IoT Access Control Issues: A Capability Based Approach

Abstract

Resource and information protection plays a relevant role in distributed systems. Most of the currently proposed authorization frameworks do not provide scalable, manageable, effective, and efficient mechanisms to support distributed systems with many interacting services. The advent of IoT will further increase the need for scalable and manageable solutions able to face the potentially unbound number of sensors, actuators and related resources, services and subjects. This is even more relevant if we take into account that IoT environments can envisage not only a greater number of resources to manage, but also a substantial increase of the interaction dynamics. This paper presents a capability based access control system that enterprises, or even individuals, can use to manage their own access control processes to services and information. The proposed mechanism supports rights delegation and a more sophisticated access control customization. The proposed approach is being developed within the European FP7 IoT@Work project to manage access control for some of the project's services deployed in the shop floor.