Delegation of Access Rights

This chapter presents a discussion of the critical issue of transferring access rights from one entity to another in an IoT context. The process of transferring such access rights is commonly known as delegation. It is a significant component of an access control system. There have been considerable works in the area of the delegation but much of it assumes a centralized, well-resourced, system and these solutions have limited applicability in the context of the IoT. Where delegation models for the IoT have been proposed they typically provide only coarse-grained control over the delegation of rights. Moreover, many of them require a centralized trusted authority, which can suffer from being a single point of failure. We demonstrate that the IoT requires a secure, flexible, and fine-grained delegation model.