A Model for Signatories in Cyber-Physical Systems

Distributed Internet of Things and cyber-physical systems can potentially be used as agents to automatically sign events and transactions on behalf of users. To accomplish this, there is a need for a model that can represent the relationships, credentials and organizational hierarchies of people and devices, facilitating agents acting as signatories in a controlled way. This paper proposes such a model, where people in different positions are entitled to sign on behalf of organizations or departments therein and extend that to representing machines. Central in this model is the Power of Attorney (PoA), which is a self-contained and signed digital document that for a limited time and in a defined context, authorizes a particular agent (whether a person or device) to sign on behalf of a principal. Although such self-contained PoAs can be stored anywhere, we propose a conceptual architecture based on PoAs and include a signatory registry that keeps track of organizational hierarchies in terms of people and devices according to the defined model and stored PoAs in that context.