Access management poses a significant challenge within the Internet of Things (IoT) given the constrained capabilities in terms of computing, memory, storage, bandwidth and energy available for most of the low-cost devices and things embedded in the physical world. In this scenario, Edge Computing can be considered a powerful opportunity to solve authorization issues, deploying edge devices near IoT constrained things capable of performing as logical intermediaries or brokers between them and cloud resources, services or applications. This work proposes an edge-centric delegation of authorization for constrained devices (without cryptographic capabilities) based on well-known and extensively used specifications and protocols such as OAuth 2.0 and CoAP (Constrained Application Protocol). The proposed solution is based on three different roles allowing constrained devices automated enrolment, authorized access to resources deployed in the cloud and roaming. Furthermore, the proposed solution is validated and assessed using a real smart farming case study.

鉴于在物理世界中嵌入的大多数低成本设备和事物的可用计算，内存，存储，带宽和能量方面的能力有限，访问管理在物联网（IoT）中构成了重大挑战。在这种情况下，可以将边缘计算视为解决授权问题的强大机会，可以在物联网受约束的事物附近部署边缘设备，这些设备可以充当它们与云资源，服务或应用程序之间的逻辑中介或代理。这项工作提出了一种基于边缘的授权委托（不具有加密功能），用于受约束的设备（基于OAuth 2.0和CoAP（受约束的应用协议）），这些规范和协议被广泛使用。所提出的解决方案基于三个不同的角色，允许受限设备自动注册，对云中部署的资源的授权访问和漫游。此外，使用真正的智能农业案例研究对提出的解决方案进行了验证和评估。