SMAC: Scalable Access Control in IoT

Abstract

We describe a messaging service called Simple Messaging and Access Control (SMAC), which has inbuilt access control features. SMAC extends previous works on capability-based-messaging and applies access policies at the communication layer, thereby eliminating the need for any additional access control at the endpoints. Furthermore, policy administration (revocation, delegation, etc) can be done in a decentralized manner by third parties. Additionally, SMAC prevents unauthorized communication, saving overall bandwidth. Finally, in SMAC, public keys can map to communication channels without any prior setup. This can assist in device discovery and system bootstrap. All these features make SMAC suitable for deploying large-scale IoT systems.