Design and implementation of a secure and flexible access-right delegation for resource constrained environments

With the emergence of the Internet of Things (IoT)technology, devices are becoming more ubiquitous and openly accessible to the users. Commonly, IoT devices are constrained in nature (e.g. in memory, computational and battery capacity)and supposed to perform in constrained environment (e.g. restricted communication bandwidth). In these constrained environments, access control is a major challenge. Among other concerns, delegation of access right is crucial for securing flexible access to resources. Previous approaches to delegation in the context of the IoT are mostly static in nature and do not consider the distributed essence of IoT systems. Moreover, they consider a highly resourceful environment for delegation. In this paper, we present a novel capability-based access right delegation framework designed specifically for IoT systems. Our design, in particular, relies on light weight symmetric-key cryptography. We provide a detailed system description and compare the performance of the proposed framework with both centralized and decentralized implementations. Our results indicate that our design efficiently provides a fine-grained, dynamic and secure access right delegation for IoT devices in constrained environments.