Access control in IoT: From requirements to a candidate vision

This paper investigates the main requirements for achieving Access Control (AC) in IoT as induced from literature. A novel AC architecture is then proposed as a candidate approach for AC in IoT taking into account the addressed requirements. That is, AC is proposed to be administered at the level of IoT communities sharing common attributes, i.e. mission, location, resource capability, or device owner, etc. Thus, AC is enforced via resource-capable devices, referred to as gatekeepers, on behalf of other resource-limited nodes in a given IoT community.