The management of smart devices in IoT environments can benefit from the flexibility offered by delegation-based authorization. Dynamic delegation improves the system making the process more efficient and autonomous. Privacy preservation in that kind of scenario has, however, serious problems. This paper proposes an architecture based on delegation-based authorization to dynamic D2D delegation. A proof of concept demonstrates how a smart device can delegate its permissions to another smart device with the same abilities when it is required. Moreover, the architecture focus on preserving the user’s privacy by requesting his consent when delegation involves access to personal data. Different levels of data sensitivity are considered and it works as a boundary to the system to recognize when consent is required and different levels of care should be taken into account depending on the data level sensitivity. Finally, a receipt is generated as proof of the consent providing the user’s control over his data and transparency about the delegation process. © 2022 IEEE.
Add the full text or supplementary notes for the publication here using Markdown formatting.