As we move towards the Internet of Things (IoT), the number of sensors deployed around the world is growing at a rapid pace. There is a huge scope for more streamlined living through an increase of smart services but this coincides with an increase in security and privacy concerns, therefore access control has been an important factor in the development of IoT. This work proposes an authorization access model called SmartOr-BAC built around a set of security and performance requirements. This model enhances the existing OrBAC (Organization-based Access Control) model and adapts it to IoT environments. SmartOrBAC separates the problem into different functional layers and then distributes processing costs between constrained devices and less constrained ones and at the same time addresses the collaborative aspect with a specific solution. We also apply SmartOrBAC to a real example of IoT and demonstrate that even though our model is extensive, it does not add additional complexity regarding traditional access control model.
展开▼