A Community-Driven Access Control Approach in Distributed IoT Environments

Abstract

The distributed Internet of Things is emerging in the literature as a new paradigm for IoT where remotely controlled smart objects can act on their own to sense/actuate, store, and interpret information either created by them or within the surrounding environment. This paradigm calls for novel security and access control mechanisms to enable smart objects with various resource limitations to evaluate a claimed access right from external entities without relying on central authorization systems. This article proposes utilizing a community-based structure to define the notion of access rights in a distributed IoT environment. With this structure, within a given community of smart objects sharing a common mission, access rights are to be evaluated based on the community norms by smart objects with sufficient resources on behalf of those with resource limitations. A novel, community-driven, access control framework is proposed in addition to a prototype to demonstrate access control granting in a user-friendly manner.