The need to establish a secure communication for most applications of Internet of Things (IoT) has become increasingly crucial. Nevertheless, one of the major issues of such networks is how to establish cryptographic keys between all IoT objects to ensure secure data exchange. Several key management schemes have been suggested in the literature to achieve this goal, but they must be revised and innovated, while taking into account the limited resources of IoT objects. Likewise, the IoT presents a system where objects belonging to the physical world, are connected to the Internet, and have the capacity to measure, communicate, and act around all over the world. Nevertheless, some information available to IoT objects is private, hence the need to ensure an access control whose aim is to guarantee that the information be accessible only to those whose the access is allowed. In this paper, we propose a scheme involving two basic modules, namely key management, and access control. The key management module is designed to ensure both the generation and storage of symmetric keys for IoT objects in a completely distributed manner without resorting to a central authority. In contrast, the access control module is used to impose an access control policy so as to prevent unauthorized access to services provided by a particular IoT object. The latter is ensured thanks to the existing cooperation between the TGOs servers of different domains in the IoT. Through assessments based on security analysis, we demonstrate that the proposed scheme is more secure than the existing ones. Simulations were also performed to validate the proposed solution by comparing it with some relevant concurrent schemes. The obtained results are not only encouraging, but also very favorable for the proposed scheme.

为大多数物联网（IoT）应用建立安全通信的需求变得越来越重要。尽管如此，此类网络的主要问题之一是如何在所有IoT对象之间建立加密密钥以确保安全的数据交换。文献中已经提出了几种关键管理方案来实现这一目标，但是必须考虑到物联网对象的有限资源，对它们进行修订和创新。同样，物联网提供了一个系统，在该系统中，属于物理世界的对象已连接到Internet，并具有在全世界范围内进行测量，通信和采取行动的能力。不过，物联网对象可用的某些信息是私有的，因此，需要确保一种访问控制，其目的是保证只有允许访问的人员才能访问该信息。在本文中，我们提出了一个包含两个基本模块的方案，即密钥管理和访问控制。密钥管理模块旨在确保以完全分布式的方式确保物联网对象对称密钥的生成和存储，而无需借助中央权限。相反，访问控制模块用于实施访问控制策略，以防止对特定物联网对象提供的服务进行未经授权的访问。借助物联网中不同域的TGO服务器之间的现有合作，确保了后者。通过基于安全性分析的评估，我们证明了该方案比现有方案更安全。通过与一些相关的并行方案进行比较，还进行了仿真以验证所提出的解决方案。获得的结果不仅令人鼓舞，而且对拟议的计划也非常有利。