Defining system roles
IoT systems can oftentimes require complex access control frameworks. Consider the types of devices and types of users who will operate within your system and define a set of roles that will be granted access to various aspects of IoT system administration and operation. In the following example, roles are defined and include multiple roles for devices (such as, privileged versus regular gateway) and users:
Role | Definition |
Gateway | Allows communications with IoT devices and other authorized services. |
Privileged Gateway | Allows standard gateway functions in addition to being able to manage devices (create/delete/update). |
Device | Devices that can perform routine operations. They can participate in /publish/subscribe protocol interactions. |
Privileged Device | Devices that require elevated privileges (for example, a first-responder vehicle moving through an intersection). |
Management Application | Allows for management of IoT devices including firmware updates and configuration management... |