fr/fps2025/program/

D. Vanderkooi, A. Mashatan, and O. Turetken, “Exploring Smart Speaker Disclosure and Adoption Intentions: A Privacy Adoption Calculus Perspective,” in Foundations and Practice of Security, K. Adi, S. Bourdeau, C. Durand, V. Viet Triem Tong, A. Dulipovici, Y. Kermarrec, and J. Garcia-Alfaro, Eds., in Lecture Notes in Computer Science, vol. 15532. Cham: Springer Nature Switzerland, May 2025, pp. 42–57. doi: 10.1007/978-3-031-87499-4_4.

D. McKay, M. Bush, M. Kovacevic, and A. Mashatan, “ConCERTS: An IoT Cybersecurity Research Range for Education, Experimentation, and Security Research:,” in Proceedings of the 11th International Conference on Information Systems Security and Privacy, Porto, Portugal: SCITEPRESS - Science and Technology Publications, Feb. 2025, pp. 71–82. doi: 10.5220/0013370900003899.

A. Mashatan, “Do Privacy Concerns Matter? How Privacy Perceptions and Brand Trust Drive Smartphone Continual Usage Intentions,” presented at the Proc. International Conference on Information Systems 2024 (ICIS 2024), Dec. 2024. [Online]. Available: https://aisel.aisnet.org/icis2024/security/security/10

M. M. Alani, A. Mashatan, and A. Miri, “Building Detection-Resistant Reconnaissance Attacks Based on Adversarial Explainability,” in Proceedings of the 10th ACM Cyber-Physical System Security Workshop, Singapore Singapore: ACM, July 2024, pp. 16–23. doi: 10.1145/3626205.3659150.

Book chapters:

A. Mashatan, “Bringing Security Home – The Need for a Human-Centric Approach to Securing Smart Homes,” in The Security of Self, 2025. [Online]. Available: https://press.uottawa.ca/en/9780776645605/the-security-of-self/

Atefeh (Atty) Mashatan: Ripple’s University Blockchain Research Initiative (UBRI), September 4, 2025.

Atefeh (Atty) Mashatan: TRSM Outstanding Research Recognition Award, Toronto Metropolitan University, February 1, 2025.

Atefeh (Atty) Mashatan: 2025 Collaborative Scholarly, Research and Creative (SRC) Award, Toronto Metropolitan University, January 1, 2025.

Atefeh (Atty) Mashatan: Breaking Barriers: 10 Canadian Women Entrepreneurs Reshaping Industries in 2025 Recognition , Canadian SME Small Business Magazine, January 1, 2025. 

Atefeh (Atty) Mashatan: Canada's Most Powerful Women: Top 100 Awards 2024, BMO STEM Category, Women's Executive Network (WXN), October 1, 2024.

Atefeh (Atty) Mashatan: TRSM Research Recognition Award, Toronto Metropolitan University, September 1, 2024.

Atefeh (Atty) Mashatan: TRSM Research Ambassador Medal, Toronto Metropolitan University, May 1, 2024.

Research focus

A detailed 3D model visualization of an urban area with various layers indicating different aspects of the built environment. The image shows a software interface with main layers and services listed on the left side, including options for 'Built Environment', 'Transport', 'Energy', 'Waste' and 'Ecosystem'.

Bridging the security gap

This project aims to address the disparity between the enterprise Zero Trust (ZT) security framework and the distinct needs of consumer-centric IoT environments. This involves developing a Consumer Zero Trust (CZT) framework that is adaptable to the unique challenges of energy management within smart homes, buildings, communities, and cities.

A detailed 3D model visualization of an urban area with various layers indicating different aspects of the built environment. It features a services menu with options such as 'Building Info', 'Energy Demand' and 'Network Solution'.

Addressing consumer IoT challenges

This project identifies and seeks to overcome several challenges inherent to consumer IoT, such as end-user interaction with ZT security controls, the distribution of security responsibilities among end-users, data overload, vendor roles, usability, privacy, user data risk, safety, device end-of-life management, and unsupported devices.

Adapting zero trust for consumer IoT

The goal is to adapt the Zero Trust framework for consumer IoT to ensure it is user-friendly, accommodates multi-user interactions, and addresses key issues such as privacy, security, safety, and functionality.

A detailed 3D model visualization of an urban area with various layers indicating different aspects of the built environment. It features a services menu with options such as 'Building Info', 'Energy Demand' and 'Network Solution'.

Developing a comprehensive security framework

This project seeks to develop a comprehensive and adaptable security framework tailored specifically for consumer IoT, ensuring resilience, privacy, and functionality. This includes defining and quantifying system requirements, both technical and functional.

Engaging with experts and end-users

Proposing and validating the CZT framework's definition and requirements through engagement with industry and academia experts, and comparing these to the needs of real consumer IoT end-users through user studies and surveys.

A detailed 3D model visualization of an urban area with various layers indicating different aspects of the built environment. It features a services menu with options such as 'Building Info', 'Energy Demand' and 'Network Solution'.

Performing gap analysis

Conducting a gap analysis of both enterprise and consumer-focused literature to find solutions that bridge the identified gaps, ensuring the CZT framework is comprehensive and effective.

Non-academic partners

Thank you to our non-academic partners for your support and trust.

Funding

Volt-Age is funded by a $123-million grant from the Canada First Research Excellence Fund.

Canada First Research Excellence Fund logo
Back to top

© Concordia University